Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fac04063-f7c8-41ee-b745-4de5efa59aaf.roa
File: fac04063-f7c8-41ee-b745-4de5efa59aaf.roa (raw, json)
Hash identifier: WcTHC51xbthcT4Z6LLILgO8PJQbqsV/uHs8KSHCpkQs=
Subject key identifier: B1:CF:AC:1A:9A:31:66:F5:1C:21:B3:9E:93:EF:7B:24:A6:0D:D8:C9
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0FDEDB4F726CC7B2B682A6D93AC961667776CFD3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fac04063-f7c8-41ee-b745-4de5efa59aaf.roa
Signing time: Tue 21 Jan 2025 00:00:00 +0000
ROA not before: Tue 21 Jan 2025 00:00:00 +0000
ROA not after: Tue 25 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.152.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:de:db:4f:72:6c:c7:b2:b6:82:a6:d9:3a:c9:61:66:77:76:cf:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 21 00:00:00 2025 GMT
Not After : Feb 25 23:59:59 2025 GMT
Subject: serialNumber=ac4626bf5444379a1d558e00dde12f01920bfb5ee88ab481656b8171c7dc610f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1f:08:ed:1f:87:e3:a9:de:d9:56:e2:71:ba:
47:ed:ec:e8:fe:8c:00:00:83:bd:5d:a6:6f:b1:0d:
c3:15:b1:0c:51:e8:26:96:f0:d2:cd:29:17:25:d0:
02:1a:55:e1:2e:d8:77:75:fb:aa:4e:7a:8c:33:c0:
48:09:a9:9d:04:e0:64:de:87:1a:a9:4a:21:82:27:
13:f2:8c:fb:70:73:51:94:d6:a9:d1:20:a4:4d:4d:
1d:df:a5:1e:52:23:60:32:73:ab:12:ec:7e:f4:e2:
1f:39:d6:2f:cb:68:fc:6d:3d:fb:0d:aa:08:a7:5a:
7f:ca:d2:44:9a:5c:f0:4c:c7:2b:4c:96:d8:9e:59:
e2:c5:10:ed:f1:14:ee:72:52:e7:28:39:c7:37:f3:
9d:a2:84:7b:55:b6:ec:7a:01:11:a1:5f:9f:13:a9:
0f:ec:cb:28:12:53:e7:3c:4a:da:63:0c:04:6f:5b:
a1:a8:7e:4c:b2:4f:64:1a:a5:d3:b8:38:18:97:de:
d2:1c:b0:16:db:8d:49:19:45:23:d4:df:0d:f9:6e:
72:2d:26:cf:45:32:0e:94:ed:9d:f1:87:89:13:39:
72:a2:93:a8:be:62:a8:05:ff:2f:c6:2d:44:01:e7:
c1:c4:27:05:d7:23:fb:c2:22:ec:2f:a6:df:70:93:
c7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:CF:AC:1A:9A:31:66:F5:1C:21:B3:9E:93:EF:7B:24:A6:0D:D8:C9
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fac04063-f7c8-41ee-b745-4de5efa59aaf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.152.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:dd:51:b8:9d:c7:93:a6:85:e4:4b:c0:a7:bb:c1:d5:fa:91:
91:75:3f:c1:9b:19:38:53:3f:4c:5a:85:f9:22:b0:d1:92:8c:
4a:7f:08:b3:ed:ec:f1:5d:67:d8:0e:28:50:63:11:65:ef:2c:
1f:72:26:86:5e:48:88:ce:d2:d6:69:e5:f4:26:d3:32:2d:4c:
cc:81:6c:89:b2:99:c8:41:c4:f0:32:b5:54:d4:a6:1d:38:02:
27:d2:26:5e:d7:f5:55:9e:46:7c:4f:6d:3c:ad:94:5e:a8:80:
de:b1:1a:7d:64:e5:3c:94:4d:4b:35:38:72:85:5a:55:2e:4d:
e7:96:67:89:1a:95:ce:37:c7:32:16:c2:77:25:d4:af:b1:b7:
9a:d0:94:80:39:c9:09:b7:fe:e9:6a:b5:29:25:0a:0b:24:c3:
07:ff:bb:61:e2:e8:ef:99:fe:ce:15:f4:85:85:c7:5a:6e:23:
86:b7:2a:cb:b9:5d:87:ad:b6:6e:9c:63:1e:15:d0:7a:85:bf:
05:7f:f5:92:99:fa:12:23:5b:30:46:6b:4c:49:76:dd:5b:2f:
49:6f:a5:a5:34:31:55:de:e8:22:1a:9e:4c:25:8a:2b:81:95:
b9:06:6d:30:3a:e7:fb:f1:4b:83:06:0d:71:85:43:ba:53:69:
9d:b0:09:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUD97bT3Jsx7K2gqbZOslhZnd2z9MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzQ2MjZiZjU0NDQzNzlhMWQ1NThlMDBkZGUxMmYwMTky
MGJmYjVlZTg4YWI0ODE2NTZiODE3MWM3ZGM2MTBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAHwjtH4fjqd7ZVuJxukft7Oj+jAAAg71dpm+xDcMVsQxR
6CaW8NLNKRcl0AIaVeEu2Hd1+6pOeowzwEgJqZ0E4GTehxqpSiGCJxPyjPtwc1GU
1qnRIKRNTR3fpR5SI2Ayc6sS7H704h851i/LaPxtPfsNqginWn/K0kSaXPBMxytM
ltieWeLFEO3xFO5yUucoOcc3852ihHtVtux6ARGhX58TqQ/syygSU+c8StpjDARv
W6GofkyyT2QapdO4OBiX3tIcsBbbjUkZRSPU3w35bnItJs9FMg6U7Z3xh4kTOXKi
k6i+YqgF/y/GLUQB58HEJwXXI/vCIuwvpt9wk8d9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUsc+sGpoxZvUcIbOek+97JKYN2MkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhYzA0MDYzLWY3YzgtNDFlZS1iNzQ1LTRkZTVlZmE1OWFhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQmDANBgkqhkiG9w0BAQsFAAOCAQEATN1RuJ3Hk6aF5EvAp7vB1fqRkXU/
wZsZOFM/TFqF+SKw0ZKMSn8Is+3s8V1n2A4oUGMRZe8sH3Imhl5IiM7S1mnl9CbT
Mi1MzIFsibKZyEHE8DK1VNSmHTgCJ9ImXtf1VZ5GfE9tPK2UXqiA3rEafWTlPJRN
SzU4coVaVS5N55ZniRqVzjfHMhbCdyXUr7G3mtCUgDnJCbf+6Wq1KSUKCyTDB/+7
YeLo75n+zhX0hYXHWm4jhrcqy7ldh622bpxjHhXQeoW/BX/1kpn6EiNbMEZrTEl2
3VsvSW+lpTQxVd7oIhqeTCWKK4GVuQZtMDrn+/FLgwYNcYVDulNpnbAJHg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:14:26 2025 by rpki-client