Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa
File: af93e150-9469-47eb-8185-3ff03d87db06.roa (raw, json)
Hash identifier: NfJ58jkp+c4mrFaVTM/mSMuTaJ884RcX6scnQFNfNHw=
Subject key identifier: 8E:06:F4:92:9E:C9:91:AF:A9:4D:07:16:F5:64:69:44:3A:A6:74:C2
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 17D6CAF948F3AE32234187F38C21291EF64811B5
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa
Signing time: Tue 11 Mar 2025 00:10:16 +0000
ROA not before: Tue 11 Mar 2025 00:10:16 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0fb:f000::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d6:ca:f9:48:f3:ae:32:23:41:87:f3:8c:21:29:1e:f6:48:11:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Mar 11 00:10:16 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c3:b6:47:8e:e3:b4:8a:ed:cf:30:e9:4a:12:
85:64:d0:ea:87:ab:c5:64:2d:de:1f:7f:89:c4:22:
0c:a2:06:88:02:00:52:73:da:6a:40:44:d2:09:42:
e7:ab:82:a3:3f:38:34:16:72:c0:16:ea:6d:4c:45:
24:0a:74:2b:f5:43:10:66:1f:db:fb:61:8f:ab:84:
9c:8e:2a:1c:29:2d:0d:80:55:3d:b6:84:3c:c0:7c:
33:5f:5e:21:b2:64:e6:a9:37:89:38:28:2d:ff:b7:
f3:47:92:a9:e0:d9:88:14:fa:b1:1e:0e:d2:4e:38:
1f:b9:38:60:82:f1:be:1e:e4:57:20:0a:95:44:06:
9a:cd:14:fd:89:c2:05:76:09:d2:8a:d7:f7:0e:3f:
f6:36:69:93:b6:a5:86:68:c8:5b:ec:34:74:7b:89:
ab:23:0e:7d:f7:58:0e:ac:20:35:f2:ab:15:10:ab:
26:47:7a:a2:81:4c:1b:34:66:00:35:78:05:ab:b9:
2f:47:eb:3c:b8:73:56:75:ef:9a:ac:44:0f:d8:6b:
42:d2:aa:ec:91:f3:a8:8d:dd:5e:7a:89:cc:ed:18:
27:02:81:a8:1c:da:16:14:0a:87:93:18:a8:84:d8:
78:36:e7:0c:9a:71:de:ce:b8:86:6e:3f:ba:ee:53:
18:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:06:F4:92:9E:C9:91:AF:A9:4D:07:16:F5:64:69:44:3A:A6:74:C2
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0fb:f000::/44
Signature Algorithm: sha256WithRSAEncryption
99:90:2d:64:ed:7d:63:88:91:b3:e9:98:d4:bc:b5:df:72:ed:
e6:e4:5d:55:66:97:71:48:7f:fc:d1:f6:c1:c8:77:aa:27:a6:
bf:fa:b8:ee:c2:ea:14:6d:b6:d6:20:1e:1f:56:cf:8d:62:82:
72:48:fa:3c:9f:5b:d5:84:aa:b9:cc:0d:9f:fd:ae:ae:04:6d:
5f:89:da:1d:a1:30:01:ca:02:8f:b3:1b:69:b3:b9:45:73:59:
02:fe:64:ff:c0:ee:a4:23:74:69:24:0f:a6:0f:ea:20:6d:96:
f5:6e:72:c2:e4:39:c3:c8:f7:fd:ee:46:c5:1e:d9:b0:ee:ca:
0d:19:a8:cf:b8:2c:c4:c8:e5:c9:55:b9:e5:82:f8:e2:3c:11:
cd:1d:2a:bd:07:85:ee:0d:a1:f1:4f:7a:60:8f:2b:ef:c8:02:
70:3b:46:4b:63:ac:d1:df:aa:b1:03:81:79:c1:6f:f2:b7:f0:
a9:3b:fa:89:5e:90:24:36:36:6d:f1:db:17:92:cf:f0:53:98:
9a:56:13:ca:3d:9f:ef:8b:66:3b:51:46:23:5a:70:e4:d1:32:
01:a5:f3:fa:f9:e9:fe:57:2f:aa:32:09:16:60:ad:94:0a:f4:
0a:58:4d:e9:5e:5b:21:35:33:47:7c:55:f2:2a:13:71:48:56:
20:eb:a4:b8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUF9bK+UjzrjIjQYfzjCEpHvZIEbUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzExMDAxMDE2WhcNMjUwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YWJhNDAyODRiZDc3YzZjNTViODA5MzliMGYwZTI3Yjlm
NzQxYWEzNGY4NTYwMWQ5MTRiY2JhNzAwMTFkZmQ0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYw7ZHjuO0iu3PMOlKEoVk0OqHq8VkLd4ff4nEIgyiBogC
AFJz2mpARNIJQuergqM/ODQWcsAW6m1MRSQKdCv1QxBmH9v7YY+rhJyOKhwpLQ2A
VT22hDzAfDNfXiGyZOapN4k4KC3/t/NHkqng2YgU+rEeDtJOOB+5OGCC8b4e5Fcg
CpVEBprNFP2JwgV2CdKK1/cOP/Y2aZO2pYZoyFvsNHR7iasjDn33WA6sIDXyqxUQ
qyZHeqKBTBs0ZgA1eAWruS9H6zy4c1Z175qsRA/Ya0LSquyR86iN3V56icztGCcC
gagc2hYUCoeTGKiE2Hg25wyacd7OuIZuP7ruUxg/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUjgb0kp7Jka+pTQcW9WRpRDqmdMIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2FmOTNlMTUwLTk0NjktNDdlYi04MTg1LTNmZjAzZDg3ZGIwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPD78AAwDQYJKoZIhvcNAQELBQADggEBAJmQLWTtfWOIkbPpmNS8td9y
7ebkXVVml3FIf/zR9sHId6onpr/6uO7C6hRtttYgHh9Wz41ignJI+jyfW9WEqrnM
DZ/9rq4EbV+J2h2hMAHKAo+zG2mzuUVzWQL+ZP/A7qQjdGkkD6YP6iBtlvVucsLk
OcPI9/3uRsUe2bDuyg0ZqM+4LMTI5clVueWC+OI8Ec0dKr0Hhe4NofFPemCPK+/I
AnA7RktjrNHfqrEDgXnBb/K38Kk7+olekCQ2Nm3x2xeSz/BTmJpWE8o9n++LZjtR
RiNacOTRMgGl8/r56f5XL6oyCRZgrZQK9ApYTeleWyE1M0d8VfIqE3FIViDrpLg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:25 2025 by rpki-client