Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7fef00dc-1a9a-497c-b857-792da38e532f.roa
File: 7fef00dc-1a9a-497c-b857-792da38e532f.roa (raw, json)
Hash identifier: 2KDVl/bVhEUXTrT7QKqr8V2TZnZR8RUWeOmSglG7sfc=
Subject key identifier: AE:FC:47:4D:1A:A6:28:46:DF:70:FC:65:94:53:4D:C1:03:9C:4A:34
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 5DFEC0FD720F4E4D48F55398071923C03010B2DE
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7fef00dc-1a9a-497c-b857-792da38e532f.roa
Signing time: Mon 10 Mar 2025 15:30:13 +0000
ROA not before: Mon 10 Mar 2025 15:30:13 +0000
ROA not after: Mon 14 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0f0:5500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:fe:c0:fd:72:0f:4e:4d:48:f5:53:98:07:19:23:c0:30:10:b2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Mar 10 15:30:13 2025 GMT
Not After : Apr 14 23:59:59 2025 GMT
Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cc:31:ad:d5:59:9c:65:c0:c9:0d:7f:c4:50:
92:8f:d9:92:f7:05:3b:ea:2d:ff:22:3e:63:db:9b:
87:b2:18:85:2d:97:07:98:a5:71:4b:75:ce:ec:79:
88:96:d4:8f:16:d3:77:ef:08:4a:dc:83:40:bf:2b:
a9:60:23:48:36:f0:cf:a3:ca:e0:52:51:b0:92:c7:
4e:f6:30:5b:1c:6e:b4:4d:a6:74:da:6d:f3:c8:9d:
20:e7:49:9a:25:ad:f6:50:45:01:2b:11:34:c6:34:
30:f5:1d:bf:f0:d9:12:66:b0:09:e3:2c:b9:42:41:
f9:3d:1b:d2:17:6a:1f:23:1a:d7:bc:65:8d:d9:0d:
3f:00:f0:43:c3:8e:3e:13:67:bc:8b:ed:03:68:eb:
6e:57:26:b6:25:9f:35:89:e4:28:38:7c:e8:9f:66:
59:2f:27:bb:d3:07:be:6b:e5:0d:7c:1b:da:91:0c:
b4:4a:8e:d3:5e:94:31:51:0c:ed:fb:83:bf:2c:08:
5b:5a:06:ac:86:8c:74:1f:57:a8:a7:c6:b6:d9:0e:
db:50:a8:21:06:80:f4:d4:67:48:fb:48:8c:e0:b4:
f0:3c:81:7c:c4:b9:47:c2:90:88:11:31:f8:0f:fc:
37:d4:e3:75:31:55:a0:8a:d2:4f:de:e0:db:73:b7:
1a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FC:47:4D:1A:A6:28:46:DF:70:FC:65:94:53:4D:C1:03:9C:4A:34
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7fef00dc-1a9a-497c-b857-792da38e532f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0f0:5500::/48
Signature Algorithm: sha256WithRSAEncryption
92:f6:a6:2d:e1:dc:c2:be:bc:e2:40:6f:3f:67:8f:56:f1:6c:
fd:97:3f:a5:b5:80:96:07:f4:e9:af:6f:1d:d5:1e:05:50:db:
98:cd:53:be:44:ae:2e:80:27:df:aa:6c:b8:7e:03:b5:bf:d5:
9e:a0:0b:8e:36:73:68:5f:12:c7:61:fb:61:36:ce:0e:29:73:
49:38:64:10:79:6a:1b:66:e9:7c:74:b2:b0:47:53:77:15:e2:
dc:dc:6d:25:c4:49:95:4e:54:b5:45:b7:15:40:ca:dc:70:7c:
32:31:61:35:97:0c:d3:54:d4:99:be:17:b1:18:24:96:40:7e:
21:ad:6c:de:83:55:8e:8c:4a:81:76:0d:c8:1f:3f:f0:45:b8:
c8:83:05:04:70:b7:5c:2b:3e:55:8c:7c:fe:02:5c:1d:50:f5:
a8:23:1e:82:c9:78:3f:b8:60:26:94:b9:83:62:70:b0:8e:c2:
e6:76:39:d0:77:e3:b5:ae:49:60:ae:9d:a2:ba:93:7d:a6:46:
01:d1:a2:1f:d2:32:98:09:67:fe:42:12:5e:0a:ba:fb:9d:bb:
72:69:2c:79:08:71:51:9d:60:8f:15:48:b4:1d:72:65:ab:30:
23:ac:50:06:31:dc:06:0b:a0:a3:db:bc:2e:fb:1c:48:3b:c6:
e8:12:70:64
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXf7A/XIPTk1I9VOYBxkjwDAQst4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzEwMTUzMDEzWhcNMjUwNDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzgxZjhjMWQzNmU4YmNmNjJhNmRiZTFlMjcwNTlkODBi
OWI2OTM0YmNmODgyOGUxZTA1ZTk5YmIxMGMzNDY5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBzDGt1VmcZcDJDX/EUJKP2ZL3BTvqLf8iPmPbm4eyGIUt
lweYpXFLdc7seYiW1I8W03fvCErcg0C/K6lgI0g28M+jyuBSUbCSx072MFscbrRN
pnTabfPInSDnSZolrfZQRQErETTGNDD1Hb/w2RJmsAnjLLlCQfk9G9IXah8jGte8
ZY3ZDT8A8EPDjj4TZ7yL7QNo625XJrYlnzWJ5Cg4fOifZlkvJ7vTB75r5Q18G9qR
DLRKjtNelDFRDO37g78sCFtaBqyGjHQfV6inxrbZDttQqCEGgPTUZ0j7SIzgtPA8
gXzEuUfCkIgRMfgP/DfU43UxVaCK0k/e4NtztxrLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUrvxHTRqmKEbfcPxllFNNwQOcSjQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzdmZWYwMGRjLTFhOWEtNDk3Yy1iODU3LTc5MmRhMzhlNTMyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVQAwDQYJKoZIhvcNAQELBQADggEBAJL2pi3h3MK+vOJAbz9nj1bx
bP2XP6W1gJYH9Omvbx3VHgVQ25jNU75Eri6AJ9+qbLh+A7W/1Z6gC442c2hfEsdh
+2E2zg4pc0k4ZBB5ahtm6Xx0srBHU3cV4tzcbSXESZVOVLVFtxVAytxwfDIxYTWX
DNNU1Jm+F7EYJJZAfiGtbN6DVY6MSoF2DcgfP/BFuMiDBQRwt1wrPlWMfP4CXB1Q
9agjHoLJeD+4YCaUuYNicLCOwuZ2OdB347WuSWCunaK6k32mRgHRoh/SMpgJZ/5C
El4Kuvudu3JpLHkIcVGdYI8VSLQdcmWrMCOsUAYx3AYLoKPbvC77HEg7xugScGQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:45 2025 by rpki-client