Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1de6f4f3-5860-4ac4-ae85-b3680e2b30c3.roa
File: 1de6f4f3-5860-4ac4-ae85-b3680e2b30c3.roa (raw, json)
Hash identifier: PsZgZjhwaxl4vCDApeimdSfiTiF3ZH5WjVAqi53Bq2g=
Subject key identifier: 04:85:EF:82:75:4B:1F:9B:58:97:CD:48:AC:A3:A7:E0:1A:4E:2E:E7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3755B3716F351756E3FB0F32CEB1F17F55898A4C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1de6f4f3-5860-4ac4-ae85-b3680e2b30c3.roa
Signing time: Fri 07 Mar 2025 00:02:25 +0000
ROA not before: Fri 07 Mar 2025 00:02:25 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.89.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:55:b3:71:6f:35:17:56:e3:fb:0f:32:ce:b1:f1:7f:55:89:8a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 7 00:02:25 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2a:8a:cb:0d:b7:dc:8b:a7:52:56:19:3b:f4:
74:7d:11:5d:45:05:70:d7:22:3f:ac:36:46:1f:46:
6a:f4:b3:94:e3:a8:e3:f8:5d:1c:c8:9e:5a:fd:c2:
65:87:b7:77:ab:de:e2:66:b8:04:68:d7:dd:f7:24:
c1:6c:5c:69:67:88:b2:0b:c4:7a:10:83:54:e4:d8:
12:63:3b:ee:96:2b:45:c1:16:75:31:1e:7a:77:c3:
11:60:ca:2b:2f:6b:53:44:b3:97:6b:5f:a4:c8:23:
8b:9a:53:08:44:8b:bf:c6:5e:87:f3:55:d0:e4:ad:
74:63:e8:3c:7f:c6:99:7b:43:e7:c4:f3:e3:a6:45:
89:bd:18:9c:fc:a0:0c:f1:05:ca:65:50:02:bf:8e:
f9:11:4d:27:8d:7c:04:01:23:9c:f0:35:56:4e:58:
71:c6:23:9c:3b:3d:a9:fd:2c:c1:b2:9a:4b:c0:63:
ae:44:8a:e2:87:13:65:2d:9a:9e:35:2f:e1:84:27:
9c:ed:c7:91:87:0b:9b:7c:87:b7:07:33:30:1a:27:
d3:8a:4c:07:6d:0b:75:d1:32:cf:14:8d:34:a3:fc:
24:88:83:63:ae:b0:bb:df:c2:e8:47:74:cf:22:81:
e7:2a:85:15:25:f8:f6:dc:8f:9b:c0:79:7b:1f:20:
a1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:85:EF:82:75:4B:1F:9B:58:97:CD:48:AC:A3:A7:E0:1A:4E:2E:E7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1de6f4f3-5860-4ac4-ae85-b3680e2b30c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.89.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:f2:ba:ad:e5:1e:0e:e3:81:74:91:fa:fc:16:c3:6e:90:b7:
d0:cc:14:9b:23:02:99:73:ff:32:e8:53:e3:a4:1b:af:c4:18:
0d:58:78:fd:11:44:b0:2a:8a:83:59:ac:40:cc:f1:21:df:14:
93:d5:44:cd:3d:a1:62:49:18:f7:32:e6:ab:13:f5:e2:24:f2:
a4:86:25:e9:a5:35:f1:c0:95:51:fe:6a:d5:be:e6:19:2e:23:
b4:d4:28:07:69:02:a3:19:10:48:fe:2e:3f:6e:73:40:2b:98:
1a:42:5b:20:a3:ff:27:c0:fb:4d:3c:25:cb:82:f0:0d:65:76:
94:f2:9d:33:f1:90:af:49:66:15:fe:0e:71:00:a1:75:f0:7c:
ba:02:7b:12:cb:e8:bc:b9:b6:13:f0:be:2c:16:e0:ca:8e:de:
6b:76:a3:33:f5:e3:75:f6:48:c5:d4:a4:9c:2a:30:31:bf:dd:
6e:19:31:2d:0b:84:55:ce:d5:c3:01:19:8e:34:91:08:d2:32:
04:23:20:b0:62:02:fc:42:73:ce:b3:03:7d:69:ad:70:b6:55:
e5:df:81:50:0e:c4:80:21:c8:23:e3:15:11:5c:49:20:07:5c:
44:94:df:dd:45:6c:e3:aa:54:89:cb:ba:fb:3a:34:59:18:6b:
e4:b8:cb:2a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUN1WzcW81F1bj+w8yzrHxf1WJikwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA3MDAwMjI1WhcNMjUwNDExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMzA2OTExMTdhYzI5YzQ0M2Q0NDU3OGQwNTMyNWNkODkx
NTEyZmM5ZjMzNzQxNjJjMWYwNTdiNTcxMDhlOTA1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoKorLDbfci6dSVhk79HR9EV1FBXDXIj+sNkYfRmr0s5Tj
qOP4XRzInlr9wmWHt3er3uJmuARo1933JMFsXGlniLILxHoQg1Tk2BJjO+6WK0XB
FnUxHnp3wxFgyisva1NEs5drX6TII4uaUwhEi7/GXofzVdDkrXRj6Dx/xpl7Q+fE
8+OmRYm9GJz8oAzxBcplUAK/jvkRTSeNfAQBI5zwNVZOWHHGI5w7Pan9LMGymkvA
Y65EiuKHE2Utmp41L+GEJ5ztx5GHC5t8h7cHMzAaJ9OKTAdtC3XRMs8UjTSj/CSI
g2OusLvfwuhHdM8igecqhRUl+Pbcj5vAeXsfIKHdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBIXvgnVLH5tYl81IrKOn4BpOLucwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFkZTZmNGYzLTU4NjAtNGFjNC1hZTg1LWIzNjgwZTJiMzBjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQWTANBgkqhkiG9w0BAQsFAAOCAQEAUvK6reUeDuOBdJH6/BbDbpC30MwU
myMCmXP/MuhT46Qbr8QYDVh4/RFEsCqKg1msQMzxId8Uk9VEzT2hYkkY9zLmqxP1
4iTypIYl6aU18cCVUf5q1b7mGS4jtNQoB2kCoxkQSP4uP25zQCuYGkJbIKP/J8D7
TTwly4LwDWV2lPKdM/GQr0lmFf4OcQChdfB8ugJ7EsvovLm2E/C+LBbgyo7ea3aj
M/XjdfZIxdSknCowMb/dbhkxLQuEVc7VwwEZjjSRCNIyBCMgsGIC/EJzzrMDfWmt
cLZV5d+BUA7EgCHII+MVEVxJIAdcRJTf3UVs46pUicu6+zo0WRhr5LjLKg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:25 2025 by rpki-client