Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/703d892d-ff7a-4463-88f7-014e2ca759c0.roa
File: 703d892d-ff7a-4463-88f7-014e2ca759c0.roa (raw, json)
Hash identifier: OD93IYOIE9v7FrXLGCrAX4odx2LMDr4IRDp+LJjz4G8=
Subject key identifier: 7E:BE:79:59:CD:F7:16:34:EF:EA:E8:93:83:9E:F8:BF:21:B0:B6:DB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 06BF12A36C846A2D7F5B39F7BF5F3A721D11A636
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/703d892d-ff7a-4463-88f7-014e2ca759c0.roa
Signing time: Tue 21 Jan 2025 00:00:00 +0000
ROA not before: Tue 21 Jan 2025 00:00:00 +0000
ROA not after: Tue 25 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.91.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:bf:12:a3:6c:84:6a:2d:7f:5b:39:f7:bf:5f:3a:72:1d:11:a6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 21 00:00:00 2025 GMT
Not After : Feb 25 23:59:59 2025 GMT
Subject: serialNumber=b71a72053601a767e0defe3919e90a80e3f813cd639556fb3791d59aad5a8c4d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c3:de:a6:27:4b:8c:27:43:4b:0d:f9:0b:6d:
f2:2c:0a:1a:48:10:2d:54:f0:9f:78:6f:84:91:28:
6d:9e:ca:f9:93:c6:fc:ab:69:a2:60:59:67:c3:42:
26:60:90:a0:f5:5a:b2:e8:81:0f:85:eb:67:25:78:
c3:86:d2:b3:84:90:0a:2f:55:20:dd:0f:be:d4:cc:
69:db:de:54:fc:66:5e:4b:f0:f6:33:e1:46:12:74:
00:f3:d2:35:af:f3:95:75:d2:f6:40:dd:78:6d:ab:
24:3f:3a:da:7f:86:d1:83:68:45:be:92:81:29:c3:
1c:77:7b:56:8c:c8:b0:9f:14:09:60:d9:1a:72:62:
a1:29:40:8b:81:1c:c7:d9:44:da:b0:dd:f8:c5:da:
ad:9e:30:76:e3:ba:5a:d0:9f:dd:62:08:08:51:cf:
01:5c:0b:83:ea:e3:f9:84:9a:15:64:cb:dc:5b:de:
03:93:39:66:25:74:9f:51:f4:b9:39:5b:bc:7f:f5:
86:e1:52:14:14:66:c5:53:bf:13:31:b7:83:20:17:
4c:cf:26:03:ae:e0:00:a9:eb:95:7d:43:d9:02:1d:
d8:c0:41:61:d2:17:5f:11:34:70:33:1d:bc:c9:3a:
fc:0f:c5:57:23:5b:6a:6c:39:57:fc:23:7a:d6:a4:
43:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:BE:79:59:CD:F7:16:34:EF:EA:E8:93:83:9E:F8:BF:21:B0:B6:DB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/703d892d-ff7a-4463-88f7-014e2ca759c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.91.128.0/18
Signature Algorithm: sha256WithRSAEncryption
42:95:39:37:87:1b:ea:76:8d:b8:fd:13:ee:44:cf:7f:7d:ad:
0d:41:87:80:58:27:77:f2:5a:27:f0:57:de:af:b9:6b:cb:22:
29:b1:c8:85:c5:7e:9e:1a:56:95:fa:98:27:dc:c7:fc:52:f4:
d8:4c:f4:73:72:14:aa:bb:b1:f7:a4:a6:b7:ac:79:ef:34:14:
ca:37:25:50:77:db:b1:14:ab:73:eb:9b:d4:39:f2:b2:0e:24:
8c:9d:0f:60:57:61:b3:c3:d4:dd:7b:fa:2c:2b:ff:39:58:eb:
5b:b1:69:2d:a8:f1:3a:8e:27:6a:b5:53:f9:c2:88:c1:fa:55:
6d:31:3a:a2:c3:68:f3:cf:90:c4:8c:e0:b1:2f:bb:e5:98:32:
5f:2d:55:d2:92:42:16:92:c1:db:4d:61:a4:66:c0:7e:bb:b1:
1f:87:95:66:a1:64:49:61:a2:bc:d7:d0:9e:f9:b8:28:3f:af:
e6:d3:64:95:c7:20:fe:eb:a8:6c:49:73:dd:e1:c6:60:19:31:
38:0e:95:39:6e:87:23:47:92:53:60:e7:02:e5:4c:d1:3b:3f:
81:f0:af:80:db:b5:2c:2b:2e:7a:3d:6d:e0:9d:26:bf:d3:3d:
d4:f0:6c:3d:d2:d2:43:33:7d:13:fd:bb:78:c2:c1:ed:0b:a9:
66:81:66:0c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBr8So2yEai1/Wzn3v186ch0RpjYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzFhNzIwNTM2MDFhNzY3ZTBkZWZlMzkxOWU5MGE4MGUz
ZjgxM2NkNjM5NTU2ZmIzNzkxZDU5YWFkNWE4YzRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4w96mJ0uMJ0NLDfkLbfIsChpIEC1U8J94b4SRKG2eyvmT
xvyraaJgWWfDQiZgkKD1WrLogQ+F62cleMOG0rOEkAovVSDdD77UzGnb3lT8Zl5L
8PYz4UYSdADz0jWv85V10vZA3XhtqyQ/Otp/htGDaEW+koEpwxx3e1aMyLCfFAlg
2RpyYqEpQIuBHMfZRNqw3fjF2q2eMHbjulrQn91iCAhRzwFcC4Pq4/mEmhVky9xb
3gOTOWYldJ9R9Lk5W7x/9YbhUhQUZsVTvxMxt4MgF0zPJgOu4ACp65V9Q9kCHdjA
QWHSF18RNHAzHbzJOvwPxVcjW2psOVf8I3rWpENDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfr55Wc33FjTv6uiTg574vyGwttswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcwM2Q4OTJkLWZmN2EtNDQ2My04OGY3LTAxNGUyY2E3NTljMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZAW4AwDQYJKoZIhvcNAQELBQADggEBAEKVOTeHG+p2jbj9E+5Ez399rQ1B
h4BYJ3fyWifwV96vuWvLIimxyIXFfp4aVpX6mCfcx/xS9NhM9HNyFKq7sfekpres
ee80FMo3JVB327EUq3Prm9Q58rIOJIydD2BXYbPD1N17+iwr/zlY61uxaS2o8TqO
J2q1U/nCiMH6VW0xOqLDaPPPkMSM4LEvu+WYMl8tVdKSQhaSwdtNYaRmwH67sR+H
lWahZElhorzX0J75uCg/r+bTZJXHIP7rqGxJc93hxmAZMTgOlTluhyNHklNg5wLl
TNE7P4Hwr4DbtSwrLno9beCdJr/TPdTwbD3S0kMzfRP9u3jCwe0LqWaBZgw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:43:27 2025 by rpki-client