Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1cdc996-d9de-4ebc-9b37-048cf0e36669.roa
File: b1cdc996-d9de-4ebc-9b37-048cf0e36669.roa (raw, json)
Hash identifier: tVHs5+8oEsTqGg1BNnn3i+iFCvlALe9jNKFBvftTKxc=
Subject key identifier: DF:78:80:B2:46:BE:6E:CB:A9:D7:D7:B1:52:3D:1D:BF:44:0F:44:41
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5214B058856D39802D27E602456CD8E3EAF14770
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1cdc996-d9de-4ebc-9b37-048cf0e36669.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ffb:c040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:14:b0:58:85:6d:39:80:2d:27:e6:02:45:6c:d8:e3:ea:f1:47:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a60c8d667cc3d09860e533576de59bba181d1b60277e13c0d096f217e11447a4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c4:3f:70:1e:2e:91:2c:11:3c:08:18:6d:e1:
11:93:b7:f8:66:75:f3:47:86:b3:3a:e1:59:b9:c0:
26:64:c8:d9:8a:d7:49:e2:f6:e8:8e:08:0f:01:ac:
49:21:a2:49:70:36:ef:8d:6d:ad:f3:b3:c8:dd:b8:
17:db:2b:90:53:0a:71:12:62:c7:09:0d:f2:d6:f0:
94:44:06:b2:6b:d4:e4:75:74:db:d3:ce:20:47:21:
f6:91:c6:ec:37:aa:5c:fe:0b:a0:0a:79:55:e3:9c:
59:3f:84:9f:c1:f4:78:7e:05:1e:95:26:78:06:90:
28:c4:21:b1:35:d5:fe:0b:03:53:78:a6:d9:99:37:
82:6b:ca:5e:55:bf:5e:b5:07:f3:3e:41:41:19:79:
d3:fe:6c:04:fb:b1:19:88:ac:c5:cc:3f:f5:16:97:
6e:65:4d:e4:3b:1f:f0:e9:d7:fe:73:4c:04:5d:8f:
e7:58:b0:40:72:0b:7c:e7:12:9c:8f:29:fb:9f:d0:
b7:1b:10:fa:a2:5e:1c:5e:32:d2:31:28:ee:52:dc:
4d:b0:83:0c:f0:24:ab:d4:eb:dd:e4:29:08:e3:e1:
e1:1c:66:c1:89:55:63:75:50:46:b4:ec:92:59:6c:
ed:83:6f:63:51:23:cd:7a:e6:27:27:b8:1c:b9:72:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:78:80:B2:46:BE:6E:CB:A9:D7:D7:B1:52:3D:1D:BF:44:0F:44:41
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1cdc996-d9de-4ebc-9b37-048cf0e36669.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ffb:c040::/46
Signature Algorithm: sha256WithRSAEncryption
3d:57:2c:78:3e:8a:4b:ce:c0:45:e7:73:89:99:23:82:7b:c1:
e9:91:f4:7d:83:4f:c3:16:7e:68:c8:78:bf:cc:69:9f:1d:d9:
bd:7a:28:bb:c7:68:20:a0:1e:01:fc:01:dc:f2:16:98:42:c7:
de:3a:ad:4a:94:34:03:46:04:b8:2f:06:21:bb:91:da:b4:29:
76:4f:aa:84:13:a2:bd:ea:95:cd:7c:fd:1f:20:5e:9b:0f:ba:
de:fd:28:ca:ae:30:57:8b:9f:13:d7:cd:b0:83:1a:5f:7b:0a:
f5:9f:4e:b5:5b:09:b5:e3:be:52:f0:cc:8d:f9:ea:d4:f4:fd:
03:4b:65:56:ff:48:9d:b0:87:ac:4f:88:08:9a:3f:47:0e:6b:
9f:1a:d4:25:41:7c:13:79:10:56:97:0e:3a:9f:38:da:af:e5:
f0:20:af:a9:29:22:f2:c1:27:6b:dc:5a:4a:4a:94:11:1b:48:
f2:d3:7d:a8:7a:b7:22:e3:19:66:99:a6:b9:96:7c:dd:43:40:
73:bf:d1:c8:f9:7a:fa:30:e3:d4:82:2b:59:81:f5:87:43:47:
e3:f9:2f:71:67:fd:08:d9:85:34:2b:da:e7:4c:ef:b4:b9:bc:
ae:15:d9:bd:e2:b9:05:63:eb:5e:fb:ba:85:ff:29:5f:92:98:
d8:61:9c:0f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUhSwWIVtOYAtJ+YCRWzY4+rxR3AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjBjOGQ2NjdjYzNkMDk4NjBlNTMzNTc2ZGU1OWJiYTE4
MWQxYjYwMjc3ZTEzYzBkMDk2ZjIxN2UxMTQ0N2E0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBxD9wHi6RLBE8CBht4RGTt/hmdfNHhrM64Vm5wCZkyNmK
10ni9uiOCA8BrEkhoklwNu+Nba3zs8jduBfbK5BTCnESYscJDfLW8JREBrJr1OR1
dNvTziBHIfaRxuw3qlz+C6AKeVXjnFk/hJ/B9Hh+BR6VJngGkCjEIbE11f4LA1N4
ptmZN4Jryl5Vv161B/M+QUEZedP+bAT7sRmIrMXMP/UWl25lTeQ7H/Dp1/5zTARd
j+dYsEByC3znEpyPKfuf0LcbEPqiXhxeMtIxKO5S3E2wgwzwJKvU693kKQjj4eEc
ZsGJVWN1UEa07JJZbO2Db2NRI8165icnuBy5cqBpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU33iAska+bsup19exUj0dv0QPREEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IxY2RjOTk2LWQ5ZGUtNGViYy05YjM3LTA0OGNmMGUzNjY2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB/7wEAwDQYJKoZIhvcNAQELBQADggEBAD1XLHg+ikvOwEXnc4mZI4J7
wemR9H2DT8MWfmjIeL/MaZ8d2b16KLvHaCCgHgH8AdzyFphCx946rUqUNANGBLgv
BiG7kdq0KXZPqoQTor3qlc18/R8gXpsPut79KMquMFeLnxPXzbCDGl97CvWfTrVb
CbXjvlLwzI356tT0/QNLZVb/SJ2wh6xPiAiaP0cOa58a1CVBfBN5EFaXDjqfONqv
5fAgr6kpIvLBJ2vcWkpKlBEbSPLTfah6tyLjGWaZprmWfN1DQHO/0cj5evow49SC
K1mB9YdDR+P5L3Fn/QjZhTQr2udM77S5vK4V2b3iuQVj6177uoX/KV+SmNhhnA8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:48:08 2025 by rpki-client