Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d877b319-6b7e-4002-a764-eae7f98a0674.roa
File: d877b319-6b7e-4002-a764-eae7f98a0674.roa (raw, json)
Hash identifier: Xc9qAy+i+yMuULffdAoA9vR/aTbMkOlTmMm37t+l488=
Subject key identifier: DE:F5:B2:E0:A6:85:C3:F7:CF:A8:8B:55:95:AC:60:7E:3A:41:1D:00
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6A429A75DDA396E60FDE51828E989BA703578F3E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d877b319-6b7e-4002-a764-eae7f98a0674.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 32.240.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:42:9a:75:dd:a3:96:e6:0f:de:51:82:8e:98:9b:a7:03:57:8f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=3cb37ed7a03d00bfe751b4ce92ed2dfe4f0191c44555dc8ae9a505824c6536d1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5a:38:c1:35:60:38:f1:e9:b1:52:d7:8e:f6:
06:f5:21:88:c2:1d:85:30:95:28:67:1f:18:ad:00:
d8:29:ef:0e:46:09:de:c8:fd:81:be:15:1d:bc:25:
2e:48:7c:d7:1f:62:00:25:87:43:eb:ee:9d:f5:bc:
49:5a:48:c4:28:c1:c4:85:67:43:f5:ee:ee:49:9e:
15:35:26:69:02:e5:9e:ef:d0:28:2f:e9:b0:f2:0e:
36:8e:be:f6:66:40:2a:8a:e7:9e:f8:f9:28:71:da:
0a:45:66:ba:60:c0:86:b2:b9:fe:5c:b9:05:fb:28:
df:77:81:88:82:3d:6f:04:cf:f3:45:36:3d:99:9f:
dc:9d:32:a0:e8:d5:9a:96:21:c7:bf:fb:2c:88:0c:
5d:de:68:43:26:d7:f1:7d:8e:2f:1d:bd:a3:3b:15:
3a:d2:fc:60:2b:ab:bb:b5:2d:bf:46:48:1e:5f:a8:
26:db:4f:9a:b9:f4:62:65:d4:58:ba:99:5b:fe:27:
e8:06:f4:63:39:5f:51:69:92:d5:c4:bc:b6:8b:bb:
a0:b8:f9:de:38:eb:d0:29:56:0e:62:c6:bd:d7:50:
b1:3f:4e:0e:db:db:48:2e:fe:eb:31:03:54:e0:0d:
26:af:0a:d8:e1:44:65:74:5f:ab:8a:c0:72:a8:35:
c3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F5:B2:E0:A6:85:C3:F7:CF:A8:8B:55:95:AC:60:7E:3A:41:1D:00
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d877b319-6b7e-4002-a764-eae7f98a0674.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
32.240.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2c:95:3a:b7:bf:9c:83:5d:73:da:10:f5:1a:3c:b6:1a:37:3d:
7e:10:5b:1e:02:96:d2:78:f7:33:b3:2e:26:ca:00:1f:a8:ca:
41:19:15:26:32:eb:8a:29:91:0c:cd:da:d5:06:8a:33:6f:00:
fc:e1:bb:80:2b:3d:82:fd:29:25:aa:79:ed:50:94:7f:4d:61:
59:32:36:84:3e:5c:6a:29:0f:7a:82:9c:e8:3d:98:62:dc:80:
00:dc:e2:f7:aa:7f:54:97:0b:5d:a0:53:38:1b:36:b0:3f:03:
68:92:35:ec:29:bd:f8:1f:6c:f4:e8:49:1a:59:b5:13:ce:ae:
09:e2:c6:8c:1c:85:c6:3c:7e:fc:9c:26:72:03:21:27:d4:04:
1d:bd:17:7b:56:ad:e5:47:eb:0f:7a:54:4b:8d:0d:d5:29:3f:
29:51:a9:1d:cb:c2:56:1e:60:9a:bc:7c:e8:da:78:8c:8e:95:
03:57:43:96:31:48:8d:94:6f:f5:d4:94:cb:c0:42:f9:18:e0:
8f:8a:a7:bf:dd:5f:32:fd:00:73:b4:77:ed:cc:80:bd:82:51:
3a:d6:72:c1:6b:31:66:f5:9e:ed:34:d0:fe:d7:d7:a0:3c:04:
e6:f4:79:00:c7:9e:a7:86:76:ba:74:df:c0:ae:0b:d4:a8:ac:
0c:76:e1:e6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUakKadd2jluYP3lGCjpibpwNXjz4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzY2IzN2VkN2EwM2QwMGJmZTc1MWI0Y2U5MmVkMmRmZTRm
MDE5MWM0NDU1NWRjOGFlOWE1MDU4MjRjNjUzNmQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDoWjjBNWA48emxUteO9gb1IYjCHYUwlShnHxitANgp7w5G
Cd7I/YG+FR28JS5IfNcfYgAlh0Pr7p31vElaSMQowcSFZ0P17u5JnhU1JmkC5Z7v
0Cgv6bDyDjaOvvZmQCqK5574+Shx2gpFZrpgwIayuf5cuQX7KN93gYiCPW8Ez/NF
Nj2Zn9ydMqDo1ZqWIce/+yyIDF3eaEMm1/F9ji8dvaM7FTrS/GArq7u1Lb9GSB5f
qCbbT5q59GJl1Fi6mVv+J+gG9GM5X1FpktXEvLaLu6C4+d4469ApVg5ixr3XULE/
Tg7b20gu/usxA1TgDSavCtjhRGV0X6uKwHKoNcPtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3vWy4KaFw/fPqItVlaxgfjpBHQAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q4NzdiMzE5LTZiN2UtNDAwMi1hNzY0LWVhZTdmOThhMDY3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEg8DANBgkqhkiG9w0BAQsFAAOCAQEALJU6t7+cg11z2hD1Gjy2Gjc9fhBb
HgKW0nj3M7MuJsoAH6jKQRkVJjLriimRDM3a1QaKM28A/OG7gCs9gv0pJap57VCU
f01hWTI2hD5caikPeoKc6D2YYtyAANzi96p/VJcLXaBTOBs2sD8DaJI17Cm9+B9s
9OhJGlm1E86uCeLGjByFxjx+/JwmcgMhJ9QEHb0Xe1at5UfrD3pUS40N1Sk/KVGp
HcvCVh5gmrx86Np4jI6VA1dDljFIjZRv9dSUy8BC+Rjgj4qnv91fMv0Ac7R37cyA
vYJROtZywWsxZvWe7TTQ/tfXoDwE5vR5AMeep4Z2unTfwK4L1KisDHbh5g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:30:27 2025 by rpki-client