Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89bf0d24-c4a8-4cec-aaab-f602731068f9.roa
File: 89bf0d24-c4a8-4cec-aaab-f602731068f9.roa (raw, json)
Hash identifier: xhCL3tt4ktjGdOFJoNiaJwQIeM8kufrfbqt3I5TQmBY=
Subject key identifier: 97:1E:5E:65:18:EF:9B:25:B1:02:4D:16:34:A1:FD:8D:62:DB:7A:41
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 012C3EDFC125DA755D36569C82C41B284C052A33
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89bf0d24-c4a8-4cec-aaab-f602731068f9.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ff2:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:2c:3e:df:c1:25:da:75:5d:36:56:9c:82:c4:1b:28:4c:05:2a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=49ac12b4acfdb5cf853bed74b6a9fcf4a65b21444b7894a9b0cec61d58aedd05, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c3:9f:5e:f6:1e:00:29:81:1c:08:30:84:fa:
53:6b:ff:c3:cc:2f:c9:44:d4:32:a2:79:bc:ca:27:
30:0c:6e:ba:04:35:21:57:df:5d:67:50:e0:8b:09:
69:ce:c6:6d:36:16:99:02:1f:00:2d:7f:1e:62:cd:
14:36:bc:3e:80:4d:85:e4:ac:da:b3:ef:a3:3d:6b:
ef:a4:c0:60:62:ca:42:9c:81:5f:bf:f7:d4:70:04:
bd:50:18:b5:39:fc:a2:0f:61:af:e2:e4:68:66:e4:
60:bd:e7:44:6b:55:39:de:84:d4:0f:8a:ca:ff:cf:
fa:61:1b:00:da:fe:78:da:38:53:1e:f3:81:bc:0b:
2a:dc:b5:e9:83:ac:c3:63:4f:57:e1:df:cd:ed:60:
7a:5b:b1:96:c7:ce:29:7d:03:1c:42:fe:0c:d2:de:
5c:11:8e:d7:4d:6d:c9:9e:68:23:4c:0b:ec:d1:6d:
c5:e6:ed:af:53:d2:8c:6a:60:d2:25:e9:b5:b0:f8:
d9:ed:84:4a:32:1b:da:01:89:7e:9b:fe:7e:ee:5a:
61:49:09:9e:da:3e:e7:56:09:31:a0:4a:7c:52:7f:
2b:76:12:e1:7b:32:98:9a:96:aa:78:51:c0:83:2b:
fe:0c:6a:c8:b5:27:ac:48:d4:82:9f:b5:ad:d0:27:
32:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1E:5E:65:18:EF:9B:25:B1:02:4D:16:34:A1:FD:8D:62:DB:7A:41
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89bf0d24-c4a8-4cec-aaab-f602731068f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff2:6000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:41:94:df:80:ee:90:c3:73:ed:8e:7d:66:ac:0d:16:7f:7e:
8f:72:93:5f:8b:2f:ca:43:89:98:3f:df:22:f5:6b:5d:2f:eb:
ef:4a:7e:cd:fd:53:05:32:bd:50:34:ac:0c:40:39:c4:6a:ee:
0b:9c:a3:dc:46:58:ee:f1:07:c6:3c:98:11:c6:fb:f2:c7:2e:
9f:4d:0d:38:c7:4b:82:33:86:ef:ef:e6:89:0f:7e:b2:a4:6d:
aa:69:9f:36:1f:a9:95:50:2e:74:fe:b6:b4:48:94:f3:61:08:
e0:97:44:5a:71:c3:b2:4b:f7:77:d3:91:c7:e6:d6:45:1c:bd:
2e:d0:89:2f:35:92:90:b4:92:48:55:33:4c:a1:0d:12:fd:c4:
be:f2:af:86:4d:c7:29:db:bd:4e:58:e4:81:d3:8c:bd:fc:16:
3d:b9:41:53:81:1b:78:e1:2e:ba:c1:cc:68:60:99:88:80:23:
85:bf:22:e6:79:76:41:4e:5a:4e:ef:06:c7:a9:9b:90:ea:89:
0c:e7:bb:72:f6:3b:90:1d:4b:23:2d:66:9d:e4:a4:26:d1:5f:
b4:99:e3:8b:3c:3b:28:eb:9f:5d:4b:05:e6:f1:fc:de:08:a1:
40:87:b5:ad:c0:59:6f:e6:40:71:64:bb:86:a0:ac:89:36:2d:
4e:12:20:29
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUASw+38El2nVdNlacgsQbKEwFKjMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWFjMTJiNGFjZmRiNWNmODUzYmVkNzRiNmE5ZmNmNGE2
NWIyMTQ0NGI3ODk0YTliMGNlYzYxZDU4YWVkZDA1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4w59e9h4AKYEcCDCE+lNr/8PML8lE1DKiebzKJzAMbroE
NSFX311nUOCLCWnOxm02FpkCHwAtfx5izRQ2vD6ATYXkrNqz76M9a++kwGBiykKc
gV+/99RwBL1QGLU5/KIPYa/i5Ghm5GC950RrVTnehNQPisr/z/phGwDa/njaOFMe
84G8CyrctemDrMNjT1fh383tYHpbsZbHzil9AxxC/gzS3lwRjtdNbcmeaCNMC+zR
bcXm7a9T0oxqYNIl6bWw+NnthEoyG9oBiX6b/n7uWmFJCZ7aPudWCTGgSnxSfyt2
EuF7Mpialqp4UcCDK/4Masi1J6xI1IKfta3QJzJBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUlx5eZRjvmyWxAk0WNKH9jWLbekEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg5YmYwZDI0LWM0YTgtNGNlYy1hYWFiLWY2MDI3MzEwNjhmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/yYDANBgkqhkiG9w0BAQsFAAOCAQEAykGU34DukMNz7Y59ZqwNFn9+
j3KTX4svykOJmD/fIvVrXS/r70p+zf1TBTK9UDSsDEA5xGruC5yj3EZY7vEHxjyY
Ecb78scun00NOMdLgjOG7+/miQ9+sqRtqmmfNh+plVAudP62tEiU82EI4JdEWnHD
skv3d9ORx+bWRRy9LtCJLzWSkLSSSFUzTKENEv3EvvKvhk3HKdu9TljkgdOMvfwW
PblBU4EbeOEuusHMaGCZiIAjhb8i5nl2QU5aTu8Gx6mbkOqJDOe7cvY7kB1LIy1m
neSkJtFftJnjizw7KOufXUsF5vH83gihQIe1rcBZb+ZAcWS7hqCsiTYtThIgKQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:29:16 2025 by rpki-client