Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/8f960b0d-c291-490f-aff5-abe964221bd2.roa
File: 8f960b0d-c291-490f-aff5-abe964221bd2.roa (raw, json)
Hash identifier: YdpKhpNijfjN949Y1YzpwFvsSznXOgdZ/xcytTipKQQ=
Subject key identifier: 13:9F:D4:BC:8E:BA:59:39:83:3A:79:D6:3E:15:FA:98:29:C8:5A:A7
Certificate issuer: /CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
Certificate serial: 371EBD54AF82F5F1D4C7280C1D721C0C1B925C95
Authority key identifier: 91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/8f960b0d-c291-490f-aff5-abe964221bd2.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2620:108:7000::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:1e:bd:54:af:82:f5:f1:d4:c7:28:0c:1d:72:1c:0c:1b:92:5c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=b8dc2a9aee3fb1a1ffa25476d8820022e871f9c918c666e815b03473dc15245d, CN=ddfbc97c-7bed-40df-95ca-e664b29d7b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b8:07:73:00:a7:0f:6e:cf:c3:57:68:93:48:
78:d2:b0:1d:cb:f6:43:4c:6d:a1:d2:f6:4a:27:7c:
36:5a:37:fa:c5:89:d2:80:e2:c3:52:10:e3:64:99:
a3:29:97:c8:74:d2:59:66:0d:e0:88:91:07:92:10:
b4:9b:f7:3b:18:2c:35:68:67:9e:5d:fb:c1:73:dc:
dd:1d:df:bf:f6:5f:e5:12:cd:80:35:18:0e:cf:74:
46:59:e3:f0:a6:a9:a3:06:05:20:f1:f3:68:43:38:
4f:e5:5a:7e:dc:7d:38:14:bf:a6:a4:a2:5c:4b:ad:
73:c6:38:84:8c:1a:b7:87:be:8b:4d:14:83:d9:b5:
c0:4f:a2:ab:5d:5d:5a:8d:78:f8:59:69:15:17:ee:
fc:95:42:d0:48:87:3f:e0:d4:0c:e5:0d:8c:06:84:
af:4e:bc:fa:6d:df:e0:6b:a3:0c:14:8f:5a:94:73:
03:df:3e:15:ae:aa:6a:2f:b0:88:6e:de:59:84:0b:
07:83:6e:42:71:20:a0:bd:96:28:5f:ae:ee:67:9a:
2b:8f:bb:14:9b:a0:cb:4b:6a:21:ab:fe:31:56:18:
89:ca:37:d0:ca:06:43:a2:33:87:76:bf:60:f5:87:
87:b8:cd:30:91:b9:7d:15:ec:81:ca:cd:0a:21:95:
c6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:9F:D4:BC:8E:BA:59:39:83:3A:79:D6:3E:15:FA:98:29:C8:5A:A7
X509v3 Authority Key Identifier:
keyid:91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/8f960b0d-c291-490f-aff5-abe964221bd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2620:108:7000::/44
Signature Algorithm: sha256WithRSAEncryption
58:fc:57:7e:fb:0e:2b:72:46:72:45:4b:92:80:d6:c1:37:f1:
a4:51:51:c4:09:e9:99:17:70:0a:65:fc:b1:11:1c:79:4e:f2:
35:17:15:f1:2d:2e:ea:a5:35:25:d2:28:6b:ea:c1:f0:22:4c:
2f:5a:c1:9e:a2:7f:1b:45:91:d4:fe:be:de:ed:b0:3b:7d:27:
80:75:07:31:b0:c2:71:86:5c:9b:71:25:87:38:3c:fa:9d:54:
d3:2d:f0:01:2c:d3:7d:20:c6:dc:44:8e:55:f8:13:b3:f6:95:
