Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abd74f01-0844-40c3-b6e5-ef0435c0830c.roa
File: abd74f01-0844-40c3-b6e5-ef0435c0830c.roa (raw, json)
Hash identifier: 1fNA8OblfKQX+zePVFgSpvBotfJUUUS3XdB/z8+Po7c=
Subject key identifier: 71:39:AF:F7:EF:F3:98:9E:F6:44:7F:49:37:30:87:F3:06:C5:4D:D9
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 07568E89BC4A97FBA5BF9882AE5FAEB9B18504C7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abd74f01-0844-40c3-b6e5-ef0435c0830c.roa
Signing time: Fri 17 Jan 2025 00:00:00 +0000
ROA not before: Fri 17 Jan 2025 00:00:00 +0000
ROA not after: Fri 21 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f60:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:56:8e:89:bc:4a:97:fb:a5:bf:98:82:ae:5f:ae:b9:b1:85:04:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 17 00:00:00 2025 GMT
Not After : Feb 21 23:59:59 2025 GMT
Subject: serialNumber=77a40c472022423ca2a674195c665f3e3a6c2a3ca61b4d48adaf77bee864ae1d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:28:2b:cf:b6:0f:4b:57:9e:db:19:06:35:
9d:98:4f:00:c8:98:93:96:41:e4:57:87:cc:4a:d4:
c2:83:b6:88:b9:c4:c8:30:90:a5:52:38:5b:e3:51:
74:6b:73:02:6e:5f:fd:b4:57:75:2a:46:0a:06:7b:
28:53:69:68:26:31:ee:0c:c3:d5:96:08:a8:fd:52:
ac:6f:7a:04:09:59:8c:fc:31:a7:70:a9:dd:9c:5c:
e8:31:44:fa:36:d2:24:f0:e4:3f:99:1c:d6:c0:a5:
1a:56:92:26:29:53:8a:cd:7d:1d:67:42:bb:a6:1b:
88:ed:75:5c:10:93:d5:d9:18:98:85:36:60:2a:c9:
80:7e:be:84:b7:83:98:d1:98:71:69:8c:3e:da:40:
d8:bf:a3:26:9e:f4:1c:fa:b8:b4:f2:9a:cd:63:d2:
ca:e1:af:d5:9d:2b:51:f3:e8:54:33:06:d4:b1:20:
be:85:13:7c:77:91:1f:4e:4d:60:a7:82:4f:98:08:
ab:5a:dc:20:08:5d:47:28:c9:d8:a9:4c:fe:fb:1a:
f8:0a:48:f1:de:fa:b9:b5:54:17:ad:e9:35:d3:3d:
53:57:16:55:b3:1e:9f:36:b7:1c:d8:4a:7b:a4:92:
15:c1:fd:99:34:18:48:0d:57:46:32:d9:0e:f2:c9:
89:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:39:AF:F7:EF:F3:98:9E:F6:44:7F:49:37:30:87:F3:06:C5:4D:D9
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abd74f01-0844-40c3-b6e5-ef0435c0830c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f60:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:a7:8c:1b:72:0d:84:dd:fb:50:7d:53:88:00:79:ba:f8:9c:
39:c1:b9:b4:d8:b2:84:60:d2:e6:b4:01:12:43:b2:e3:21:4e:
a3:fd:ae:a8:d7:af:a1:eb:02:d9:50:3d:05:d2:b4:db:0d:09:
26:a4:e4:30:2a:b8:02:7f:99:18:1a:3d:2b:a8:c2:fe:37:f6:
6c:97:19:26:4c:28:56:ab:69:5a:51:97:03:ab:c6:47:3e:e4:
31:b2:e9:fe:17:ea:dd:ec:a0:16:d2:12:02:ae:e3:84:6e:6e:
1a:10:1a:9f:fd:31:07:80:14:4a:83:99:47:91:11:5e:cc:a9:
88:5f:3c:ac:30:98:ee:f0:ef:a7:da:b0:8b:c1:b3:fd:f0:61:
ca:d9:fa:22:48:ae:4d:2f:e2:20:d9:ab:90:a3:83:c5:fd:14:
1d:6d:ec:1b:f5:18:f2:01:63:3a:5e:66:75:f7:aa:f5:bf:f0:
8f:f5:dd:9f:12:61:25:86:4b:39:25:31:e0:bc:b7:d9:c7:a6:
5d:df:dc:c1:ca:f7:36:32:f3:54:13:d3:f7:6b:2b:89:56:28:
bd:59:c7:b2:0e:25:21:fc:30:cc:ed:33:1d:ac:d8:13:21:cb:
fe:8a:e3:af:06:33:c6:c3:a9:5c:66:29:5d:32:f0:be:d7:9a:
29:2b:17:fd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUB1aOibxKl/ulv5iCrl+uubGFBMcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE3MDAwMDAwWhcNMjUwMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3N2E0MGM0NzIwMjI0MjNjYTJhNjc0MTk1YzY2NWYzZTNh
NmMyYTNjYTYxYjRkNDhhZGFmNzdiZWU4NjRhZTFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfMygrz7YPS1ee2xkGNZ2YTwDImJOWQeRXh8xK1MKDtoi5
xMgwkKVSOFvjUXRrcwJuX/20V3UqRgoGeyhTaWgmMe4Mw9WWCKj9UqxvegQJWYz8
Madwqd2cXOgxRPo20iTw5D+ZHNbApRpWkiYpU4rNfR1nQrumG4jtdVwQk9XZGJiF
NmAqyYB+voS3g5jRmHFpjD7aQNi/oyae9Bz6uLTyms1j0srhr9WdK1Hz6FQzBtSx
IL6FE3x3kR9OTWCngk+YCKta3CAIXUcoydipTP77GvgKSPHe+rm1VBet6TXTPVNX
FlWzHp82txzYSnukkhXB/Zk0GEgNV0Yy2Q7yyYlxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUcTmv9+/zmJ72RH9JNzCH8wbFTdkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiZDc0ZjAxLTA4NDQtNDBjMy1iNmU1LWVmMDQzNWMwODMwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gIDANBgkqhkiG9w0BAQsFAAOCAQEAf6eMG3INhN37UH1TiAB5uvic
OcG5tNiyhGDS5rQBEkOy4yFOo/2uqNevoesC2VA9BdK02w0JJqTkMCq4An+ZGBo9
K6jC/jf2bJcZJkwoVqtpWlGXA6vGRz7kMbLp/hfq3eygFtISAq7jhG5uGhAan/0x
B4AUSoOZR5ERXsypiF88rDCY7vDvp9qwi8Gz/fBhytn6IkiuTS/iINmrkKODxf0U
HW3sG/UY8gFjOl5mdfeq9b/wj/XdnxJhJYZLOSUx4Ly32cemXd/cwcr3NjLzVBPT
92sriVYovVnHsg4lIfwwzO0zHazYEyHL/orjrwYzxsOpXGYpXTLwvteaKSsX/Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:49:08 2025 by rpki-client