Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d7d7bb9c-b844-4163-bf3e-90a82199e871.roa
File: d7d7bb9c-b844-4163-bf3e-90a82199e871.roa (raw, json)
Hash identifier: utUjxFiw9duSTine/MnK/NRwwKiO7y4SSJpelVCqjW8=
Subject key identifier: 44:14:A3:6A:C1:6A:4B:A0:3E:08:8B:16:E8:AE:87:22:81:FE:5E:50
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5A6EF8099810A597D7187AFDFD9587FF4225093C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d7d7bb9c-b844-4163-bf3e-90a82199e871.roa
Signing time: Mon 24 Mar 2025 15:40:12 +0000
ROA not before: Mon 24 Mar 2025 15:40:12 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 216.198.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:6e:f8:09:98:10:a5:97:d7:18:7a:fd:fd:95:87:ff:42:25:09:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 24 15:40:12 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:9c:b2:63:98:66:ea:65:4b:dd:12:8b:53:
d8:3d:2f:4e:73:26:9a:fb:da:9d:25:15:cb:96:60:
9e:87:db:1c:f2:0d:ff:03:c1:f5:2d:79:55:57:7d:
70:99:07:35:bf:3c:c2:72:e7:70:1d:33:cd:58:a5:
7e:e9:fc:2a:1f:75:a2:00:db:c3:a0:97:f9:b4:d8:
a9:ea:90:87:e3:5f:4c:cd:ed:6f:f0:be:6f:1a:d3:
fa:a4:6c:13:1b:d3:a5:0c:6f:4e:45:67:01:c2:0d:
25:5d:95:21:ea:64:3c:5c:f1:cc:2d:45:bd:82:0e:
cc:3e:da:d4:c2:da:2c:30:62:0d:7b:e6:05:37:ff:
52:6f:ee:7d:e3:a3:81:82:15:f4:bf:8c:51:1b:82:
d1:84:a8:d0:b4:f8:cf:6e:f6:f4:21:52:45:45:33:
7f:e9:f0:f6:3f:f3:31:52:b7:0c:11:83:5d:ba:0b:
fb:f0:6d:96:74:6c:34:71:bf:7c:8e:b1:63:3a:7a:
4c:db:3b:0a:bf:eb:02:cb:3f:fd:1d:a8:02:b9:e3:
d0:8a:93:f9:4b:ac:f3:6c:2b:06:a4:a7:95:03:21:
e1:ec:5b:af:05:d5:2a:e7:ab:51:0f:84:b5:68:64:
d4:2e:9c:3a:b3:87:d2:16:73:08:ce:23:b8:f5:c4:
4e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:14:A3:6A:C1:6A:4B:A0:3E:08:8B:16:E8:AE:87:22:81:FE:5E:50
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d7d7bb9c-b844-4163-bf3e-90a82199e871.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.198.91.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:a2:ce:8d:dc:2c:76:07:fd:85:6f:46:c5:dd:9d:fc:58:66:
40:95:b3:06:bd:18:83:9a:4d:c2:81:f1:69:75:64:22:35:30:
09:cd:20:44:d5:a3:0b:01:30:e6:fb:9d:bc:cc:a4:e0:4a:fd:
6c:36:5a:69:67:36:87:92:8a:ca:7b:7a:24:30:fa:69:16:5f:
c9:af:32:e0:96:3f:aa:08:eb:22:69:4e:fa:1a:06:99:93:d9:
ce:58:62:fa:df:2c:ee:5a:d6:e1:e9:f6:8a:e3:82:6b:df:90:
cb:e8:ee:85:06:e6:1b:a7:6d:d7:91:75:ad:93:0e:7a:0d:b8:
7a:9f:34:22:f2:73:82:92:c6:78:f2:2c:c3:7a:fc:75:7c:9b:
34:65:a1:df:50:78:39:a3:be:23:fa:9e:bc:42:9a:1c:da:05:
96:9b:5a:61:79:fd:e5:e3:9a:95:b9:a0:cd:d0:f7:3f:0c:84:
66:76:e3:87:40:3f:f1:1b:76:e6:07:f5:a9:36:bd:d1:27:ce:
65:74:63:15:68:b7:b7:46:47:ef:0b:f2:d1:6b:0b:8d:da:f7:
e5:2b:96:22:7e:34:88:ce:e0:87:57:75:75:35:de:fb:e2:99:
8f:9d:fb:dd:d8:f3:1d:0e:cf:5b:c3:07:e5:09:ba:d8:c0:f1:
71:6b:48:9f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWm74CZgQpZfXGHr9/ZWH/0IlCTwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTU0MDEyWhcNMjUwNDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMWU0YjNjMGJmMjBlZTg1YWY3MDkyODkyMTc3MzA1MTNh
NTYwMmM0MDU3NjZjMTAyMWJkNTU2OGVhZjllMzdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXtZyyY5hm6mVL3RKLU9g9L05zJpr72p0lFcuWYJ6H2xzy
Df8DwfUteVVXfXCZBzW/PMJy53AdM81YpX7p/CofdaIA28Ogl/m02KnqkIfjX0zN
7W/wvm8a0/qkbBMb06UMb05FZwHCDSVdlSHqZDxc8cwtRb2CDsw+2tTC2iwwYg17
5gU3/1Jv7n3jo4GCFfS/jFEbgtGEqNC0+M9u9vQhUkVFM3/p8PY/8zFStwwRg126
C/vwbZZ0bDRxv3yOsWM6ekzbOwq/6wLLP/0dqAK549CKk/lLrPNsKwakp5UDIeHs
W68F1Srnq1EPhLVoZNQunDqzh9IWcwjOI7j1xE4HAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURBSjasFqS6A+CIsW6K6HIoH+XlAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q3ZDdiYjljLWI4NDQtNDE2My1iZjNlLTkwYTgyMTk5ZTg3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADYxlswDQYJKoZIhvcNAQELBQADggEBAMKizo3cLHYH/YVvRsXdnfxYZkCV
swa9GIOaTcKB8Wl1ZCI1MAnNIETVowsBMOb7nbzMpOBK/Ww2WmlnNoeSisp7eiQw
+mkWX8mvMuCWP6oI6yJpTvoaBpmT2c5YYvrfLO5a1uHp9orjgmvfkMvo7oUG5hun
bdeRda2TDnoNuHqfNCLyc4KSxnjyLMN6/HV8mzRlod9QeDmjviP6nrxCmhzaBZab
WmF5/eXjmpW5oM3Q9z8MhGZ244dAP/EbduYH9ak2vdEnzmV0YxVot7dGR+8L8tFr
C43a9+UrliJ+NIjO4IdXdXU13vvimY+d+93Y8x0Oz1vDB+UJutjA8XFrSJ8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:30 2025 by rpki-client