Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f37c8633-aaf3-4a49-bfa6-775ab7724d36.roa
File: f37c8633-aaf3-4a49-bfa6-775ab7724d36.roa (raw, json)
Hash identifier: yezLyKM/+NJwnRzByDZqGguY4MfHAKewY+k4g/1bohk=
Subject key identifier: F2:68:98:7F:EF:0E:85:29:10:2F:5B:A6:A3:62:00:7D:52:E0:63:C4
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 69315CCF29B103D663E5D82CA38FDF8F34908870
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f37c8633-aaf3-4a49-bfa6-775ab7724d36.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0fb:8000::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:31:5c:cf:29:b1:03:d6:63:e5:d8:2c:a3:8f:df:8f:34:90:88:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=ec81f3dd7e88f165eb0ec854dd6cfdebbffb0713aa6992a2fb391a55e26477fd, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:14:3b:cc:a2:1a:61:9e:4c:9e:96:4d:df:04:
98:8f:1d:4d:26:2a:fc:30:39:72:5c:75:0d:b5:5d:
46:d2:f1:f8:d6:d0:66:f7:ce:bb:e6:0a:bb:a6:6e:
2a:3a:fe:c3:cb:62:62:32:14:5e:ba:01:c0:7b:51:
df:2f:30:1b:e4:67:ed:ba:86:fc:cb:de:82:d3:40:
d2:2a:ef:08:88:cb:a1:7c:78:85:e4:6f:3c:2c:6e:
d4:28:7e:a7:89:a4:93:0d:cd:a0:5a:7e:54:8e:65:
81:89:68:b5:ed:0d:a0:3e:ed:f4:08:81:c2:a5:c5:
e9:97:af:7c:75:11:42:93:33:27:a1:72:f6:1e:d4:
b3:ae:69:7f:22:f7:16:78:cc:b7:e1:37:d2:67:5d:
c0:37:7d:95:7b:3a:7a:76:9c:77:9a:81:31:4e:15:
a4:8b:a1:20:dd:be:c3:b6:d6:8d:61:cd:f7:8d:15:
bb:33:7f:45:42:1c:91:3e:23:5b:f6:1c:c2:d2:2b:
5d:ea:d6:36:a4:34:9d:f2:70:07:96:68:86:c7:0c:
a3:d4:33:b0:91:9c:be:f9:03:84:18:1c:0b:95:92:
99:40:95:2a:cb:ae:fe:65:32:03:b7:f5:38:17:e0:
55:ed:d3:ad:29:08:11:6b:e4:df:e8:b9:52:8d:18:
f2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:68:98:7F:EF:0E:85:29:10:2F:5B:A6:A3:62:00:7D:52:E0:63:C4
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f37c8633-aaf3-4a49-bfa6-775ab7724d36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0fb:8000::/42
Signature Algorithm: sha256WithRSAEncryption
49:67:70:3b:c5:3a:7f:91:96:ad:a7:f8:25:0a:6f:25:20:6b:
57:cd:5c:6c:cc:06:b0:13:0e:c0:af:72:fc:2e:8a:c0:cb:f4:
7f:97:98:e1:94:ad:60:6c:79:dd:c2:80:9c:40:21:00:e7:a0:
1a:e3:33:d0:64:88:fe:e3:de:87:ae:1c:ff:71:90:2b:a1:99:
17:35:31:0b:f3:9c:b3:6e:ab:bf:b8:15:61:b5:f5:45:c0:20:
89:2c:81:08:2c:f5:d8:2b:34:47:fc:dc:e5:c5:05:2c:bf:20:
1a:ce:92:81:35:01:fe:27:4d:eb:ca:23:df:ca:df:f9:bb:90:
c3:46:3c:92:c7:a8:23:46:2f:8a:70:2f:c7:08:b2:02:2a:fe:
03:97:f7:c4:0a:3f:4b:80:25:19:8b:ed:74:8b:cf:1c:5b:03:
27:7e:75:4e:bb:50:4c:5d:89:7a:9a:cb:f3:b2:16:ad:6c:4f:
87:49:5e:4f:78:d2:1d:24:c6:07:7b:25:f8:c0:b8:df:68:b7:
68:46:9c:b8:8d:93:4b:2b:1a:ec:7a:74:eb:88:17:97:0e:a9:
e9:74:13:81:ce:b7:44:44:97:0a:4c:8e:64:ca:8d:7a:2d:df:
6a:4c:0b:ce:c8:7d:a0:7e:ab:5e:4b:bc:b8:3f:04:e2:43:0a:
c0:0f:4a:af
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaTFczymxA9Zj5dgso4/fjzSQiHAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYzgxZjNkZDdlODhmMTY1ZWIwZWM4NTRkZDZjZmRlYmJm
ZmIwNzEzYWE2OTkyYTJmYjM5MWE1NWUyNjQ3N2ZkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXFDvMohphnkyelk3fBJiPHU0mKvwwOXJcdQ21XUbS8fjW
0Gb3zrvmCrumbio6/sPLYmIyFF66AcB7Ud8vMBvkZ+26hvzL3oLTQNIq7wiIy6F8
eIXkbzwsbtQofqeJpJMNzaBaflSOZYGJaLXtDaA+7fQIgcKlxemXr3x1EUKTMyeh
cvYe1LOuaX8i9xZ4zLfhN9JnXcA3fZV7Onp2nHeagTFOFaSLoSDdvsO21o1hzfeN
Fbszf0VCHJE+I1v2HMLSK13q1jakNJ3ycAeWaIbHDKPUM7CRnL75A4QYHAuVkplA
lSrLrv5lMgO39TgX4FXt060pCBFr5N/ouVKNGPJ/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU8miYf+8OhSkQL1umo2IAfVLgY8QwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2YzN2M4NjMzLWFhZjMtNGE0OS1iZmE2LTc3NWFiNzcyNGQzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD7gAAwDQYJKoZIhvcNAQELBQADggEBAElncDvFOn+Rlq2n+CUKbyUg
a1fNXGzMBrATDsCvcvwuisDL9H+XmOGUrWBsed3CgJxAIQDnoBrjM9BkiP7j3oeu
HP9xkCuhmRc1MQvznLNuq7+4FWG19UXAIIksgQgs9dgrNEf83OXFBSy/IBrOkoE1
Af4nTevKI9/K3/m7kMNGPJLHqCNGL4pwL8cIsgIq/gOX98QKP0uAJRmL7XSLzxxb
Ayd+dU67UExdiXqay/OyFq1sT4dJXk940h0kxgd7JfjAuN9ot2hGnLiNk0srGux6
dOuIF5cOqel0E4HOt0RElwpMjmTKjXot32pMC87IfaB+q15LvLg/BOJDCsAPSq8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:14:07 2025 by rpki-client