Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d3ae0b1-fd64-4676-b9be-3f20ed4e2489.roa
File: 0d3ae0b1-fd64-4676-b9be-3f20ed4e2489.roa (raw, json)
Hash identifier: HPhvXDYJBX57Ih7M6260UrD4Mb0AY5zivCp6kvp+d3g=
Subject key identifier: B7:20:07:15:BB:D5:CC:CB:E4:AB:38:06:1C:B4:E7:1F:C0:B6:EE:AE
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3D47358D43747372D0CFE5B0104D457B98738179
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d3ae0b1-fd64-4676-b9be-3f20ed4e2489.roa
Signing time: Sat 15 Mar 2025 00:31:55 +0000
ROA not before: Sat 15 Mar 2025 00:31:55 +0000
ROA not after: Sat 19 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.252.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:47:35:8d:43:74:73:72:d0:cf:e5:b0:10:4d:45:7b:98:73:81:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 15 00:31:55 2025 GMT
Not After : Apr 19 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e3:a3:5a:03:07:d3:21:b2:a7:85:fb:56:7e:
49:11:db:b7:64:b2:2f:6e:d1:a1:dc:75:19:e0:0c:
d6:48:3c:5c:bb:79:28:87:7a:ab:e0:c4:98:b9:ec:
94:a6:82:cd:99:3c:39:ea:f9:a3:15:2a:57:9e:65:
67:45:60:b8:d8:28:20:19:62:25:49:35:c0:75:c8:
8d:a0:d8:14:dd:ec:24:c5:aa:bc:33:ef:e8:19:c0:
80:c9:c0:e6:b1:d7:8a:ef:e3:6e:d7:09:c3:9e:da:
a9:19:86:c4:b6:4a:1c:53:e1:c8:21:eb:2a:67:08:
0c:4c:e2:9f:58:c2:7b:06:c6:9b:3f:e9:b9:07:5d:
c5:16:ca:1d:74:d4:c7:96:ff:af:b6:66:31:61:aa:
67:aa:9a:99:85:7d:fa:be:30:9a:5c:7f:cf:5b:f0:
cc:8b:db:af:01:74:ab:fa:15:47:1e:67:f8:f3:f5:
a1:10:2c:38:22:11:90:fd:c8:bb:ed:fd:82:cc:f8:
f8:36:f4:cb:2d:fa:c8:6d:e8:59:bb:fd:97:d6:8b:
fa:b3:d7:ca:88:c8:53:c9:a7:d6:88:76:aa:1a:e4:
71:d8:62:3b:fa:fe:b7:82:1d:47:a9:11:82:18:fa:
d7:21:cb:65:f3:a0:ed:d1:65:d3:75:ab:79:cf:e9:
18:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:20:07:15:BB:D5:CC:CB:E4:AB:38:06:1C:B4:E7:1F:C0:B6:EE:AE
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d3ae0b1-fd64-4676-b9be-3f20ed4e2489.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.252.111.0/24
Signature Algorithm: sha256WithRSAEncryption
76:cf:71:39:9e:22:f0:8a:3d:fa:d5:2b:1d:3a:36:35:80:e0:
28:14:22:3c:b5:ae:64:6a:9c:8b:50:c6:ec:d4:f6:58:55:d3:
79:b6:6f:5d:fa:26:e4:a0:e1:17:da:8e:78:11:f5:dc:fa:06:
2f:f4:2e:96:3f:2a:8c:6c:1b:9c:e6:00:47:db:ff:35:bb:26:
df:73:32:92:65:4c:7c:49:e2:68:b2:43:9e:b1:d0:0c:94:b1:
85:b2:c5:6d:73:3a:7c:b7:e0:a5:41:ad:35:9a:a8:2d:37:d5:
8e:87:b8:15:bb:6c:07:12:44:71:9d:d5:dd:ae:d1:b1:65:f4:
19:dc:68:f9:a9:21:41:59:b0:9f:6b:d9:47:ad:7a:19:2f:10:
92:c7:8e:c0:5e:52:9f:e7:8c:18:af:d4:9d:e9:c2:b4:ce:5d:
e9:22:2a:5a:96:3f:d7:c5:5e:ba:3e:30:ae:38:ec:49:db:bd:
f9:2f:a1:ca:94:68:ed:0d:d4:80:53:ca:b5:70:db:0c:ad:51:
bb:5a:a1:6e:81:f9:1f:97:0f:82:60:f5:a0:5b:cd:b3:90:ea:
74:24:d8:22:f0:13:aa:79:b0:14:aa:9b:ea:e7:25:64:a6:96:
b4:ca:e8:69:ed:31:72:ac:40:b6:36:7b:ac:5f:a4:84:ec:ff:
4d:30:3d:c3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPUc1jUN0c3LQz+WwEE1Fe5hzgXkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDAzMTU1WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYWY5MDU0ZWQ5MDY0Nzg3MGZiMDQ3NDIwZTA2MWQ2MWIw
NjYzZjA4ZGE3ZTRmOTFiMDI0MmRkMzVlYWRhZDU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg46NaAwfTIbKnhftWfkkR27dksi9u0aHcdRngDNZIPFy7
eSiHeqvgxJi57JSmgs2ZPDnq+aMVKleeZWdFYLjYKCAZYiVJNcB1yI2g2BTd7CTF
qrwz7+gZwIDJwOax14rv427XCcOe2qkZhsS2ShxT4cgh6ypnCAxM4p9YwnsGxps/
6bkHXcUWyh101MeW/6+2ZjFhqmeqmpmFffq+MJpcf89b8MyL268BdKv6FUceZ/jz
9aEQLDgiEZD9yLvt/YLM+Pg29Mst+sht6Fm7/ZfWi/qz18qIyFPJp9aIdqoa5HHY
Yjv6/reCHUepEYIY+tchy2XzoO3RZdN1q3nP6RhJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtyAHFbvVzMvkqzgGHLTnH8C27q4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBkM2FlMGIxLWZkNjQtNDY3Ni1iOWJlLTNmMjBlZDRlMjQ4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/G8wDQYJKoZIhvcNAQELBQADggEBAHbPcTmeIvCKPfrVKx06NjWA4CgU
Ijy1rmRqnItQxuzU9lhV03m2b136JuSg4RfajngR9dz6Bi/0LpY/KoxsG5zmAEfb
/zW7Jt9zMpJlTHxJ4miyQ56x0AyUsYWyxW1zOny34KVBrTWaqC031Y6HuBW7bAcS
RHGd1d2u0bFl9BncaPmpIUFZsJ9r2UetehkvEJLHjsBeUp/njBiv1J3pwrTOXeki
KlqWP9fFXro+MK447EnbvfkvocqUaO0N1IBTyrVw2wytUbtaoW6B+R+XD4Jg9aBb
zbOQ6nQk2CLwE6p5sBSqm+rnJWSmlrTK6GntMXKsQLY2e6xfpITs/00wPcM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:50 2025 by rpki-client