Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fddf1e97-cd5a-4958-b315-7541e5e380c2.roa
File: fddf1e97-cd5a-4958-b315-7541e5e380c2.roa (raw, json)
Hash identifier: jxZfqEsbEN+HR0sLf4QdsC/RVNzjJ7FazwjvOyW5RAg=
Subject key identifier: CA:0C:6F:9B:1D:70:0C:69:E4:1F:AB:B6:44:DE:A7:65:59:E5:E3:69
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1B9D4602AD70859E23E45A949CF5863F370B7390
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fddf1e97-cd5a-4958-b315-7541e5e380c2.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 50.18.112.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:9d:46:02:ad:70:85:9e:23:e4:5a:94:9c:f5:86:3f:37:0b:73:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=bc2aae985f67db4ff08bd3321e2bec5de164c4424ce9ee31b734aab71579d958, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:93:79:01:3c:30:4a:9f:17:00:e1:28:59:c0:
67:08:e1:6d:29:5e:ec:cb:84:da:5f:81:dc:39:43:
9f:d6:ba:09:f7:aa:96:9e:f1:40:c9:8c:0b:03:7f:
81:48:73:da:a1:59:03:ed:2e:75:c1:72:d5:e3:89:
da:dc:ff:51:32:d1:fe:bf:0d:40:6b:44:15:f6:2c:
c0:aa:62:32:0f:0c:64:30:97:a4:19:a5:c6:cb:f9:
02:07:86:60:01:25:cf:03:33:69:ae:ff:71:ab:c1:
a5:ad:ce:5d:5a:b4:7c:20:8c:de:1b:72:f6:df:81:
5b:50:50:8c:47:27:b0:c6:8b:ed:fa:e6:d3:eb:11:
90:6a:a0:bb:f4:16:d1:a6:27:65:b5:a0:2d:55:57:
40:5c:eb:46:c7:3b:ad:f2:59:65:7e:a0:65:56:21:
7a:e8:bb:2e:cc:9e:2b:7f:61:0f:f3:7a:45:a0:d3:
88:5a:85:57:3a:fc:85:0c:e9:fc:5a:6e:0c:f8:07:
2b:04:2b:09:96:56:8e:94:0f:e5:b3:e2:33:fc:59:
8b:54:e3:ec:27:d1:92:5a:db:72:71:fe:46:cc:28:
2d:2a:02:64:2d:a1:f6:13:4f:41:fa:47:d8:e3:97:
dd:b6:fa:8c:c4:e7:90:50:61:fc:03:8f:32:52:9e:
4f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0C:6F:9B:1D:70:0C:69:E4:1F:AB:B6:44:DE:A7:65:59:E5:E3:69
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fddf1e97-cd5a-4958-b315-7541e5e380c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
50.18.112.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:eb:b9:e0:14:84:4b:67:d6:71:2f:b2:4a:7f:c8:2f:6a:91:
13:4b:ae:a1:a1:5e:2c:b0:10:52:0e:f3:f0:94:52:95:d9:66:
5a:ad:ec:45:bf:d6:16:dd:f1:b0:80:ad:06:79:8f:e1:62:79:
b4:91:c4:0a:b0:88:ee:78:ef:60:2a:46:d4:24:25:5c:c6:b2:
c2:84:e7:5c:18:69:1d:85:0d:00:27:f5:3f:76:14:0a:91:e2:
ed:c7:14:6b:53:76:ca:08:5e:6a:0e:8a:5d:c3:81:4f:f5:eb:
24:45:cd:c6:49:6c:98:63:53:61:98:9f:13:d9:07:3a:53:e5:
07:73:48:a3:af:52:c3:89:1b:15:f7:81:19:9c:dd:27:79:cc:
b7:96:1a:63:c9:5b:e1:de:46:dc:06:b2:8b:5b:27:e8:f3:a8:
99:97:c1:09:f8:69:6a:61:e6:2b:f3:4a:43:9d:4f:d9:2d:ec:
ee:25:a9:ba:38:3e:96:87:bb:46:ec:a7:95:44:3d:3d:0e:16:
01:53:18:be:af:42:e8:88:72:36:1d:ad:9c:b0:df:e4:f1:c4:
b9:07:d2:12:01:8e:2c:dd:42:48:92:66:93:d8:7d:b8:2e:27:
b9:b0:25:e4:6b:2c:69:ec:37:e5:27:38:4a:b8:10:1e:cf:25:
61:ec:cf:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG51GAq1whZ4j5FqUnPWGPzcLc5AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI3MDAwMDAwWhcNMjUwMzAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYzJhYWU5ODVmNjdkYjRmZjA4YmQzMzIxZTJiZWM1ZGUx
NjRjNDQyNGNlOWVlMzFiNzM0YWFiNzE1NzlkOTU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTk3kBPDBKnxcA4ShZwGcI4W0pXuzLhNpfgdw5Q5/Wugn3
qpae8UDJjAsDf4FIc9qhWQPtLnXBctXjidrc/1Ey0f6/DUBrRBX2LMCqYjIPDGQw
l6QZpcbL+QIHhmABJc8DM2mu/3GrwaWtzl1atHwgjN4bcvbfgVtQUIxHJ7DGi+36
5tPrEZBqoLv0FtGmJ2W1oC1VV0Bc60bHO63yWWV+oGVWIXrouy7Mnit/YQ/zekWg
04hahVc6/IUM6fxabgz4BysEKwmWVo6UD+Wz4jP8WYtU4+wn0ZJa23Jx/kbMKC0q
AmQtofYTT0H6R9jjl922+ozE55BQYfwDjzJSnk97AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUygxvmx1wDGnkH6u2RN6nZVnl42kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZkZGYxZTk3LWNkNWEtNDk1OC1iMzE1LTc1NDFlNWUzODBjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyEnAwDQYJKoZIhvcNAQELBQADggEBAC/rueAUhEtn1nEvskp/yC9qkRNL
rqGhXiywEFIO8/CUUpXZZlqt7EW/1hbd8bCArQZ5j+FiebSRxAqwiO5472AqRtQk
JVzGssKE51wYaR2FDQAn9T92FAqR4u3HFGtTdsoIXmoOil3DgU/16yRFzcZJbJhj
U2GYnxPZBzpT5QdzSKOvUsOJGxX3gRmc3Sd5zLeWGmPJW+HeRtwGsotbJ+jzqJmX
wQn4aWph5ivzSkOdT9kt7O4lqbo4PpaHu0bsp5VEPT0OFgFTGL6vQuiIcjYdrZyw
3+TxxLkH0hIBjizdQkiSZpPYfbguJ7mwJeRrLGnsN+UnOEq4EB7PJWHsz44=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:39 2025 by rpki-client