Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/d904f993-5ca9-4bad-8c47-2d2c6ef58b2e.roa
File: d904f993-5ca9-4bad-8c47-2d2c6ef58b2e.roa (raw, json)
Hash identifier: wSPME//XMiImVtOqlOg8+nxZysYTG4/FrFojrNL6Vwc=
Subject key identifier: B4:75:7E:81:5A:FF:F3:33:A5:E4:92:0C:C4:A5:C2:ED:28:2E:5A:52
Certificate issuer: /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial: 2C4A1598ACB31414F83DAF289473FDE6AAB67F6A
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/d904f993-5ca9-4bad-8c47-2d2c6ef58b2e.roa
Signing time: Sat 22 Mar 2025 00:10:11 +0000
ROA not before: Sat 22 Mar 2025 00:10:11 +0000
ROA not after: Sat 26 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2606:f40::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:4a:15:98:ac:b3:14:14:f8:3d:af:28:94:73:fd:e6:aa:b6:7f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Validity
Not Before: Mar 22 00:10:11 2025 GMT
Not After : Apr 26 23:59:59 2025 GMT
Subject: CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:65:30:e4:7d:f8:94:ab:57:4c:73:40:f8:b0:
68:84:72:d1:87:fe:0c:fb:ee:64:06:ee:88:06:2c:
fa:4d:13:5b:d4:dd:07:ff:2b:fb:ca:86:48:77:9b:
76:c7:ff:00:86:05:47:3b:36:cb:07:41:92:5a:2c:
72:7f:d4:19:b0:64:e8:6b:ce:a5:65:cd:a1:58:c0:
50:9e:ea:f8:9f:70:65:e0:a9:e9:8d:22:4f:74:f2:
92:c7:c3:7a:a1:63:f9:5d:e3:5b:69:c4:57:4c:5e:
cc:a3:f7:26:e9:88:ee:4f:68:f7:43:93:bd:50:29:
fb:32:03:f3:9f:fc:7b:f3:12:ca:bb:27:dc:b7:ef:
d0:24:8d:64:d0:82:d6:c2:e4:34:ff:c8:a0:f4:cf:
14:3c:bc:d0:c0:17:2e:a0:10:b6:28:c5:b9:a1:76:
70:76:26:68:47:4b:f4:f2:27:eb:4e:0a:3e:2a:39:
f5:9b:f5:d5:97:0b:0c:bb:18:e4:e7:ce:ec:d9:88:
13:4f:ce:10:c3:c9:3e:69:13:72:fc:61:d9:ab:59:
99:ed:9f:0e:c0:c5:3c:4c:8e:c0:b7:01:ba:24:b4:
34:4c:d1:93:4c:98:50:c7:37:69:5d:1c:55:b0:5a:
38:4a:2b:14:f2:9c:d8:e7:59:7e:8e:17:f6:a9:1b:
f3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:75:7E:81:5A:FF:F3:33:A5:E4:92:0C:C4:A5:C2:ED:28:2E:5A:52
X509v3 Authority Key Identifier:
keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/d904f993-5ca9-4bad-8c47-2d2c6ef58b2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2606:f40::/39
Signature Algorithm: sha256WithRSAEncryption
65:d2:3a:5a:88:4a:65:aa:1b:c6:5f:07:5d:5a:c9:48:93:07:
7b:3d:15:15:da:bf:e2:bc:2c:fc:93:6c:6d:5d:c0:62:9b:e4:
95:51:ce:8b:41:55:bf:71:dd:78:da:11:59:a1:6e:ee:af:4f:
72:b7:0a:44:27:91:06:c8:fc:54:fd:3b:5f:91:ef:79:99:c0:
ca:32:eb:23:75:c8:9c:d6:c0:11:37:36:5d:03:bd:83:e9:f8:
e6:7a:8e:78:3e:ba:4d:d3:7a:74:58:92:6d:cb:f0:14:9f:0d:
59:6f:50:39:f9:4f:ba:64:f1:27:39:b2:1f:83:22:9f:e3:69:
94:02:c5:b1:5b:a8:b4:bd:2a:f5:2e:c4:59:39:b0:e9:3a:e7:
ec:21:b5:93:96:6f:57:a6:1d:52:6d:df:f2:2e:41:2b:04:a4:
13:1a:85:7a:32:1c:39:0c:19:81:e6:87:37:8f:b6:05:c8:2a:
42:07:79:a9:34:b9:63:d0:33:17:9e:51:9f:b0:e2:0c:94:d6:
e5:a5:89:a2:e6:59:49:31:03:a9:a8:54:2d:b3:63:30:7f:48:
a9:13:fe:e4:6f:82:6b:f0:0b:60:cd:4a:c4:0b:cf:af:0a:55:
c1:d7:de:55:d2:63:31:77:cd:f1:bf:8b:9b:57:0f:d3:9b:78:
47:8c:62:b0
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULEoVmKyzFBT4Pa8olHP95qq2f2owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwMzIyMDAxMDExWhcNMjUwNDI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNWIxMGM2YjZiNzgzMTIyZGFkNTIwNzVhYWI0OWIyYjc4
ZjI2ZDA1NWE5MDc1YzU0YWNmZjA2MDkwNTU5YWI5MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSZTDkffiUq1dMc0D4sGiEctGH/gz77mQG7ogGLPpNE1vU
3Qf/K/vKhkh3m3bH/wCGBUc7NssHQZJaLHJ/1BmwZOhrzqVlzaFYwFCe6vifcGXg
qemNIk908pLHw3qhY/ld41tpxFdMXsyj9ybpiO5PaPdDk71QKfsyA/Of/HvzEsq7
J9y379AkjWTQgtbC5DT/yKD0zxQ8vNDAFy6gELYoxbmhdnB2JmhHS/TyJ+tOCj4q
OfWb9dWXCwy7GOTnzuzZiBNPzhDDyT5pE3L8YdmrWZntnw7AxTxMjsC3AboktDRM
0ZNMmFDHN2ldHFWwWjhKKxTynNjnWX6OF/apG/NVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUtHV+gVr/8zOl5JIMxKXC7SguWlIwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjL2Q5MDRmOTkzLTVjYTktNGJhZC04YzQ3LTJkMmM2ZWY1OGIyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AADANBgkqhkiG9w0BAQsFAAOCAQEAZdI6WohKZaobxl8HXVrJSJMH
ez0VFdq/4rws/JNsbV3AYpvklVHOi0FVv3HdeNoRWaFu7q9PcrcKRCeRBsj8VP07
X5HveZnAyjLrI3XInNbAETc2XQO9g+n45nqOeD66TdN6dFiSbcvwFJ8NWW9QOflP
umTxJzmyH4Min+NplALFsVuotL0q9S7EWTmw6Trn7CG1k5ZvV6YdUm3f8i5BKwSk
ExqFejIcOQwZgeaHN4+2BcgqQgd5qTS5Y9AzF55Rn7DiDJTW5aWJouZZSTEDqahU
LbNjMH9IqRP+5G+Ca/ALYM1KxAvPrwpVwdfeVdJjMXfN8b+Lm1cP05t4R4xisA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:21:16 2025 by rpki-client