Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f470160-0f3d-4c5a-a75f-8740f2007e2d.roa
File: 1f470160-0f3d-4c5a-a75f-8740f2007e2d.roa (raw, json)
Hash identifier: TrHW82DReNLt3wQgOYW6LCPVzksoomDpeJindUTZVto=
Subject key identifier: CE:0E:4A:FC:B8:B0:93:77:57:B9:7D:20:D0:C4:F9:F5:04:A9:22:45
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 40B678F7C045C6F4B67A58919AC9FAD1CFE9FD4C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f470160-0f3d-4c5a-a75f-8740f2007e2d.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.151.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:b6:78:f7:c0:45:c6:f4:b6:7a:58:91:9a:c9:fa:d1:cf:e9:fd:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=f99c05d2e40c7d0cb4b050ef2b72bb876de98c7f9b17b8333c469bdd60346c8d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f1:72:5f:95:00:71:75:97:25:d2:2b:de:ef:
13:b5:76:2e:f9:b5:1a:16:a9:72:28:73:7d:2f:e9:
05:8c:54:33:94:fb:f0:09:f8:5f:4a:a9:4a:7c:9a:
e7:18:dc:cf:95:aa:1a:cd:0c:b6:93:24:23:52:23:
dd:59:3b:28:84:52:d3:2b:bd:d8:64:d4:e9:ff:93:
b9:82:59:79:c7:df:5f:3a:19:7b:d7:95:78:d9:47:
60:ee:23:13:e9:b6:b3:fa:6c:fa:92:94:71:b7:51:
57:a0:ae:6c:07:88:2b:57:5e:ea:89:1a:1c:4d:c3:
54:69:5d:e7:15:f3:5b:cc:f9:5b:4e:de:3d:1b:86:
5b:a7:9c:06:bc:3e:3c:a8:f1:21:59:98:9c:8d:a1:
d0:eb:3d:71:0b:2e:ff:8b:b5:32:5d:9c:73:75:97:
e6:16:17:48:d2:49:35:9b:55:71:74:cc:2a:6c:85:
95:1d:25:3f:62:be:89:3b:be:66:a5:db:03:46:f7:
c1:55:a2:40:9f:26:b5:53:d5:8f:ef:51:dc:7b:a8:
e0:86:1c:25:e0:cd:8c:d8:b7:e8:ac:60:90:f1:4a:
69:d7:53:cf:54:89:e1:f7:92:94:75:6a:42:ae:36:
ae:df:6d:94:07:3f:de:1f:21:d4:4b:53:bb:3e:7a:
01:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0E:4A:FC:B8:B0:93:77:57:B9:7D:20:D0:C4:F9:F5:04:A9:22:45
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f470160-0f3d-4c5a-a75f-8740f2007e2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.151.188.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:6e:04:43:35:23:42:7f:e8:65:b5:fb:cc:e6:00:39:13:6e:
d4:66:e6:5e:9e:91:ae:4e:a2:d8:d8:b0:a3:78:c2:7f:3c:27:
d8:15:b7:e2:a5:8d:a2:02:4f:f0:43:ba:3f:d2:27:0b:84:4a:
a7:a2:86:4d:19:75:6b:e7:83:ae:79:a1:81:15:c8:a1:7c:3b:
c0:e7:af:29:24:62:2b:7c:87:6d:fd:37:23:f4:a0:62:19:95:
62:a6:51:a0:df:c5:1c:5d:c7:cb:c7:7f:e7:19:a3:5a:32:93:
45:1c:06:04:19:97:a3:53:fb:a9:26:52:c6:da:19:db:7d:e6:
b8:e4:b8:82:3f:71:cd:09:e3:ab:84:55:05:7e:bc:5a:7f:90:
b7:26:61:58:bd:1a:4e:a2:49:98:ce:a7:4e:9e:5e:0b:b9:51:
2f:26:36:15:45:58:5a:d1:b5:7b:8e:57:a0:13:0b:87:34:8d:
8c:67:59:3e:9b:bb:1a:4b:cf:b9:d9:42:64:27:cf:6e:88:3a:
9e:a3:64:9c:9d:3d:2c:9c:4f:53:fd:71:ec:37:8e:47:50:dd:
97:11:27:2e:a2:d2:40:4e:e0:74:b8:72:6f:00:7d:1f:b9:b6:
91:a5:21:43:15:f9:3b:82:31:9f:01:b4:e3:43:36:a1:45:be:
20:7e:34:48
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQLZ498BFxvS2eliRmsn60c/p/UwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI4MDAwMDAwWhcNMjUwMzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmOTljMDVkMmU0MGM3ZDBjYjRiMDUwZWYyYjcyYmI4NzZk
ZTk4YzdmOWIxN2I4MzMzYzQ2OWJkZDYwMzQ2YzhkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL8XJflQBxdZcl0ive7xO1di75tRoWqXIoc30v6QWMVDOU
+/AJ+F9KqUp8mucY3M+VqhrNDLaTJCNSI91ZOyiEUtMrvdhk1On/k7mCWXnH3186
GXvXlXjZR2DuIxPptrP6bPqSlHG3UVegrmwHiCtXXuqJGhxNw1RpXecV81vM+VtO
3j0bhlunnAa8Pjyo8SFZmJyNodDrPXELLv+LtTJdnHN1l+YWF0jSSTWbVXF0zCps
hZUdJT9ivok7vmal2wNG98FVokCfJrVT1Y/vUdx7qOCGHCXgzYzYt+isYJDxSmnX
U89UieH3kpR1akKuNq7fbZQHP94fIdRLU7s+egFHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzg5K/Liwk3dXuX0g0MT59QSpIkUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmNDcwMTYwLTBmM2QtNGM1YS1hNzVmLTg3NDBmMjAwN2UyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjl7wwDQYJKoZIhvcNAQELBQADggEBACxuBEM1I0J/6GW1+8zmADkTbtRm
5l6eka5OotjYsKN4wn88J9gVt+KljaICT/BDuj/SJwuESqeihk0ZdWvng655oYEV
yKF8O8DnrykkYit8h239NyP0oGIZlWKmUaDfxRxdx8vHf+cZo1oyk0UcBgQZl6NT
+6kmUsbaGdt95rjkuII/cc0J46uEVQV+vFp/kLcmYVi9Gk6iSZjOp06eXgu5US8m
NhVFWFrRtXuOV6ATC4c0jYxnWT6buxpLz7nZQmQnz26IOp6jZJydPSycT1P9cew3
jkdQ3ZcRJy6i0kBO4HS4cm8AfR+5tpGlIUMV+TuCMZ8BtONDNqFFviB+NEg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:39:20 2025 by rpki-client