Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98ea8b19-19ae-4a45-aa98-80e4965132fe.roa
File: 98ea8b19-19ae-4a45-aa98-80e4965132fe.roa (raw, json)
Hash identifier: hhMJRgKRN74JXHbDL0KMfewpZWe8CJSbmktTSNYa3O8=
Subject key identifier: F2:9F:C7:5E:AC:18:AA:C6:65:CF:7F:F4:65:D7:AA:0A:65:9C:EA:68
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 628ADD8966B892477734180B65C461F5991BD9E0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98ea8b19-19ae-4a45-aa98-80e4965132fe.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f69:c000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:8a:dd:89:66:b8:92:47:77:34:18:0b:65:c4:61:f5:99:1b:d9:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=0f3f9b2c7ce8c62d908297e27659a0f78ba4b8170a0f3344da4d2b521bacc57f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e8:be:60:3c:08:39:07:40:d5:3f:d3:e9:6a:
6e:5b:d7:05:ad:47:64:8f:15:ec:3c:5d:ad:f6:0e:
f3:8d:3c:bc:a2:a9:13:dd:be:03:da:39:9a:49:27:
d4:60:c3:b8:57:ab:db:c2:d3:ab:5b:42:7b:5d:f1:
2e:d2:68:c1:10:3a:19:5c:4a:f1:50:39:0a:3e:44:
4f:c6:49:87:bf:02:ab:0e:de:c2:9f:4f:53:f9:ac:
db:57:eb:79:98:e8:7b:5c:86:dc:56:76:d6:89:b1:
59:b0:22:16:22:7d:a6:6b:5e:8e:83:35:eb:fc:c7:
7d:c3:ad:24:56:2c:3c:39:13:d3:33:4a:d2:75:67:
99:92:6c:b9:cd:28:7a:01:d6:38:8f:9b:3f:16:3a:
a3:cf:40:63:5d:9b:01:2a:ad:d3:98:de:3e:2e:b5:
cf:4f:70:f8:49:22:c9:b1:f8:7f:c4:c5:9d:97:3a:
8d:7d:5e:c3:33:dc:1c:9a:b9:9b:70:e1:41:fa:ca:
8f:ef:01:44:a4:e4:83:88:59:e0:0d:02:49:6b:06:
df:a5:30:3d:08:b3:d2:8e:ac:51:71:4d:b4:65:2e:
80:a2:da:c6:10:c4:04:c1:08:c6:94:2f:21:c2:42:
f9:f0:65:34:76:71:15:df:e6:7b:b0:eb:8e:06:e1:
4c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9F:C7:5E:AC:18:AA:C6:65:CF:7F:F4:65:D7:AA:0A:65:9C:EA:68
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98ea8b19-19ae-4a45-aa98-80e4965132fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f69:c000::/40
Signature Algorithm: sha256WithRSAEncryption
66:fa:6b:fc:a1:92:6e:e7:2a:97:96:ee:51:c2:57:31:14:12:
d9:2b:c4:c5:d4:3b:38:b7:c8:fe:f1:d8:48:1e:44:84:de:30:
5b:7e:3e:18:20:17:01:20:eb:2e:99:c0:5b:92:25:ac:45:41:
c3:f8:df:9f:30:d9:5e:5b:46:c8:28:30:ae:de:2e:06:ff:0c:
13:e2:ec:8c:cc:9c:a8:cd:37:bc:9e:e1:88:29:7f:96:99:ae:
69:f0:65:7e:03:7e:f3:79:fe:23:c5:89:55:87:27:b3:66:c3:
eb:09:b6:ac:e1:6c:24:23:a4:e2:35:0e:6d:77:c4:55:97:9d:
0f:f7:99:d1:c4:a0:4d:73:18:79:b0:b1:c2:c2:12:d5:5a:69:
d0:e4:bc:d8:6a:62:a4:e9:32:c3:5f:3d:7a:52:72:c2:a0:fc:
3d:49:54:84:77:cc:ef:b8:49:3b:84:26:59:06:05:43:77:e8:
c3:84:99:a1:c8:6c:c5:e5:21:ca:47:6f:bb:27:bf:e1:9c:54:
1f:81:63:d5:f9:2e:ef:3d:08:12:3a:83:d2:cf:94:3c:fc:75:
dc:23:33:ff:ee:a1:2b:20:71:a5:d3:d7:22:32:19:ad:f6:58:
0e:4c:c6:3e:ae:d4:63:e9:1b:9b:26:98:84:2a:5e:26:49:2c:
4c:1e:e1:12
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYordiWa4kkd3NBgLZcRh9Zkb2eAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA4MDAwMDAwWhcNMjUwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZjNmOWIyYzdjZThjNjJkOTA4Mjk3ZTI3NjU5YTBmNzhi
YTRiODE3MGEwZjMzNDRkYTRkMmI1MjFiYWNjNTdmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDy6L5gPAg5B0DVP9Ppam5b1wWtR2SPFew8Xa32DvONPLyi
qRPdvgPaOZpJJ9Rgw7hXq9vC06tbQntd8S7SaMEQOhlcSvFQOQo+RE/GSYe/AqsO
3sKfT1P5rNtX63mY6HtchtxWdtaJsVmwIhYifaZrXo6DNev8x33DrSRWLDw5E9Mz
StJ1Z5mSbLnNKHoB1jiPmz8WOqPPQGNdmwEqrdOY3j4utc9PcPhJIsmx+H/ExZ2X
Oo19XsMz3ByauZtw4UH6yo/vAUSk5IOIWeANAklrBt+lMD0Is9KOrFFxTbRlLoCi
2sYQxATBCMaULyHCQvnwZTR2cRXf5nuw644G4UzdAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU8p/HXqwYqsZlz3/0ZdeqCmWc6mgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4ZWE4YjE5LTE5YWUtNGE0NS1hYTk4LTgwZTQ5NjUxMzJmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9pwDANBgkqhkiG9w0BAQsFAAOCAQEAZvpr/KGSbucql5buUcJXMRQS
2SvExdQ7OLfI/vHYSB5EhN4wW34+GCAXASDrLpnAW5IlrEVBw/jfnzDZXltGyCgw
rt4uBv8ME+LsjMycqM03vJ7hiCl/lpmuafBlfgN+83n+I8WJVYcns2bD6wm2rOFs
JCOk4jUObXfEVZedD/eZ0cSgTXMYebCxwsIS1Vpp0OS82GpipOkyw189elJywqD8
PUlUhHfM77hJO4QmWQYFQ3fow4SZochsxeUhykdvuye/4ZxUH4Fj1fku7z0IEjqD
0s+UPPx13CMz/+6hKyBxpdPXIjIZrfZYDkzGPq7UY+kbmyaYhCpeJkksTB7hEg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:46:52 2025 by rpki-client