Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25d50afe-b916-421e-9463-8d89c5b90996.roa
File: 25d50afe-b916-421e-9463-8d89c5b90996.roa (raw, json)
Hash identifier: 8nOL4pL3o8ve1ulhK14a+5EOjuW42Co7mjh6pibBDWg=
Subject key identifier: FD:59:7A:B3:96:61:F3:E8:26:7B:67:65:DE:EB:83:C8:3C:99:10:AC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 13277C5C50BB43E12F7E89F543831AFBD6901448
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25d50afe-b916-421e-9463-8d89c5b90996.roa
Signing time: Tue 04 Mar 2025 17:30:25 +0000
ROA not before: Tue 04 Mar 2025 17:30:25 +0000
ROA not after: Tue 08 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 65.2.14.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:27:7c:5c:50:bb:43:e1:2f:7e:89:f5:43:83:1a:fb:d6:90:14:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 4 17:30:25 2025 GMT
Not After : Apr 8 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:17:c7:3c:e2:80:b7:ce:cc:a0:ac:8e:96:37:
89:82:dc:7e:89:3f:11:85:7a:c8:a5:59:b4:89:35:
51:ab:e6:54:59:00:82:80:12:9a:c9:aa:29:8f:ca:
6f:75:ac:c2:1c:f5:01:d5:58:42:13:6f:80:28:89:
21:18:16:ef:7a:f7:82:e0:04:fb:2c:ba:3e:d4:3a:
14:a1:38:76:e5:7e:9b:6d:6f:38:ca:52:be:74:02:
f3:1b:d1:f0:f5:98:ae:1d:5e:0a:bc:20:08:55:0a:
0c:61:2b:d9:e2:cc:08:a4:8c:f5:98:ca:d2:18:b8:
26:3f:ee:23:89:09:90:ff:12:98:9b:54:b2:be:10:
f5:2e:0b:9e:04:75:e0:87:c5:fc:21:a5:cd:58:b8:
c5:52:b5:7f:b1:99:df:78:6f:16:18:4c:8d:29:8d:
1e:f0:ef:bc:e2:8c:9f:5c:41:61:65:23:1f:2b:d1:
73:04:69:b6:d9:6b:07:97:1b:8c:e0:ca:0c:44:d0:
f8:01:a7:f4:7a:fb:5d:69:d9:2d:64:4e:17:a8:9e:
73:27:c7:55:91:3e:98:10:4d:5f:46:91:65:44:1a:
d6:ee:92:7f:be:59:80:c5:0c:db:0f:e6:f5:a4:65:
c9:d1:d2:85:6d:ab:09:bb:cd:81:6a:d2:36:32:9d:
e9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:59:7A:B3:96:61:F3:E8:26:7B:67:65:DE:EB:83:C8:3C:99:10:AC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25d50afe-b916-421e-9463-8d89c5b90996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.2.14.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:44:c0:e4:03:3f:e3:b4:1f:a0:d0:35:31:da:fc:40:8e:fb:
91:b5:f6:bd:1e:09:f3:6e:e7:ba:ed:9a:7b:f5:e4:b4:31:64:
ff:51:04:84:f0:37:f0:a3:1c:c2:cc:97:ad:10:e9:fa:39:54:
6b:a7:c8:5d:63:5c:76:56:dd:98:2b:44:63:ed:92:06:9b:3a:
95:56:c4:6b:79:8b:86:07:7a:e3:b4:9c:c9:f6:8f:f9:fa:1b:
fc:8c:85:92:36:3a:b7:99:ed:0c:96:e7:5c:46:8e:56:4f:34:
2a:c6:93:1f:a4:c3:40:b2:d2:8e:e2:b2:95:e3:eb:9d:59:3c:
2e:a9:6d:76:06:52:3b:3d:04:5d:42:d9:73:be:6c:28:8f:d8:
79:83:27:bf:b7:3e:a3:8a:0e:5e:2b:47:eb:87:67:f7:f4:02:
23:0a:7b:93:cc:9f:01:3c:4d:d4:a8:54:19:6f:5d:c9:32:a0:
92:00:04:14:2e:1c:21:93:fd:46:67:55:7f:c3:74:2a:44:34:
ae:2a:24:8c:66:64:70:f0:e6:31:10:6b:91:69:11:0e:b0:c3:
60:29:ff:1f:0a:a0:a0:2d:e2:72:39:bc:4a:20:e7:e7:2b:73:
31:a4:00:ce:6d:0e:a9:01:87:d0:af:63:7d:b3:7b:5c:32:c7:
29:48:c5:ab
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEyd8XFC7Q+Evfon1Q4Ma+9aQFEgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA0MTczMDI1WhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYzVkZGI1ZjBmNTA3ZjJiODUwMGNiMzU0YWJlOTNhMjkz
Yzk1N2M5Y2Y4MDNmZGIzZGY2MjYyNDAzNjI4M2U3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzF8c84oC3zsygrI6WN4mC3H6JPxGFesilWbSJNVGr5lRZ
AIKAEprJqimPym91rMIc9QHVWEITb4AoiSEYFu9694LgBPssuj7UOhShOHblfptt
bzjKUr50AvMb0fD1mK4dXgq8IAhVCgxhK9nizAikjPWYytIYuCY/7iOJCZD/Epib
VLK+EPUuC54EdeCHxfwhpc1YuMVStX+xmd94bxYYTI0pjR7w77zijJ9cQWFlIx8r
0XMEabbZaweXG4zgygxE0PgBp/R6+11p2S1kTheonnMnx1WRPpgQTV9GkWVEGtbu
kn++WYDFDNsP5vWkZcnR0oVtqwm7zYFq0jYynemfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/Vl6s5Zh8+gme2dl3uuDyDyZEKwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI1ZDUwYWZlLWI5MTYtNDIxZS05NDYzLThkODljNWI5MDk5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFBAg4wDQYJKoZIhvcNAQELBQADggEBAKJEwOQDP+O0H6DQNTHa/ECO+5G1
9r0eCfNu57rtmnv15LQxZP9RBITwN/CjHMLMl60Q6fo5VGunyF1jXHZW3ZgrRGPt
kgabOpVWxGt5i4YHeuO0nMn2j/n6G/yMhZI2OreZ7QyW51xGjlZPNCrGkx+kw0Cy
0o7ispXj651ZPC6pbXYGUjs9BF1C2XO+bCiP2HmDJ7+3PqOKDl4rR+uHZ/f0AiMK
e5PMnwE8TdSoVBlvXckyoJIABBQuHCGT/UZnVX/DdCpENK4qJIxmZHDw5jEQa5Fp
EQ6ww2Ap/x8KoKAt4nI5vEog5+crczGkAM5tDqkBh9CvY32ze1wyxylIxas=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:28:48 2025 by rpki-client