Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa
File: d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa (raw, json)
Hash identifier: 1VWgyTmk1PS8XygETDFrpaEcjCo5dqFxw1vd6il02xA=
Subject key identifier: A1:7D:8C:7B:B3:B1:80:CA:CC:46:C8:EB:AD:E4:AC:01:FC:9C:2E:AC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2016D71C8B82440A2A858D768C008890573AEBDB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa
Signing time: Sat 15 Mar 2025 00:01:58 +0000
ROA not before: Sat 15 Mar 2025 00:01:58 +0000
ROA not after: Sat 19 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 163.158.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:16:d7:1c:8b:82:44:0a:2a:85:8d:76:8c:00:88:90:57:3a:eb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 15 00:01:58 2025 GMT
Not After : Apr 19 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:0a:7a:a5:67:fb:86:cb:83:3e:f7:7b:b2:
a5:68:c5:a5:b0:3f:a8:21:0b:ab:b3:7b:43:91:1e:
54:9d:d7:02:07:0c:65:5c:2e:a5:9e:99:09:0e:bc:
a2:88:ce:03:b2:00:ae:fb:21:03:7a:dd:f7:a2:41:
20:ff:cc:57:1f:a4:e1:68:4d:a3:ff:18:3d:1b:f5:
33:ac:a3:4b:65:e1:2b:f6:8c:74:e4:37:c9:da:a9:
04:73:ff:60:89:b1:25:0f:e5:a8:da:36:a0:0d:e4:
e2:28:0c:e3:a4:e6:78:13:95:68:e5:e9:83:9c:88:
5c:5b:6d:a9:49:81:30:0b:a6:7c:4a:49:14:14:ed:
75:30:57:11:9a:4d:43:12:2b:fd:ad:8b:bc:fd:2a:
b8:f8:6c:bd:b8:c0:be:6e:7c:e9:8f:71:23:39:cb:
46:ec:09:18:41:0f:44:65:59:e1:f5:a2:c1:96:01:
88:ed:85:2e:9f:b4:f9:c5:03:a7:57:f6:fa:b3:d6:
2b:46:93:ee:5a:68:be:b7:e2:e1:e0:91:75:38:48:
19:fc:56:80:d8:c6:07:27:1f:f0:fe:b8:c6:d3:bf:
31:23:ed:a5:eb:41:ce:4c:43:68:38:c6:94:4e:8f:
04:6a:7d:33:e0:83:87:10:ce:70:cb:55:e5:80:d7:
aa:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7D:8C:7B:B3:B1:80:CA:CC:46:C8:EB:AD:E4:AC:01:FC:9C:2E:AC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.158.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:d5:86:60:c6:4c:59:d4:f5:98:f8:20:67:b8:98:3c:a7:b7:
e7:ce:27:8c:c1:5a:c6:13:f1:e3:cd:4b:28:40:12:05:6d:d3:
8c:d8:19:ad:6c:7b:d0:3e:8a:9a:02:23:74:bf:51:45:7f:1c:
38:0a:d1:0c:79:7a:57:73:9e:fe:41:c3:56:6e:af:d3:6c:8f:
37:83:b5:d8:d8:50:37:b7:c5:8d:49:25:c3:6a:ce:1b:47:9b:
d0:5e:97:e4:0b:a5:d1:37:c1:21:e9:39:95:31:38:97:91:ed:
4c:91:e0:d5:72:82:0f:67:9d:be:e7:70:7a:46:da:4b:48:47:
7e:a7:2f:23:31:53:a9:aa:c7:c0:d8:7e:df:68:9c:5f:10:93:
59:f5:a6:9a:84:25:17:07:53:b0:d3:54:ac:1e:c3:2c:b7:46:
82:ae:1a:ae:5b:42:f9:df:fc:8d:ea:13:ec:f9:66:4c:4b:16:
12:bb:50:b1:ea:74:63:b8:a5:75:5b:c4:c2:df:b6:92:fe:ef:
89:b9:cd:5a:0a:ff:4c:bc:73:0e:8c:be:7c:8d:4e:09:13:1c:
85:68:19:92:db:b3:16:ec:90:1c:6e:b3:cc:b8:26:51:9e:a1:
b8:70:43:5d:b9:e5:f1:07:49:59:b0:39:a8:ac:4f:86:f3:e3:
0c:14:a8:35
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIBbXHIuCRAoqhY12jACIkFc669swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDAwMTU4WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTUyZTYzNzlhNTllMDU5NjM4MTlmYjE3NWViZTI2OGIy
MWZkZWU3MGU0NjJmYzMxZWU4MGZhMjQ0NDUyZjkwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt1gp6pWf7hsuDPvd7sqVoxaWwP6ghC6uze0ORHlSd1wIH
DGVcLqWemQkOvKKIzgOyAK77IQN63feiQSD/zFcfpOFoTaP/GD0b9TOso0tl4Sv2
jHTkN8naqQRz/2CJsSUP5ajaNqAN5OIoDOOk5ngTlWjl6YOciFxbbalJgTALpnxK
SRQU7XUwVxGaTUMSK/2ti7z9Krj4bL24wL5ufOmPcSM5y0bsCRhBD0RlWeH1osGW
AYjthS6ftPnFA6dX9vqz1itGk+5aaL634uHgkXU4SBn8VoDYxgcnH/D+uMbTvzEj
7aXrQc5MQ2g4xpROjwRqfTPgg4cQznDLVeWA16q/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoX2Me7OxgMrMRsjrreSsAfycLqwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QzZmM1ODcxLWExNTktNGMzYi04NGZmLWVmNTFmZjAwODBmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCjnjANBgkqhkiG9w0BAQsFAAOCAQEALdWGYMZMWdT1mPggZ7iYPKe3584n
jMFaxhPx481LKEASBW3TjNgZrWx70D6KmgIjdL9RRX8cOArRDHl6V3Oe/kHDVm6v
02yPN4O12NhQN7fFjUklw2rOG0eb0F6X5Aul0TfBIek5lTE4l5HtTJHg1XKCD2ed
vudwekbaS0hHfqcvIzFTqarHwNh+32icXxCTWfWmmoQlFwdTsNNUrB7DLLdGgq4a
rltC+d/8jeoT7PlmTEsWErtQsep0Y7ildVvEwt+2kv7vibnNWgr/TLxzDoy+fI1O
CRMchWgZktuzFuyQHG6zzLgmUZ6huHBDXbnl8QdJWbA5qKxPhvPjDBSoNQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:51:24 2025 by rpki-client