Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9bd43449-a30d-4de9-ac10-41448aff1c4a.roa
File: 9bd43449-a30d-4de9-ac10-41448aff1c4a.roa (raw, json)
Hash identifier: GX656v15LL25G4zWW2A0VPs4Td4UsmCo0blft23+lLs=
Subject key identifier: ED:E5:B4:22:3E:96:58:FD:5D:24:34:1B:4A:6D:25:62:2D:DE:92:AD
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4E1C65570004CA98674325D5EC2EC0ACF29BCEAB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9bd43449-a30d-4de9-ac10-41448aff1c4a.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 88.104.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:1c:65:57:00:04:ca:98:67:43:25:d5:ec:2e:c0:ac:f2:9b:ce:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=8e3eb2c9a44c76a49c05ca6441849e607ff8bdf0a746e49237f98f5def6771c9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:12:98:ed:2a:d6:5e:a6:35:e6:53:c7:16:47:
45:e7:90:55:89:f8:bd:77:98:14:e7:4d:5b:46:c0:
c4:da:41:dc:ef:97:0f:65:b4:8b:85:58:c0:4c:69:
5e:30:8f:ac:84:43:48:4b:00:cb:15:0c:bb:ea:70:
d0:46:b9:24:74:bf:b5:8c:ca:27:32:a6:2c:da:39:
e5:91:0b:e5:1c:29:ae:b7:83:6a:72:d2:34:61:3f:
04:af:3d:44:f8:80:88:e6:e0:e9:89:79:27:0d:f3:
e3:fc:8d:ff:fc:c4:16:d6:2d:1f:f9:ab:df:d7:23:
d1:06:56:e7:06:e5:2e:5b:3e:82:f2:eb:84:d0:18:
45:37:31:e9:1b:ad:8b:1d:ee:e4:6b:6c:81:24:87:
95:06:99:da:55:35:fd:fa:64:59:28:6b:d2:8d:25:
d9:48:b7:d4:1c:00:34:c4:66:cf:28:57:b6:b1:0f:
da:ac:e7:3b:aa:19:4b:28:ec:84:d7:12:8c:fb:97:
a5:4b:a7:1b:d6:97:1a:90:d3:f1:e8:93:71:de:00:
ea:bf:82:fa:8a:8e:f5:99:72:7d:49:40:67:78:05:
d0:6d:e3:1b:22:bc:66:44:2e:0f:57:66:fe:9b:e2:
fa:a1:ae:1a:69:34:e4:a3:85:a7:16:1a:41:93:9e:
29:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E5:B4:22:3E:96:58:FD:5D:24:34:1B:4A:6D:25:62:2D:DE:92:AD
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9bd43449-a30d-4de9-ac10-41448aff1c4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.104.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c1:50:a8:55:90:6b:ec:28:3f:bc:d8:5a:35:44:78:73:a5:19:
ff:18:ff:14:77:11:5f:e8:d7:d9:23:5e:09:bc:69:ed:d4:80:
ec:5c:ca:c2:df:bd:43:6c:6d:45:7b:9a:19:4e:bc:2f:e7:0e:
7c:2f:12:f1:f0:06:2f:ff:22:85:fa:16:1f:b4:5d:93:57:05:
57:2b:6a:f9:da:2e:dc:29:a3:72:2a:a7:71:76:ec:f4:61:8e:
41:0d:ed:f2:3e:ea:7c:f5:94:68:15:00:42:26:b5:b4:19:c0:
68:2b:52:23:69:e7:1e:bb:2f:0f:fd:ae:39:6c:c9:fe:3a:bd:
74:d7:50:af:46:75:5f:68:49:93:ca:36:ac:bd:b2:e1:35:2d:
ad:c3:fd:e2:bc:f7:77:80:b6:32:71:d7:94:bc:d4:e6:26:f8:
c8:c8:1b:8f:43:bf:29:a0:53:30:77:03:47:7d:eb:a2:94:6e:
06:39:be:fd:9a:0d:22:a9:aa:30:27:a0:09:df:77:35:62:ba:
71:52:a5:da:b0:0c:ff:79:75:02:d7:03:fd:8e:6d:5f:b0:8a:
5c:b9:f2:1a:7c:f5:2f:64:e8:e9:dc:51:1a:c2:60:5a:71:ff:
0f:7a:ea:75:2b:5b:df:68:3f:c2:fd:73:89:59:d4:9c:5f:21:
80:d4:f6:a0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUThxlVwAEyphnQyXV7C7ArPKbzqswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZTNlYjJjOWE0NGM3NmE0OWMwNWNhNjQ0MTg0OWU2MDdm
ZjhiZGYwYTc0NmU0OTIzN2Y5OGY1ZGVmNjc3MWM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbEpjtKtZepjXmU8cWR0XnkFWJ+L13mBTnTVtGwMTaQdzv
lw9ltIuFWMBMaV4wj6yEQ0hLAMsVDLvqcNBGuSR0v7WMyicypizaOeWRC+UcKa63
g2py0jRhPwSvPUT4gIjm4OmJeScN8+P8jf/8xBbWLR/5q9/XI9EGVucG5S5bPoLy
64TQGEU3MekbrYsd7uRrbIEkh5UGmdpVNf36ZFkoa9KNJdlIt9QcADTEZs8oV7ax
D9qs5zuqGUso7ITXEoz7l6VLpxvWlxqQ0/Hok3HeAOq/gvqKjvWZcn1JQGd4BdBt
4xsivGZELg9XZv6b4vqhrhppNOSjhacWGkGTnimDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7eW0Ij6WWP1dJDQbSm0lYi3ekq0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzliZDQzNDQ5LWEzMGQtNGRlOS1hYzEwLTQxNDQ4YWZmMWM0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwFYaDANBgkqhkiG9w0BAQsFAAOCAQEAwVCoVZBr7Cg/vNhaNUR4c6UZ/xj/
FHcRX+jX2SNeCbxp7dSA7FzKwt+9Q2xtRXuaGU68L+cOfC8S8fAGL/8ihfoWH7Rd
k1cFVytq+dou3CmjciqncXbs9GGOQQ3t8j7qfPWUaBUAQia1tBnAaCtSI2nnHrsv
D/2uOWzJ/jq9dNdQr0Z1X2hJk8o2rL2y4TUtrcP94rz3d4C2MnHXlLzU5ib4yMgb
j0O/KaBTMHcDR33ropRuBjm+/ZoNIqmqMCegCd93NWK6cVKl2rAM/3l1AtcD/Y5t
X7CKXLnyGnz1L2To6dxRGsJgWnH/D3rqdStb32g/wv1ziVnUnF8hgNT2oA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:47:53 2025 by rpki-client