Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f87a9816-c748-4bfb-9e42-8d7c00a32f35.roa
File: f87a9816-c748-4bfb-9e42-8d7c00a32f35.roa (raw, json)
Hash identifier: fpb8K37jmGNSDoIj9pbYHAIrNZ+CD+4TpSmB/wY68uk=
Subject key identifier: E6:C3:E1:A2:BC:07:47:6B:DA:40:47:0D:01:DC:B1:41:64:F6:06:42
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0C9FF88BF680E112F77A1920F4ECF60B2A2248B1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f87a9816-c748-4bfb-9e42-8d7c00a32f35.roa
Signing time: Fri 07 Mar 2025 00:10:51 +0000
ROA not before: Fri 07 Mar 2025 00:10:51 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.34.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:9f:f8:8b:f6:80:e1:12:f7:7a:19:20:f4:ec:f6:0b:2a:22:48:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 7 00:10:51 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ab:97:34:a4:0d:cc:1a:5c:ee:df:63:57:42:
ef:f6:21:9a:58:e2:12:ad:fd:4c:a4:4e:c7:a0:3b:
eb:97:54:48:a1:d4:42:23:8c:f9:6e:51:61:46:3d:
ed:10:b8:4c:de:2d:8e:f7:d4:6d:1e:b5:11:7f:3c:
6a:ff:bc:7c:53:48:4b:2c:4a:8a:fc:ac:b8:43:9d:
13:1d:b5:98:02:e0:da:44:0c:b7:f7:b9:6b:e1:ca:
1b:ee:b3:a2:58:55:eb:60:cf:dc:51:5a:65:ea:12:
0e:b0:72:61:de:2a:de:35:ad:9c:1e:01:96:6a:69:
32:31:e6:3d:07:7d:7b:3b:3a:52:2c:c0:a1:0c:33:
f7:4f:1a:4f:13:90:eb:1d:99:fa:6a:a4:d3:0b:2b:
0a:38:38:66:14:13:3e:cf:b4:f8:31:7a:14:58:c2:
3d:c1:9d:06:3d:f9:d0:88:d6:eb:ae:1b:bd:d6:67:
8e:c1:48:fc:91:88:9d:4b:f8:b2:14:79:89:c3:c8:
ed:6d:b0:37:e4:68:83:da:56:87:f9:18:cd:96:6d:
25:fd:38:8b:d6:ed:90:a4:17:f7:db:cd:fe:14:87:
8f:a7:f7:1b:7d:cf:21:96:95:99:0f:95:27:98:e9:
52:ff:df:aa:51:10:98:37:ce:41:f2:e8:08:04:08:
d0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C3:E1:A2:BC:07:47:6B:DA:40:47:0D:01:DC:B1:41:64:F6:06:42
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f87a9816-c748-4bfb-9e42-8d7c00a32f35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.34.96.0/19
Signature Algorithm: sha256WithRSAEncryption
25:70:ea:bc:b5:ba:52:4f:c8:4c:2a:e3:21:07:19:bc:04:d7:
25:f0:3e:75:ff:0d:e8:10:ef:0d:fa:7c:db:1b:cd:38:59:7f:
eb:eb:25:33:10:b0:8e:99:51:ba:7b:dd:8c:61:e5:19:f4:b8:
7c:7a:c7:2f:10:c3:be:f4:05:ce:3c:a6:7d:6b:ba:1f:a7:7b:
f5:ef:d8:1f:a7:c9:81:5d:09:52:e6:2d:a9:68:4f:d6:89:fc:
7b:5e:68:b7:af:d0:bf:82:e9:9e:7b:3e:0d:42:19:0d:8e:b5:
22:43:ca:54:e3:15:1a:f1:6f:41:f1:04:af:7e:0b:77:7b:2d:
99:a5:91:d3:58:81:57:28:ad:a7:3d:17:6f:b3:ef:fd:cd:06:
92:20:2f:bd:53:f9:e9:a4:64:98:ee:d6:d8:fd:3b:93:61:2d:
e2:4d:d5:86:e3:10:51:43:07:1d:52:08:23:21:0f:94:d2:83:
13:73:2f:3f:e5:f2:2a:e1:64:af:24:50:1d:82:48:e8:a2:78:
da:3d:45:23:6c:00:08:76:06:2b:55:40:c2:d1:d5:61:e2:72:
84:f3:1a:5f:a5:4a:28:54:a8:eb:55:db:eb:e5:2a:58:43:97:
ad:58:59:f1:8f:6d:74:3a:24:1c:9d:0d:d3:6a:e6:d7:e0:8d:
88:b9:31:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDJ/4i/aA4RL3ehkg9Oz2CyoiSLEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA3MDAxMDUxWhcNMjUwNDExMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZDk3NjcyMWEwYWE2NTYxNTk1ZjY3MGExYmY3MWM4MWY4
YzhlNzkzYzFkZjBhYzdiNjQ1NTE1NGJjYmY4MDgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGq5c0pA3MGlzu32NXQu/2IZpY4hKt/UykTsegO+uXVEih
1EIjjPluUWFGPe0QuEzeLY731G0etRF/PGr/vHxTSEssSor8rLhDnRMdtZgC4NpE
DLf3uWvhyhvus6JYVetgz9xRWmXqEg6wcmHeKt41rZweAZZqaTIx5j0HfXs7OlIs
wKEMM/dPGk8TkOsdmfpqpNMLKwo4OGYUEz7PtPgxehRYwj3BnQY9+dCI1uuuG73W
Z47BSPyRiJ1L+LIUeYnDyO1tsDfkaIPaVof5GM2WbSX9OIvW7ZCkF/fbzf4Uh4+n
9xt9zyGWlZkPlSeY6VL/36pREJg3zkHy6AgECNAFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5sPhorwHR2vaQEcNAdyxQWT2BkIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y4N2E5ODE2LWM3NDgtNGJmYi05ZTQyLThkN2MwMGEzMmYzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUjImAwDQYJKoZIhvcNAQELBQADggEBACVw6ry1ulJPyEwq4yEHGbwE1yXw
PnX/DegQ7w36fNsbzThZf+vrJTMQsI6ZUbp73Yxh5Rn0uHx6xy8Qw770Bc48pn1r
uh+ne/Xv2B+nyYFdCVLmLaloT9aJ/HteaLev0L+C6Z57Pg1CGQ2OtSJDylTjFRrx
b0HxBK9+C3d7LZmlkdNYgVcorac9F2+z7/3NBpIgL71T+emkZJju1tj9O5NhLeJN
1YbjEFFDBx1SCCMhD5TSgxNzLz/l8irhZK8kUB2CSOiieNo9RSNsAAh2BitVQMLR
1WHicoTzGl+lSihUqOtV2+vlKlhDl61YWfGPbXQ6JBydDdNq5tfgjYi5MX4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:17:42 2025 by rpki-client