Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c05140f-8629-4f8c-8a1c-6daa9d77eb3b.roa
File: 2c05140f-8629-4f8c-8a1c-6daa9d77eb3b.roa (raw, json)
Hash identifier: zdYPAjfAwv0NCZwjXUo1WNYTYujY2GZarZN6iRJAb3M=
Subject key identifier: B1:7E:C2:42:4B:9E:1E:03:1B:CC:11:E1:A8:E5:5E:D7:A6:F9:7D:CD
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5DA009599711E51A836CA9702D29BAB5DCCE83B6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c05140f-8629-4f8c-8a1c-6daa9d77eb3b.roa
Signing time: Fri 28 Mar 2025 17:11:53 +0000
ROA not before: Fri 28 Mar 2025 17:11:53 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f1b:4000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:a0:09:59:97:11:e5:1a:83:6c:a9:70:2d:29:ba:b5:dc:ce:83:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 28 17:11:53 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c4:60:0c:0e:f5:3e:42:9c:b6:74:f4:83:28:
27:ed:58:7a:bb:4a:ea:f2:f3:58:76:20:71:d4:21:
43:f5:c2:26:ed:39:e4:36:5b:fb:78:dd:9a:02:fc:
3c:bf:08:37:5c:cf:18:5f:c9:54:be:8d:c0:8f:9e:
c5:34:71:7e:71:3f:c1:b3:44:e0:13:fd:7a:b8:2f:
a3:3c:66:39:48:48:d4:aa:0f:d6:fc:42:4a:21:aa:
b4:56:cd:b3:4b:1c:66:5c:b7:7f:0e:92:23:32:52:
f4:18:10:d5:97:74:b3:a0:4f:e6:bc:d0:e6:46:cc:
6c:96:62:ea:93:61:d1:99:7a:e2:5e:2e:d8:2b:bf:
4b:26:6d:1e:fb:a8:78:f5:5d:33:aa:fe:44:7a:c5:
29:40:03:07:2b:44:e6:17:0d:00:33:c4:47:c8:01:
85:3d:69:8f:e0:4f:ac:a9:14:34:69:a2:96:85:b5:
b9:30:fa:c6:cb:ea:1c:3f:6b:e3:8e:99:22:74:a8:
4f:64:ab:04:40:07:e3:3c:52:36:5a:45:05:6b:d9:
d5:05:17:e2:df:69:0b:90:8c:05:14:d9:17:e6:b1:
72:67:b9:63:9b:2c:d2:33:7f:15:60:3f:95:33:7e:
13:b1:1c:db:59:00:a3:ae:64:89:30:20:45:ac:e8:
3b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7E:C2:42:4B:9E:1E:03:1B:CC:11:E1:A8:E5:5E:D7:A6:F9:7D:CD
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c05140f-8629-4f8c-8a1c-6daa9d77eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f1b:4000::/36
Signature Algorithm: sha256WithRSAEncryption
53:c7:25:81:e7:88:f9:a0:5c:3e:91:f9:08:cb:e3:55:ed:d6:
51:4d:0c:7c:77:94:de:76:35:f4:a6:e9:c7:7e:e0:de:ae:93:
d7:6a:c9:9b:3e:4d:d4:22:db:d9:94:25:1a:5f:0c:6f:a0:69:
64:c8:2d:f5:64:a9:14:75:5e:a4:92:54:4c:20:66:be:f1:9b:
d9:36:ac:12:f4:f7:f4:d0:bf:a6:75:cf:84:a5:33:a1:bf:fe:
d6:98:3c:f1:73:9f:f7:3b:b2:e7:c5:3d:9b:d5:8a:c5:78:85:
38:e2:6f:0b:ed:e1:dd:c5:f9:03:fe:0a:ec:41:af:58:50:55:
bf:a8:c2:b4:03:45:5f:16:2b:45:2d:a8:72:44:d0:60:c9:12:
64:af:9d:f8:33:18:29:cc:87:df:04:09:aa:03:61:c9:be:89:
4f:32:5f:a2:7b:32:fc:2c:37:b9:63:ec:b6:2b:2f:88:22:be:
fd:82:78:3b:76:46:d4:31:08:ff:f2:22:b0:41:0c:e8:aa:2a:
58:ae:7c:61:af:ad:3c:72:50:f8:e9:21:b8:35:37:80:71:1f:
11:28:36:b6:87:77:58:ce:f5:85:22:d7:51:03:bb:51:d6:94:
68:f8:b0:f7:e7:ac:4f:a4:b2:4b:6b:8f:50:a5:21:cb:50:55:
88:6d:8d:35
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXaAJWZcR5RqDbKlwLSm6tdzOg7YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTcxMTUzWhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhYmYxM2RjNTUyZWRhYjU1MWE0NTM1YWYxODdkNDVkMWQw
ZDIxZGFjOWY5NWFmNjk1OGZhZGI5NTQ2OTljNWFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnxGAMDvU+Qpy2dPSDKCftWHq7Sury81h2IHHUIUP1wibt
OeQ2W/t43ZoC/Dy/CDdczxhfyVS+jcCPnsU0cX5xP8GzROAT/Xq4L6M8ZjlISNSq
D9b8QkohqrRWzbNLHGZct38OkiMyUvQYENWXdLOgT+a80OZGzGyWYuqTYdGZeuJe
Ltgrv0smbR77qHj1XTOq/kR6xSlAAwcrROYXDQAzxEfIAYU9aY/gT6ypFDRpopaF
tbkw+sbL6hw/a+OOmSJ0qE9kqwRAB+M8UjZaRQVr2dUFF+LfaQuQjAUU2RfmsXJn
uWObLNIzfxVgP5UzfhOxHNtZAKOuZIkwIEWs6Dv5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUsX7CQkueHgMbzBHhqOVe16b5fc0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJjMDUxNDBmLTg2MjktNGY4Yy04YTFjLTZkYWE5ZDc3ZWIzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8bQDANBgkqhkiG9w0BAQsFAAOCAQEAU8clgeeI+aBcPpH5CMvjVe3W
UU0MfHeU3nY19Kbpx37g3q6T12rJmz5N1CLb2ZQlGl8Mb6BpZMgt9WSpFHVepJJU
TCBmvvGb2TasEvT39NC/pnXPhKUzob/+1pg88XOf9zuy58U9m9WKxXiFOOJvC+3h
3cX5A/4K7EGvWFBVv6jCtANFXxYrRS2ockTQYMkSZK+d+DMYKcyH3wQJqgNhyb6J
TzJfonsy/Cw3uWPstisviCK+/YJ4O3ZG1DEI//IisEEM6KoqWK58Ya+tPHJQ+Okh
uDU3gHEfESg2tod3WM71hSLXUQO7UdaUaPiw9+esT6SyS2uPUKUhy1BViG2NNQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:23:41 2025 by rpki-client