Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d41ff51-e213-454b-bf01-4829839d9568.roa
File: 6d41ff51-e213-454b-bf01-4829839d9568.roa (raw, json)
Hash identifier: BtvIEeXVNnHc9z+l9jzSnx8l8tYtM1kh3orwCl1qu/s=
Subject key identifier: 8F:30:DB:07:0C:C4:E0:DA:B3:EE:ED:4D:B2:E6:7B:56:CC:11:4E:2E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 66CAE9EABDB30FB2D46614BE39BAE252B94D4A1C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d41ff51-e213-454b-bf01-4829839d9568.roa
Signing time: Fri 28 Mar 2025 16:41:08 +0000
ROA not before: Fri 28 Mar 2025 16:41:08 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f1c:c00::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:ca:e9:ea:bd:b3:0f:b2:d4:66:14:be:39:ba:e2:52:b9:4d:4a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 28 16:41:08 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3e:ca:2c:f8:94:2f:2f:2c:13:2a:5c:d7:51:
a7:a4:0c:91:3a:ff:30:9f:af:66:fd:ab:49:4a:91:
ee:51:66:a9:76:57:b3:5e:5d:a9:13:bd:72:2b:c3:
88:7e:11:09:b6:57:0b:3b:df:91:22:ad:dc:ba:82:
aa:3d:76:c6:5a:6d:88:82:2c:04:44:86:44:33:a6:
9f:96:3e:f9:2c:4a:38:c9:f1:2a:e0:e3:1c:d2:82:
b6:33:25:06:1f:0f:d2:18:82:96:f4:8c:eb:ed:3c:
eb:02:c8:56:78:f8:ab:80:f1:cb:58:2c:d9:d8:ce:
b1:75:ff:b7:68:ed:db:f1:4a:8a:ec:72:91:31:e7:
49:ac:22:b7:17:3d:78:7f:c4:ba:11:93:98:46:c5:
bb:1a:4f:d1:ba:b1:da:33:45:87:cf:e4:00:d2:70:
44:d2:03:44:52:dc:22:18:a9:77:26:6c:69:4b:ff:
ac:45:b1:8a:7e:51:61:5f:7a:50:6c:ca:fa:32:55:
bc:af:0c:16:42:0e:4c:2d:83:89:e6:b5:2d:52:79:
31:df:eb:3f:e0:5b:2e:a2:ff:17:dd:0e:52:7e:1b:
3f:2a:8f:bb:ae:d4:14:0e:bb:4b:26:6b:4b:66:e1:
47:a4:ba:cd:1f:e2:90:2e:82:31:b8:2b:c3:69:60:
1b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:30:DB:07:0C:C4:E0:DA:B3:EE:ED:4D:B2:E6:7B:56:CC:11:4E:2E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d41ff51-e213-454b-bf01-4829839d9568.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f1c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
3b:87:c0:ec:2f:ec:57:27:09:b0:6b:24:99:f2:21:b9:61:aa:
d2:d0:84:7c:e9:33:e2:83:f5:c4:bb:82:e7:cf:0a:bd:0e:58:
c0:a3:95:3b:64:bd:30:6d:35:20:24:6b:02:d9:e4:5e:57:25:
42:88:f5:4f:84:33:c3:f2:ae:b5:2c:c4:bc:f4:e2:fc:d5:0e:
a2:ca:3a:0e:40:b5:0e:10:28:e7:18:53:05:b2:3a:78:ae:52:
bd:b8:0a:33:73:f1:ea:cb:67:4f:d0:dd:1e:ee:a2:4b:d1:7b:
2c:ab:a0:44:76:4c:be:ba:07:97:c9:a0:e9:af:5a:fd:77:43:
b1:22:d3:af:b1:e2:0f:e4:63:ea:31:e5:da:e9:b9:3c:fc:66:
d3:b0:d9:68:2a:70:dc:c1:2f:4c:33:e7:0b:f0:e1:65:96:a8:
2d:cf:e5:20:d0:83:14:11:62:b1:81:b0:a8:5e:1a:24:4e:19:
ca:d8:09:9f:56:82:ca:05:88:2a:8e:4a:54:e7:19:48:b4:cc:
cc:45:4e:0a:a8:07:85:02:e6:97:80:90:24:16:d5:d0:bb:e0:
8d:4d:cd:6c:34:58:16:25:af:5a:49:69:45:ef:d2:ab:ed:68:
90:50:b8:6a:5c:ce:2c:17:72:cf:80:86:e8:7b:9c:ae:1f:d1:
87:f3:90:2c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZsrp6r2zD7LUZhS+ObriUrlNShwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTY0MTA4WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxN2Y1ZWRhYTU1NDFjNjA4YTliYzE5MGFmYWQ4MjI1NjMw
ZGI1YzhiZWJjZTk0YjgxYWVmZGJiMzAzM2M5ODRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4Psos+JQvLywTKlzXUaekDJE6/zCfr2b9q0lKke5RZql2
V7NeXakTvXIrw4h+EQm2Vws735Eirdy6gqo9dsZabYiCLAREhkQzpp+WPvksSjjJ
8Srg4xzSgrYzJQYfD9IYgpb0jOvtPOsCyFZ4+KuA8ctYLNnYzrF1/7do7dvxSors
cpEx50msIrcXPXh/xLoRk5hGxbsaT9G6sdozRYfP5ADScETSA0RS3CIYqXcmbGlL
/6xFsYp+UWFfelBsyvoyVbyvDBZCDkwtg4nmtS1SeTHf6z/gWy6i/xfdDlJ+Gz8q
j7uu1BQOu0sma0tm4Uekus0f4pAugjG4K8NpYBuxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUjzDbBwzE4Nqz7u1NsuZ7VswRTi4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZkNDFmZjUxLWUyMTMtNDU0Yi1iZjAxLTQ4Mjk4MzlkOTU2OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8cDDANBgkqhkiG9w0BAQsFAAOCAQEAO4fA7C/sVycJsGskmfIhuWGq
0tCEfOkz4oP1xLuC588KvQ5YwKOVO2S9MG01ICRrAtnkXlclQoj1T4Qzw/KutSzE
vPTi/NUOoso6DkC1DhAo5xhTBbI6eK5SvbgKM3Px6stnT9DdHu6iS9F7LKugRHZM
vroHl8mg6a9a/XdDsSLTr7HiD+Rj6jHl2um5PPxm07DZaCpw3MEvTDPnC/DhZZao
Lc/lINCDFBFisYGwqF4aJE4ZytgJn1aCygWIKo5KVOcZSLTMzEVOCqgHhQLml4CQ
JBbV0LvgjU3NbDRYFiWvWklpRe/Sq+1okFC4alzOLBdyz4CG6Hucrh/Rh/OQLA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:46 2025 by rpki-client