Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa
File: 8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa (raw, json)
Hash identifier: r9XNHdkAeesG2x2pkHU5+p/wYrQ03fopOvjIVzbhTpU=
Subject key identifier: 65:CE:EA:F5:2D:34:27:35:2A:D8:48:5A:21:C0:46:D9:99:35:1E:EE
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 30F198C54E29760D8D43C4EE75F13E79EA08B337
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa
Signing time: Sat 08 Mar 2025 00:10:25 +0000
ROA not before: Sat 08 Mar 2025 00:10:25 +0000
ROA not after: Sat 12 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.69.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:f1:98:c5:4e:29:76:0d:8d:43:c4:ee:75:f1:3e:79:ea:08:b3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 8 00:10:25 2025 GMT
Not After : Apr 12 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cd:71:cc:a2:98:f5:5f:27:27:75:20:d0:1b:
7e:dd:8d:04:2a:42:67:a7:7d:88:b8:04:9d:e7:e7:
86:82:a5:0a:72:cb:2e:3b:76:b3:5a:9f:16:0f:13:
a9:ae:8f:a3:69:04:be:4c:f2:71:0c:ba:01:df:81:
5f:40:bc:ab:3a:27:61:0e:4f:8a:6f:42:1c:1e:2f:
41:c9:cc:d6:35:13:c8:0b:19:ed:7a:64:be:32:56:
1e:23:e5:99:a9:e0:ae:0b:a8:11:d1:a8:a1:15:59:
92:5e:1d:c5:e2:cd:2c:0b:06:c9:dd:69:d2:8b:66:
fe:f5:3a:89:32:dd:91:d9:b0:8b:23:82:9a:eb:00:
34:26:b9:89:42:b0:48:84:2e:b4:c6:84:85:a2:5b:
a6:e3:98:ae:f9:e4:a3:72:5f:32:4d:72:0c:c9:fc:
ea:21:c0:ef:57:48:f4:d7:13:16:59:cb:48:5f:26:
fd:1b:8b:d4:7b:fd:99:1f:87:ed:19:54:35:07:ee:
99:74:75:f5:c4:bf:eb:aa:e0:16:ce:4f:0f:e7:63:
ea:05:7e:51:0f:3c:8a:c5:7e:8a:8b:f5:7a:74:c9:
18:30:48:66:66:37:e9:18:5a:e6:88:b0:f7:11:41:
de:7a:ed:1b:9a:aa:12:61:da:a8:a7:b2:a5:4b:8a:
d4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CE:EA:F5:2D:34:27:35:2A:D8:48:5A:21:C0:46:D9:99:35:1E:EE
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9489e8-8ade-4ce9-a7f5-9def391102e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:28:c1:51:17:b2:7e:62:9d:9f:dd:af:d6:17:3c:e6:6d:c3:
9e:3a:71:ae:dc:20:8c:f9:f9:cc:88:09:a1:00:81:89:36:28:
c2:ff:83:56:68:53:dd:0b:8a:7e:a4:6d:d0:29:77:9e:af:fc:
2c:5e:58:a2:fd:0e:5a:a7:7b:b6:1d:bf:00:91:56:5f:b6:6b:
e7:aa:6e:88:3c:d2:cd:f3:62:6e:36:37:2e:ea:19:dc:1f:49:
9d:f6:f6:63:55:d6:c2:8b:8c:76:e4:98:4d:e8:c8:f2:2f:45:
55:10:c3:a7:3d:9f:20:fd:30:ac:b5:9c:d2:83:90:b2:ef:51:
7a:c5:c3:94:ba:c1:73:5e:fd:8e:11:e9:3e:20:9e:03:3c:2a:
27:60:8a:0a:a9:2f:2f:d1:0f:53:13:34:24:8d:77:94:ee:6d:
18:63:ce:39:b2:19:95:08:7c:b2:47:36:da:6e:75:54:15:85:
f2:36:9b:f9:f7:e9:ea:81:5e:d9:a8:8a:f7:cf:46:39:4a:57:
ab:9c:a0:7e:63:e2:b8:8d:5f:2c:44:a3:f3:5d:7b:c3:ca:78:
a6:9a:31:fc:2a:5b:fc:8a:a5:ef:65:f0:8b:07:12:82:21:2f:
fc:59:19:e4:89:82:a5:7d:25:3f:c4:ac:c1:79:31:8f:b2:71:
ed:b1:e9:bd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMPGYxU4pdg2NQ8TudfE+eeoIszcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA4MDAxMDI1WhcNMjUwNDEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjNiMTgzYjBhODBiZjY3OTJjZGE2MDEwZGUzMjM0YWM2
YTM2YjhmYTRiZTQzNDgxMDRmMGJmNzllNDI0NGFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVzXHMopj1XycndSDQG37djQQqQmenfYi4BJ3n54aCpQpy
yy47drNanxYPE6muj6NpBL5M8nEMugHfgV9AvKs6J2EOT4pvQhweL0HJzNY1E8gL
Ge16ZL4yVh4j5Zmp4K4LqBHRqKEVWZJeHcXizSwLBsndadKLZv71Ooky3ZHZsIsj
gprrADQmuYlCsEiELrTGhIWiW6bjmK755KNyXzJNcgzJ/OohwO9XSPTXExZZy0hf
Jv0bi9R7/Zkfh+0ZVDUH7pl0dfXEv+uq4BbOTw/nY+oFflEPPIrFfoqL9Xp0yRgw
SGZmN+kYWuaIsPcRQd567RuaqhJh2qinsqVLitRFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZc7q9S00JzUq2EhaIcBG2Zk1Hu4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhOTQ4OWU4LThhZGUtNGNlOS1hN2Y1LTlkZWYzOTExMDJlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQRTANBgkqhkiG9w0BAQsFAAOCAQEAYCjBUReyfmKdn92v1hc85m3Dnjpx
rtwgjPn5zIgJoQCBiTYowv+DVmhT3QuKfqRt0Cl3nq/8LF5Yov0OWqd7th2/AJFW
X7Zr56puiDzSzfNibjY3LuoZ3B9Jnfb2Y1XWwouMduSYTejI8i9FVRDDpz2fIP0w
rLWc0oOQsu9ResXDlLrBc179jhHpPiCeAzwqJ2CKCqkvL9EPUxM0JI13lO5tGGPO
ObIZlQh8skc22m51VBWF8jab+ffp6oFe2aiK989GOUpXq5ygfmPiuI1fLESj8117
w8p4ppox/Cpb/Iql72XwiwcSgiEv/FkZ5ImCpX0lP8SswXkxj7Jx7bHpvQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:16:53 2025 by rpki-client