Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d7dbf7-e4ac-4069-b055-f84a863c4316.roa
File: 82d7dbf7-e4ac-4069-b055-f84a863c4316.roa (raw, json)
Hash identifier: N3RVttgVygI7hWW8eRjoi8NSHLzLIeqsLtJqORGh3/g=
Subject key identifier: DD:3E:3D:0F:09:8A:F7:72:6B:4E:C2:B7:4E:CE:7D:93:43:94:27:46
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 757597C601F7D5E1313DCF1367B95E92C6C66857
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d7dbf7-e4ac-4069-b055-f84a863c4316.roa
Signing time: Fri 14 Mar 2025 00:41:21 +0000
ROA not before: Fri 14 Mar 2025 00:41:21 +0000
ROA not after: Fri 18 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 64.41.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:75:97:c6:01:f7:d5:e1:31:3d:cf:13:67:b9:5e:92:c6:c6:68:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 14 00:41:21 2025 GMT
Not After : Apr 18 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:95:8c:e9:f4:16:27:bf:49:50:49:c0:78:35:
c7:ce:02:00:90:ad:2e:c9:cc:e1:1d:01:1d:3c:50:
c8:eb:cb:d9:a2:58:30:10:51:1b:8c:23:9a:e7:e3:
c3:48:59:a9:10:2f:63:e1:39:ca:d0:17:52:d6:1f:
51:cc:29:ad:ad:10:4a:c5:99:e9:be:10:1a:5f:86:
87:72:29:31:8b:eb:c5:1f:f6:4d:c9:58:9c:d8:8a:
e7:a6:15:86:e3:42:ff:ec:b8:5e:79:04:88:5a:d6:
2d:04:0b:32:ad:2e:81:40:4a:a1:6d:32:48:37:7f:
9c:a0:15:5a:93:4d:86:e6:a3:34:59:d6:53:fd:72:
7f:e2:db:8b:97:a2:19:7e:3f:0e:78:37:49:a2:3b:
94:65:58:31:c7:0f:ca:fb:8c:ed:a6:81:bb:1d:0f:
67:99:3b:e1:8d:74:71:0e:ef:fe:93:82:d9:14:81:
d7:f8:0a:d7:99:53:d7:f5:f9:9d:be:ec:52:2c:3c:
d8:eb:81:c0:0b:25:a2:54:18:f0:40:f1:3c:7f:1b:
1c:30:fb:8d:87:77:02:67:6f:9a:e6:8e:ab:fc:62:
e6:b2:02:53:70:98:0b:f6:3b:b0:de:99:30:10:4a:
56:d6:21:76:da:a3:12:1e:d9:a7:39:e7:10:91:54:
bf:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3E:3D:0F:09:8A:F7:72:6B:4E:C2:B7:4E:CE:7D:93:43:94:27:46
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d7dbf7-e4ac-4069-b055-f84a863c4316.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.41.0.0/18
Signature Algorithm: sha256WithRSAEncryption
49:fb:fc:3c:e2:ab:df:6a:44:62:2c:de:b7:bb:cb:a1:bf:c5:
e4:53:e9:de:61:f3:d4:54:06:c9:58:8a:b3:44:64:dc:0f:34:
9c:5f:4f:75:64:fa:c2:f7:fe:e4:2c:27:2f:93:62:a4:a4:b7:
8f:1e:a9:5a:13:da:e2:33:38:29:b6:c9:a5:c2:a1:54:7e:d7:
0a:5b:d4:28:f5:17:27:f2:8e:ec:e4:7d:9c:9f:4d:5c:8a:0b:
1e:41:4b:bd:39:2e:14:29:4f:3b:79:ca:98:05:83:16:ad:2c:
e1:fa:4e:8c:c2:2a:b7:09:11:77:20:05:45:d5:14:77:25:07:
1e:da:a6:7d:99:d6:bb:af:d4:4d:b9:a3:e5:4b:ea:27:ea:ae:
4e:04:c7:95:6e:2b:74:5c:e9:a1:b5:4f:ac:25:e1:5c:bb:68:
64:dd:03:17:59:b0:df:05:4a:28:08:4e:5c:a6:a6:60:9b:82:
34:c5:31:07:77:90:5f:80:d3:61:8a:9e:c3:ee:12:73:8c:f9:
0d:63:77:a2:48:6b:22:32:f7:06:e1:02:03:c5:64:d2:f6:49:
de:e6:e7:0c:14:4b:a8:61:27:5f:08:6f:46:68:74:3f:a8:db:
cf:34:7e:03:93:2b:8d:30:f6:e0:ee:9e:4a:a9:60:1b:b9:59:
e7:9e:be:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdXWXxgH31eExPc8TZ7leksbGaFcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE0MDA0MTIxWhcNMjUwNDE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMjgxNTUyYzk2YWY0NmI2ZTEyODE3NmEzZjVlYzg2YWJi
MDViZDQ5ZmY4MTdhOThiOWIwNmY3NTYyNjA1MGEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD3lYzp9BYnv0lQScB4NcfOAgCQrS7JzOEdAR08UMjry9mi
WDAQURuMI5rn48NIWakQL2PhOcrQF1LWH1HMKa2tEErFmem+EBpfhodyKTGL68Uf
9k3JWJzYiuemFYbjQv/suF55BIha1i0ECzKtLoFASqFtMkg3f5ygFVqTTYbmozRZ
1lP9cn/i24uXohl+Pw54N0miO5RlWDHHD8r7jO2mgbsdD2eZO+GNdHEO7/6TgtkU
gdf4CteZU9f1+Z2+7FIsPNjrgcALJaJUGPBA8Tx/Gxww+42HdwJnb5rmjqv8Yuay
AlNwmAv2O7DemTAQSlbWIXbaoxIe2ac55xCRVL8dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3T49DwmK93JrTsK3Ts59k0OUJ0YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyZDdkYmY3LWU0YWMtNDA2OS1iMDU1LWY4NGE4NjNjNDMxNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZAKQAwDQYJKoZIhvcNAQELBQADggEBAEn7/Dziq99qRGIs3re7y6G/xeRT
6d5h89RUBslYirNEZNwPNJxfT3Vk+sL3/uQsJy+TYqSkt48eqVoT2uIzOCm2yaXC
oVR+1wpb1Cj1FyfyjuzkfZyfTVyKCx5BS705LhQpTzt5ypgFgxatLOH6TozCKrcJ
EXcgBUXVFHclBx7apn2Z1ruv1E25o+VL6ifqrk4Ex5VuK3Rc6aG1T6wl4Vy7aGTd
AxdZsN8FSigITlympmCbgjTFMQd3kF+A02GKnsPuEnOM+Q1jd6JIayIy9wbhAgPF
ZNL2Sd7m5wwUS6hhJ18Ib0ZodD+o2880fgOTK40w9uDunkqpYBu5Weeevj4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:22:40 2025 by rpki-client