Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/d9e0f0b1-d6d1-422d-a664-0486c785db4d.roa
File: d9e0f0b1-d6d1-422d-a664-0486c785db4d.roa (raw, json)
Hash identifier: dY0NgUveTuWmYC0W/qmkia8khEAV0ElPYRHKpfDYUzE=
Subject key identifier: 6F:77:EE:24:DF:04:DF:D0:66:B2:67:20:AD:2B:FC:CD:E8:BD:E8:28
Certificate issuer: /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial: 07A8AE2AA358FFA38188EB3E5A58E11FB5FC71B9
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/d9e0f0b1-d6d1-422d-a664-0486c785db4d.roa
Signing time: Tue 11 Mar 2025 19:22:12 +0000
ROA not before: Tue 11 Mar 2025 19:22:12 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 21664
IP address blocks: 2605:9cc0:3b4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:a8:ae:2a:a3:58:ff:a3:81:88:eb:3e:5a:58:e1:1f:b5:fc:71:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Validity
Not Before: Mar 11 19:22:12 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:73:02:a8:f1:03:56:73:84:83:96:b1:e2:40:
5d:ec:41:45:50:09:7b:54:e4:03:c9:c8:e6:d6:15:
08:de:2d:af:37:bf:a4:8e:fd:86:bb:d1:f3:b0:36:
8b:a0:88:e5:4b:35:50:71:9c:67:4f:a4:59:1a:1e:
ed:cd:08:f2:65:65:92:70:95:53:7a:db:82:2d:29:
ca:5c:fd:6b:7e:6a:e5:38:e5:0d:7a:90:26:95:67:
fa:88:1b:8b:d3:20:0c:4a:ed:39:0d:9a:be:e9:07:
e3:35:c2:78:58:44:99:58:df:90:2a:4a:35:9c:aa:
9c:70:73:1d:59:14:ce:3d:a2:01:f6:86:79:b5:03:
f5:69:20:1b:6c:38:d2:2c:8d:25:19:fc:2f:86:4d:
1a:47:b5:7a:f6:9a:15:41:3a:73:0c:25:86:07:a9:
09:c7:43:b9:e5:59:ac:15:b0:34:e8:50:8d:82:e0:
56:ba:3c:4d:80:37:61:d5:9e:a6:27:cf:44:c1:97:
28:4d:20:d5:1e:9f:3b:91:b7:5c:fa:cd:9c:7d:92:
62:f3:08:e8:2d:b9:71:b4:fa:72:dd:44:97:59:a3:
27:75:44:d6:2d:86:6c:36:b1:99:41:74:0e:99:f5:
a0:e8:57:38:11:75:33:c1:f2:7d:50:00:65:e7:43:
e1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:77:EE:24:DF:04:DF:D0:66:B2:67:20:AD:2B:FC:CD:E8:BD:E8:28
X509v3 Authority Key Identifier:
keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/d9e0f0b1-d6d1-422d-a664-0486c785db4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2605:9cc0:3b4::/48
Signature Algorithm: sha256WithRSAEncryption
21:89:b4:cc:21:47:4d:8c:3e:72:9b:82:15:38:5c:19:3b:94:
37:cc:b0:d3:80:52:4a:77:c9:91:0b:89:4b:4a:95:2b:eb:5b:
de:03:38:82:37:c2:c3:98:33:dd:94:a2:0e:20:02:ad:96:26:
69:ef:bb:7d:2c:42:ba:dd:17:26:7b:b5:d6:cc:60:0b:39:2c:
60:6b:1e:b7:ec:90:f5:05:76:53:0f:34:73:a6:15:41:dd:5d:
aa:22:ff:54:83:fc:40:18:80:56:73:fb:75:28:72:1c:60:3a:
c1:85:72:b4:ba:b9:38:75:ca:69:de:bb:57:11:23:37:a4:26:
c7:2b:2e:6f:fa:fd:9d:15:aa:f5:af:1c:cf:85:d2:86:19:8c:
0b:da:7b:79:29:e8:08:79:39:9a:43:7e:e0:f7:94:95:b6:40:
53:1d:54:3f:68:47:87:27:c8:ad:b8:0c:eb:41:3f:03:84:04:
e6:32:e9:14:1a:e4:23:74:11:cb:2b:9c:b9:41:6f:33:5f:73:
40:03:fa:ca:61:be:6d:54:a3:00:b5:ae:aa:5f:1b:18:35:21:
b9:09:e4:7c:fd:49:f2:14:a8:86:8e:d8:84:dc:ea:e9:15:73:
ca:69:7f:09:28:72:8f:2f:a9:e1:ad:01:29:49:db:7a:cc:b9:
59:88:a3:c2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUB6iuKqNY/6OBiOs+WljhH7X8cbkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzExMTkyMjEyWhcNMjUwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5N2FjNjkwZTdkNWNjMDc1ODZlMjZjMGVlNzgyMjUwZjM1
ZWNlMDM5ZTk0ODYzZDE2NWY3N2YxZDVmMWU4MDVjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHcwKo8QNWc4SDlrHiQF3sQUVQCXtU5APJyObWFQjeLa83
v6SO/Ya70fOwNougiOVLNVBxnGdPpFkaHu3NCPJlZZJwlVN624ItKcpc/Wt+auU4
5Q16kCaVZ/qIG4vTIAxK7TkNmr7pB+M1wnhYRJlY35AqSjWcqpxwcx1ZFM49ogH2
hnm1A/VpIBtsONIsjSUZ/C+GTRpHtXr2mhVBOnMMJYYHqQnHQ7nlWawVsDToUI2C
4Fa6PE2AN2HVnqYnz0TBlyhNINUenzuRt1z6zZx9kmLzCOgtuXG0+nLdRJdZoyd1
RNYthmw2sZlBdA6Z9aDoVzgRdTPB8n1QAGXnQ+HTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUb3fuJN8E39BmsmcgrSv8zei96CgwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2Q5ZTBmMGIxLWQ2ZDEtNDIyZC1hNjY0LTA0ODZjNzg1ZGI0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA7QwDQYJKoZIhvcNAQELBQADggEBACGJtMwhR02MPnKbghU4XBk7
lDfMsNOAUkp3yZELiUtKlSvrW94DOII3wsOYM92Uog4gAq2WJmnvu30sQrrdFyZ7
tdbMYAs5LGBrHrfskPUFdlMPNHOmFUHdXaoi/1SD/EAYgFZz+3UochxgOsGFcrS6
uTh1ymneu1cRIzekJscrLm/6/Z0VqvWvHM+F0oYZjAvae3kp6Ah5OZpDfuD3lJW2
QFMdVD9oR4cnyK24DOtBPwOEBOYy6RQa5CN0EcsrnLlBbzNfc0AD+sphvm1UowC1
rqpfGxg1IbkJ5Hz9SfIUqIaO2ITc6ukVc8ppfwkoco8vqeGtASlJ23rMuVmIo8I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:26:53 2025 by rpki-client