Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d63cd7b-5f9f-40bd-a7d4-e2a1d5ca5822.roa
File: 9d63cd7b-5f9f-40bd-a7d4-e2a1d5ca5822.roa (raw, json)
Hash identifier: iG1SKEnFaUYfpmv3zDyLigwge+4fuXum3P8x6zK/v/M=
Subject key identifier: 3D:3D:CC:DA:F0:F8:85:30:96:9E:33:80:C1:C3:28:1C:1C:A3:65:07
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 66D6CCFE7677B1D56984D300B56826282BBA3D96
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d63cd7b-5f9f-40bd-a7d4-e2a1d5ca5822.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.151.128.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d6:cc:fe:76:77:b1:d5:69:84:d3:00:b5:68:26:28:2b:ba:3d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=57298ad713b96228470011d2930266f5e66e56037c8746aa2cf535b52a8c3fab, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:62:7d:db:b4:f2:d5:82:ac:d0:9e:cf:64:da:
25:da:6e:b8:27:77:e1:c1:92:07:b6:7f:05:3d:72:
22:a2:08:53:68:26:9e:4f:f4:bd:60:c5:c6:eb:83:
1f:07:52:be:5a:50:32:6c:db:9b:f8:c3:fb:e4:b9:
44:15:68:d6:90:f5:87:58:76:45:39:d9:d1:09:18:
d6:a4:f6:54:02:c5:e8:96:e7:8f:46:6c:f3:02:37:
6d:81:be:e6:38:68:b7:85:a3:36:86:3a:b2:44:17:
2a:2c:9b:03:1f:28:7f:79:e1:1a:06:ef:cf:5d:f9:
86:69:d7:45:8d:51:82:85:4d:93:b1:68:a1:fc:d0:
93:a9:b1:5c:f1:44:17:49:1a:3d:8f:70:18:37:7b:
ea:70:a5:eb:d5:b7:ec:a5:53:a7:5b:72:37:14:ad:
b1:05:3d:5e:4d:4d:ee:57:b4:a1:c2:02:d0:4e:47:
0f:84:f1:4f:00:df:b1:f6:e5:b6:d7:0a:f5:96:b6:
0f:28:4e:9d:c9:bd:20:a1:43:ec:ae:5a:b7:b9:a2:
4c:f6:f4:fc:8c:4e:b5:98:b8:8a:2f:46:08:61:3c:
de:94:e5:8e:8d:fe:1a:ae:5c:38:58:e2:ad:5b:09:
8c:8e:6d:40:17:fa:74:8d:3a:68:ab:e1:36:23:d8:
b5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3D:CC:DA:F0:F8:85:30:96:9E:33:80:C1:C3:28:1C:1C:A3:65:07
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d63cd7b-5f9f-40bd-a7d4-e2a1d5ca5822.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.151.128.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:8f:68:b5:7a:95:f1:aa:67:b9:15:47:78:1e:f8:00:53:cd:
fc:97:ba:d2:a9:c5:3a:42:0e:48:8f:bc:18:b3:b6:c9:fc:79:
c3:61:c5:f3:41:44:ce:31:6b:0a:c2:be:93:96:c6:83:24:bf:
77:92:b4:46:f7:a6:0f:68:c5:96:50:19:a3:e4:7f:ab:f5:51:
82:91:2b:b8:23:0f:3a:b7:be:ec:3d:b0:9a:33:03:41:f4:9b:
72:bb:e1:ce:28:e6:71:bc:8e:aa:a0:4e:0e:5a:4f:99:b1:6c:
5e:5b:71:98:16:24:43:6b:a2:76:10:af:d6:5f:f5:1c:29:c6:
40:1a:80:36:00:c6:e2:00:81:36:bc:06:71:08:18:12:13:f2:
fa:40:42:7a:c6:47:39:89:9f:7f:c6:a8:64:fd:fa:36:c8:15:
87:14:aa:0f:52:be:66:8e:04:ef:17:6e:be:35:66:7a:b3:51:
c2:1a:cf:66:ad:31:6e:f0:02:00:be:ac:95:8c:69:61:d4:73:
e7:ed:41:96:d0:09:01:ca:a7:93:7f:15:48:e3:1d:64:d9:93:
5c:19:e8:a6:07:7e:8d:f5:63:3d:b6:89:59:34:d8:53:cb:53:
0e:17:9b:d6:7d:40:48:51:11:df:92:bb:a2:7d:a5:99:65:c8:
7e:c3:17:d0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZtbM/nZ3sdVphNMAtWgmKCu6PZYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI4MDAwMDAwWhcNMjUwMzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NzI5OGFkNzEzYjk2MjI4NDcwMDExZDI5MzAyNjZmNWU2
NmU1NjAzN2M4NzQ2YWEyY2Y1MzViNTJhOGMzZmFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOYn3btPLVgqzQns9k2iXabrgnd+HBkge2fwU9ciKiCFNo
Jp5P9L1gxcbrgx8HUr5aUDJs25v4w/vkuUQVaNaQ9YdYdkU52dEJGNak9lQCxeiW
549GbPMCN22BvuY4aLeFozaGOrJEFyosmwMfKH954RoG789d+YZp10WNUYKFTZOx
aKH80JOpsVzxRBdJGj2PcBg3e+pwpevVt+ylU6dbcjcUrbEFPV5NTe5XtKHCAtBO
Rw+E8U8A37H25bbXCvWWtg8oTp3JvSChQ+yuWre5okz29PyMTrWYuIovRghhPN6U
5Y6N/hquXDhY4q1bCYyObUAX+nSNOmir4TYj2LXjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPT3M2vD4hTCWnjOAwcMoHByjZQcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkNjNjZDdiLTVmOWYtNDBiZC1hN2Q0LWUyYTFkNWNhNTgyMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl4AwDQYJKoZIhvcNAQELBQADggEBAIuPaLV6lfGqZ7kVR3ge+ABTzfyX
utKpxTpCDkiPvBiztsn8ecNhxfNBRM4xawrCvpOWxoMkv3eStEb3pg9oxZZQGaPk
f6v1UYKRK7gjDzq3vuw9sJozA0H0m3K74c4o5nG8jqqgTg5aT5mxbF5bcZgWJENr
onYQr9Zf9RwpxkAagDYAxuIAgTa8BnEIGBIT8vpAQnrGRzmJn3/GqGT9+jbIFYcU
qg9SvmaOBO8Xbr41ZnqzUcIaz2atMW7wAgC+rJWMaWHUc+ftQZbQCQHKp5N/FUjj
HWTZk1wZ6KYHfo31Yz22iVk02FPLUw4Xm9Z9QEhREd+Su6J9pZllyH7DF9A=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:43:44 2025 by rpki-client