Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/81d3e3cc-46e2-4979-9b16-2db16e3b9434.roa
File: 81d3e3cc-46e2-4979-9b16-2db16e3b9434.roa (raw, json)
Hash identifier: jZY3i6i5mQ1AjKtM0By15JyqrbsjYd1hBboukAdRDJU=
Subject key identifier: 6F:C5:40:E6:1F:98:FB:73:F1:D2:68:11:F2:88:FC:5D:0A:B4:18:95
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 394D1BAE6C9FAC3E2B7D99377253E08124CBB26C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/81d3e3cc-46e2-4979-9b16-2db16e3b9434.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 70.224.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:4d:1b:ae:6c:9f:ac:3e:2b:7d:99:37:72:53:e0:81:24:cb:b2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=ad7dbae5a5739352ce2659d3130ca3c271a527a10b6390d95326d0f08fb80de4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:23:6f:1d:eb:ac:54:c5:71:9e:59:e1:f1:ec:
5e:a5:55:1c:f7:48:8f:5e:df:40:f1:97:b9:e1:0d:
de:bc:53:25:ea:c1:3e:33:82:88:83:33:df:6f:0c:
a9:49:c8:a4:54:99:91:c3:ab:6e:69:01:4d:cd:d5:
c6:2a:56:00:f4:a9:02:17:21:5a:3f:e4:97:3c:04:
a3:45:00:e9:08:14:be:97:d9:87:21:ae:6a:46:5c:
d9:d4:43:71:53:b7:dd:47:96:78:27:0a:dc:bf:09:
b2:21:a2:87:cc:34:61:72:44:90:36:53:37:62:51:
fb:11:7e:d4:97:a4:03:b1:5b:71:66:dd:22:f2:40:
ef:2e:97:c7:76:4b:b6:9b:da:95:98:9c:45:95:89:
64:c1:93:51:84:88:fe:80:ac:ad:e9:f5:19:5c:2f:
43:8d:3d:d4:6b:6f:11:28:a5:8c:ec:e5:d7:c1:1e:
52:7e:5b:9d:9b:08:50:80:89:10:0a:64:9c:0e:62:
cf:e4:59:e6:56:1b:44:74:50:e8:1e:52:80:f3:01:
a4:c7:74:4c:12:41:06:c5:8e:91:f1:44:e6:4d:24:
60:cb:74:2f:a4:5f:37:5f:c3:22:c4:bc:83:ea:ae:
38:40:b9:f0:9f:ca:6f:42:55:2c:d7:82:0c:da:23:
38:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C5:40:E6:1F:98:FB:73:F1:D2:68:11:F2:88:FC:5D:0A:B4:18:95
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/81d3e3cc-46e2-4979-9b16-2db16e3b9434.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.224.192.0/24
Signature Algorithm: sha256WithRSAEncryption
52:10:93:48:44:50:80:2d:34:fc:f9:a0:3d:27:27:f0:62:53:
93:81:ac:a7:94:06:8e:f2:79:cc:36:bc:7b:c2:14:b6:6d:cc:
08:74:06:0c:b6:da:4c:58:1d:6a:c8:d1:d0:82:6e:09:f4:b8:
c2:8b:bf:c2:48:da:fc:ac:7f:36:12:f0:0f:54:8f:fd:da:76:
1c:51:12:7a:03:c7:ae:8d:4c:6f:5e:cc:db:68:4d:b4:09:fb:
d1:e4:36:75:c3:7b:81:03:b0:98:93:6f:5a:6b:91:c1:7c:2a:
b9:88:a9:94:7e:37:99:26:9f:bc:59:d7:21:f7:ce:3a:7f:2c:
7b:7f:76:c1:50:46:28:d2:2d:0c:be:0c:0a:a8:41:8b:7c:70:
f4:a6:cc:8f:d3:21:73:4f:ba:47:ce:31:24:8c:e8:fd:af:57:
f4:be:ba:d9:0b:2f:6d:24:92:ef:f3:b3:cf:8d:50:ff:ae:1b:
9d:17:5e:e5:f5:ec:63:d0:8a:d6:dd:cb:00:c4:2f:f0:7a:ef:
59:b3:01:30:94:07:bd:e6:67:be:e5:6f:db:4b:92:30:a5:ad:
28:ba:5c:c1:aa:f1:75:0a:e8:f5:cc:79:18:02:67:78:59:10:
ad:ee:dc:a3:67:e1:69:f4:71:3e:a4:5c:af:51:27:3f:88:c0:
4a:05:11:14
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOU0brmyfrD4rfZk3clPggSTLsmwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDdkYmFlNWE1NzM5MzUyY2UyNjU5ZDMxMzBjYTNjMjcx
YTUyN2ExMGI2MzkwZDk1MzI2ZDBmMDhmYjgwZGU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmI28d66xUxXGeWeHx7F6lVRz3SI9e30Dxl7nhDd68UyXq
wT4zgoiDM99vDKlJyKRUmZHDq25pAU3N1cYqVgD0qQIXIVo/5Jc8BKNFAOkIFL6X
2YchrmpGXNnUQ3FTt91HlngnCty/CbIhoofMNGFyRJA2UzdiUfsRftSXpAOxW3Fm
3SLyQO8ul8d2S7ab2pWYnEWViWTBk1GEiP6ArK3p9RlcL0ONPdRrbxEopYzs5dfB
HlJ+W52bCFCAiRAKZJwOYs/kWeZWG0R0UOgeUoDzAaTHdEwSQQbFjpHxROZNJGDL
dC+kXzdfwyLEvIPqrjhAufCfym9CVSzXggzaIzjXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUb8VA5h+Y+3Px0mgR8oj8XQq0GJUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgxZDNlM2NjLTQ2ZTItNDk3OS05YjE2LTJkYjE2ZTNiOTQzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABG4MAwDQYJKoZIhvcNAQELBQADggEBAFIQk0hEUIAtNPz5oD0nJ/BiU5OB
rKeUBo7yecw2vHvCFLZtzAh0Bgy22kxYHWrI0dCCbgn0uMKLv8JI2vysfzYS8A9U
j/3adhxREnoDx66NTG9ezNtoTbQJ+9HkNnXDe4EDsJiTb1prkcF8KrmIqZR+N5km
n7xZ1yH3zjp/LHt/dsFQRijSLQy+DAqoQYt8cPSmzI/TIXNPukfOMSSM6P2vV/S+
utkLL20kku/zs8+NUP+uG50XXuX17GPQitbdywDEL/B671mzATCUB73mZ77lb9tL
kjClrSi6XMGq8XUK6PXMeRgCZ3hZEK3u3KNn4Wn0cT6kXK9RJz+IwEoFERQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:05:36 2025 by rpki-client