ce:11:c8:bd:3f:03:e6:63:e6:61:1b:6f:57:4e:c9:05:3d:c9:
04:2c:c9:6a:a4:8b:08:3a:45:45:dd:70:cb:97:1f:43:f4:cf:
a6:70:50:4a:11:2b:31:8c:54:9a:28:7c:7b:f1:d6:c3:9c:f6:
cf:8e:92:74:20:89:4d:3a:a3:43:1a:eb:8b:4f:c5:70:d7:1d:
d2:9d:08:ee:bc:06:d6:98:b1:8e:14:e4:50:54:08:e9:08:90:
0a:ab:87:43:d3:42:63:d5:12:e3:68:01:59:54:1e:10:0e:9d:
1b:ec:26:65:e2:5e:ff:22:ce:a8:14:8b:46:60:e9:4b:61:46:
b1:0c:6e:39:fa:1d:79:c2:d8:f2:09:06:3c:ad:82:bb:68:9f:
78:4e:14:02
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNx69VK+C9fHUxygMHXIcDBuSXJUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYTE1ZDhhYTEwZDYyZGJkZDM0ODMyNjg3NmJhNTY3NTNj
Yjk5YjQ2NGNjNDU1MzI0YjMwHhcNMjUwMTI4MDAwMDAwWhcNMjUwMzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOGRjMmE5YWVlM2ZiMWExZmZhMjU0NzZkODgyMDAyMmU4
NzFmOWM5MThjNjY2ZTgxNWIwMzQ3M2RjMTUyNDVkMS0wKwYDVQQDEyRkZGZiYzk3
Yy03YmVkLTQwZGYtOTVjYS1lNjY0YjI5ZDdiMjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9uAdzAKcPbs/DV2iTSHjSsB3L9kNMbaHS9konfDZaN/rF
idKA4sNSEONkmaMpl8h00llmDeCIkQeSELSb9zsYLDVoZ55d+8Fz3N0d37/2X+US
zYA1GA7PdEZZ4/CmqaMGBSDx82hDOE/lWn7cfTgUv6akolxLrXPGOISMGreHvotN
FIPZtcBPoqtdXVqNePhZaRUX7vyVQtBIhz/g1AzlDYwGhK9OvPpt3+BrowwUj1qU
cwPfPhWuqmovsIhu3lmECweDbkJxIKC9lihfru5nmiuPuxSboMtLaiGr/jFWGInK
N9DKBkOiM4d2v2D1h4e4zTCRuX0V7IHKzQohlcaFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUE5/UvI66WTmDOnnWPhX6mCnIWqcwHwYDVR0jBBgwFoAUkS3GDddkKYK8
rn+B/jxMEnKAIh8wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83MTg4YWMyNC0w
OWNjLTRmMjAtOWRiZC1jZDkwMDVkMjc5N2UvYTE1ZDhhYTEwZDYyZGJkZDM0ODMy
Njg3NmJhNTY3NTNjYjk5YjQ2NGNjNDU1MzI0YjMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNjAyYTI2ZTUtNGE5ZS00ZTVlLTg5ZjAtZWY4
OTE0OTBkOWM5LzhmOTYwYjBkLWMyOTEtNDkwZi1hZmY1LWFiZTk2NDIyMWJkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzYwMmEyNmU1LTRhOWUtNGU1ZS04OWYw
LWVmODkxNDkwZDljOS9ZdHZkTklNbWgydWxaMVBMbWJSa3pFVlRKTE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmIAEIcAAwDQYJKoZIhvcNAQELBQADggEBAFj8V377DityRnJFS5KA1sE3
8aRRUcQJ6ZkXcApl/LERHHlO8jUXFfEtLuqlNSXSKGvqwfAiTC9awZ6ifxtFkdT+
vt7tsDt9J4B1BzGwwnGGXJtxJYc4PPqdVNMt8AEs030gxtxEjlX4E7P2lc4RyL0/
A+Zj5mEbb1dOyQU9yQQsyWqkiwg6RUXdcMuXH0P0z6ZwUEoRKzGMVJoofHvx1sOc
9s+OknQgiU06o0Ma64tPxXDXHdKdCO68BtaYsY4U5FBUCOkIkAqrh0PTQmPVEuNo
AVlUHhAOnRvsJmXiXv8izqgUi0Zg6UthRrEMbjn6HXnC2PIJBjytgrton3hOFAI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:45:58 2025 by rpki-client