Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/20df74ce-1a64-4df1-b616-115d4493a969.roa
File: 20df74ce-1a64-4df1-b616-115d4493a969.roa (raw, json)
Hash identifier: bhkI2OXzWjs1Ii1a4euLXIbNF/yNr/I1ioiUQrJ8HLg=
Subject key identifier: 87:48:3F:D0:7C:93:3E:49:5B:D5:AD:6B:28:8D:82:13:62:73:89:24
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 47F8E80B869B142CF3628AB4CF5356144B15D312
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/20df74ce-1a64-4df1-b616-115d4493a969.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0f0:200::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:f8:e8:0b:86:9b:14:2c:f3:62:8a:b4:cf:53:56:14:4b:15:d3:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=8ab833ee109ff7ccda7a736af2f312c8072f2e58ff0dba4e5e9fe1df5c00550f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:15:3f:8c:cb:5b:5d:79:71:1a:51:7d:ad:67:
b8:31:e3:45:7e:81:a4:07:6b:8f:e6:1d:fa:01:58:
e8:c3:cc:64:02:17:8f:a0:03:cb:b1:1b:3a:a7:f8:
69:cd:c2:66:50:59:7c:37:88:d5:6f:b0:f5:6e:47:
2e:2c:ff:f5:30:12:46:d9:59:25:5c:06:08:eb:bf:
04:38:8b:20:5e:db:79:80:cd:7a:3f:e6:b9:0f:79:
5a:24:e4:4c:3b:12:b5:3a:a0:f0:c3:05:f0:87:8d:
d2:15:84:aa:ee:f7:cc:d2:42:e5:d9:db:48:12:a3:
c1:21:5c:02:ae:ec:e2:5d:5b:4c:a5:89:f1:d3:5f:
73:8a:68:c0:e4:d6:bb:e8:13:7e:d2:72:6e:f1:c4:
89:f1:04:98:58:58:af:ef:2d:a5:44:8c:fa:ed:0e:
c7:6c:0f:0e:39:33:49:bc:83:2e:30:29:71:00:81:
b3:dc:0c:ef:4e:f4:07:a1:e8:48:ec:6e:09:37:c9:
b0:77:28:86:48:a3:de:42:83:e4:a8:7a:44:8c:2f:
6f:18:c3:9b:5a:21:5a:05:a6:9a:ba:8b:d7:1d:ca:
bf:ad:55:39:84:ca:e6:6b:e2:e5:f2:ad:97:79:20:
0e:99:6e:a6:8c:36:88:3b:4b:0d:91:97:3d:b5:93:
0c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:48:3F:D0:7C:93:3E:49:5B:D5:AD:6B:28:8D:82:13:62:73:89:24
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/20df74ce-1a64-4df1-b616-115d4493a969.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0f0:200::/40
Signature Algorithm: sha256WithRSAEncryption
4d:65:b8:e2:c7:e2:51:87:a2:fb:ca:dd:e6:68:00:14:7c:ed:
72:d8:c1:38:e2:7c:da:54:e2:d4:43:05:84:5f:e8:2d:a8:35:
bb:2e:57:02:58:8b:f0:24:32:1f:e4:98:dd:46:4e:6e:5e:2c:
95:0e:7a:46:00:db:89:df:f4:f3:6c:3c:6e:3d:28:3a:09:29:
b8:c2:25:05:a0:c1:5b:48:10:50:6c:07:db:81:e8:8b:c2:bc:
98:94:04:9c:fa:ce:c6:8d:e0:cb:94:da:ce:cb:78:12:4d:3d:
4f:6f:23:6d:d2:98:04:a6:3e:24:29:e9:16:35:85:21:00:fc:
2f:ff:e2:ab:f5:aa:11:03:d0:7c:7c:6b:5f:9e:68:e8:39:d5:
3e:da:14:ef:e0:59:12:38:1e:38:5f:2f:35:e9:65:c9:8a:9a:
18:8c:3a:b2:03:12:ea:d2:38:d2:5d:19:a3:6e:26:71:1f:12:
9c:6a:63:1a:1a:06:d4:35:72:94:c7:f6:a6:ab:54:56:d9:e5:
76:f4:af:cc:d1:ac:6b:56:87:53:34:29:59:72:24:43:10:d7:
e6:d1:69:ff:c2:3a:53:e4:4b:a5:7f:25:ba:20:20:2d:e9:09:
f6:ae:48:1c:7d:6f:ae:12:81:77:71:f3:f5:df:77:2d:0d:2e:
2e:e8:f1:20
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUR/joC4abFCzzYoq0z1NWFEsV0xIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YWI4MzNlZTEwOWZmN2NjZGE3YTczNmFmMmYzMTJjODA3
MmYyZTU4ZmYwZGJhNGU1ZTlmZTFkZjVjMDA1NTBmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTFT+My1tdeXEaUX2tZ7gx40V+gaQHa4/mHfoBWOjDzGQC
F4+gA8uxGzqn+GnNwmZQWXw3iNVvsPVuRy4s//UwEkbZWSVcBgjrvwQ4iyBe23mA
zXo/5rkPeVok5Ew7ErU6oPDDBfCHjdIVhKru98zSQuXZ20gSo8EhXAKu7OJdW0yl
ifHTX3OKaMDk1rvoE37Scm7xxInxBJhYWK/vLaVEjPrtDsdsDw45M0m8gy4wKXEA
gbPcDO9O9Aeh6Ejsbgk3ybB3KIZIo95Cg+SoekSML28Yw5taIVoFppq6i9cdyr+t
VTmEyuZr4uXyrZd5IA6ZbqaMNog7Sw2Rlz21kwzrAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUh0g/0HyTPklb1a1rKI2CE2JziSQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzIwZGY3NGNlLTFhNjQtNGRmMS1iNjE2LTExNWQ0NDkzYTk2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPDwAjANBgkqhkiG9w0BAQsFAAOCAQEATWW44sfiUYei+8rd5mgAFHzt
ctjBOOJ82lTi1EMFhF/oLag1uy5XAliL8CQyH+SY3UZObl4slQ56RgDbid/082w8
bj0oOgkpuMIlBaDBW0gQUGwH24Hoi8K8mJQEnPrOxo3gy5Tazst4Ek09T28jbdKY
BKY+JCnpFjWFIQD8L//iq/WqEQPQfHxrX55o6DnVPtoU7+BZEjgeOF8vNellyYqa
GIw6sgMS6tI40l0Zo24mcR8SnGpjGhoG1DVylMf2pqtUVtnldvSvzNGsa1aHUzQp
WXIkQxDX5tFp/8I6U+RLpX8luiAgLekJ9q5IHH1vrhKBd3Hz9d93LQ0uLujxIA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:06:20 2025 by rpki-client