Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/235ba01b-bc16-4244-a93f-06a145b0732c.roa
File: 235ba01b-bc16-4244-a93f-06a145b0732c.roa (raw, json)
Hash identifier: 4NgcpLvbe7p5mg5nuGXERfGJuEEV5CfyLYAGYqR2rs4=
Subject key identifier: 94:14:A2:1B:B5:4D:3C:AD:52:7C:90:87:0B:1F:C0:E8:BD:84:31:5E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7A533AA30E10B7A00915047E4B297FF94BB5FB89
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/235ba01b-bc16-4244-a93f-06a145b0732c.roa
Signing time: Sat 11 Jan 2025 00:00:00 +0000
ROA not before: Sat 11 Jan 2025 00:00:00 +0000
ROA not after: Sat 15 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 147.106.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:53:3a:a3:0e:10:b7:a0:09:15:04:7e:4b:29:7f:f9:4b:b5:fb:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 11 00:00:00 2025 GMT
Not After : Feb 15 23:59:59 2025 GMT
Subject: serialNumber=c7d36b71fbb67694c53006e14cfa1dd0fd30a488a55da2152b290c53a0f27cfd, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:51:51:b7:87:28:09:80:2d:2a:24:fa:0f:34:
e5:f7:85:75:01:2f:94:90:c9:94:ef:dd:61:68:90:
ab:70:45:13:16:15:72:cb:1f:8a:04:bf:02:b4:d8:
7f:66:00:24:f7:81:34:8d:07:cb:d2:87:46:5f:bc:
c1:76:c3:25:3c:82:59:3d:bc:23:17:e3:22:69:92:
16:37:5c:24:2a:d8:9c:b1:f1:04:ce:85:f4:4c:cd:
cd:f3:1b:62:ee:a5:4d:d2:26:b8:4b:cc:63:47:13:
39:27:00:8e:47:fe:b7:68:a3:70:26:75:49:86:61:
d9:46:6e:37:8f:8d:db:9a:dc:57:90:79:32:4b:ff:
a7:96:15:35:7b:ec:28:b9:00:60:a0:96:a6:a5:23:
43:ac:c7:42:d0:db:75:54:a6:3c:cf:64:8c:ab:09:
52:8a:17:db:0b:1d:e2:e6:08:e4:70:4a:26:24:8b:
1a:7d:96:95:29:34:56:bd:b6:ac:e0:e5:f6:87:00:
be:be:93:06:51:bb:72:8a:36:80:5f:87:e4:fe:90:
62:a9:36:1a:ab:9f:51:b8:eb:e1:c2:d6:bd:cf:8e:
9c:dd:b3:6c:3e:f8:c4:4c:36:8d:00:4d:fd:20:06:
bc:9a:8d:eb:f8:6e:b0:b1:e6:12:14:29:34:ca:95:
62:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:14:A2:1B:B5:4D:3C:AD:52:7C:90:87:0B:1F:C0:E8:BD:84:31:5E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/235ba01b-bc16-4244-a93f-06a145b0732c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.106.128.0/18
Signature Algorithm: sha256WithRSAEncryption
43:78:4a:15:a8:3f:19:d0:58:1f:fa:85:6f:56:48:9a:51:b6:
33:b0:20:9f:e7:29:2c:a2:d7:9e:c7:d0:5a:46:70:64:13:51:
2e:e4:76:3b:29:4b:a8:59:ef:32:82:1d:01:af:2d:c6:95:9e:
d4:da:5e:f5:ed:db:d3:05:7e:53:03:59:c0:70:de:5d:43:12:
a3:23:b3:cf:e4:6d:ef:8c:aa:e4:81:d7:2d:b7:3e:c2:16:bf:
ab:73:b5:ed:a4:09:e5:9c:c8:2b:04:be:22:d7:40:9f:bb:da:
87:ca:95:b3:de:3e:e0:4c:a2:e9:9c:fe:ae:a7:35:dd:28:87:
b6:55:86:12:38:6b:78:3e:de:73:37:b2:92:9f:29:11:63:43:
d4:96:73:64:94:59:d8:4d:0e:1b:0d:86:90:9d:63:ff:d6:ba:
37:92:5f:3d:f4:ca:0f:58:8e:4b:63:e5:77:35:0d:12:b5:16:
49:46:34:ee:6a:45:23:2d:bb:c3:e0:b8:29:43:bb:47:d8:1e:
ac:ff:0a:37:2a:ae:ca:2a:d3:65:eb:c7:1f:ee:e2:6f:d1:e1:
03:40:22:fe:73:80:51:99:6f:96:3e:03:d8:4f:66:97:24:0a:
60:0a:31:fa:e1:d2:29:d3:26:8b:df:da:16:ec:f3:15:d6:9e:
2c:9c:b4:c1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUelM6ow4Qt6AJFQR+Syl/+Uu1+4kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTExMDAwMDAwWhcNMjUwMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjN2QzNmI3MWZiYjY3Njk0YzUzMDA2ZTE0Y2ZhMWRkMGZk
MzBhNDg4YTU1ZGEyMTUyYjI5MGM1M2EwZjI3Y2ZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbUVG3hygJgC0qJPoPNOX3hXUBL5SQyZTv3WFokKtwRRMW
FXLLH4oEvwK02H9mACT3gTSNB8vSh0ZfvMF2wyU8glk9vCMX4yJpkhY3XCQq2Jyx
8QTOhfRMzc3zG2LupU3SJrhLzGNHEzknAI5H/rdoo3AmdUmGYdlGbjePjdua3FeQ
eTJL/6eWFTV77Ci5AGCglqalI0Osx0LQ23VUpjzPZIyrCVKKF9sLHeLmCORwSiYk
ixp9lpUpNFa9tqzg5faHAL6+kwZRu3KKNoBfh+T+kGKpNhqrn1G46+HC1r3Pjpzd
s2w++MRMNo0ATf0gBryajev4brCx5hIUKTTKlWLJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlBSiG7VNPK1SfJCHCx/A6L2EMV4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzNWJhMDFiLWJjMTYtNDI0NC1hOTNmLTA2YTE0NWIwNzMyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAaTaoAwDQYJKoZIhvcNAQELBQADggEBAEN4ShWoPxnQWB/6hW9WSJpRtjOw
IJ/nKSyi157H0FpGcGQTUS7kdjspS6hZ7zKCHQGvLcaVntTaXvXt29MFflMDWcBw
3l1DEqMjs8/kbe+MquSB1y23PsIWv6tzte2kCeWcyCsEviLXQJ+72ofKlbPePuBM
oumc/q6nNd0oh7ZVhhI4a3g+3nM3spKfKRFjQ9SWc2SUWdhNDhsNhpCdY//WujeS
Xz30yg9Yjktj5Xc1DRK1FklGNO5qRSMtu8PguClDu0fYHqz/Cjcqrsoq02Xrxx/u
4m/R4QNAIv5zgFGZb5Y+A9hPZpckCmAKMfrh0inTJovf2hbs8xXWniyctME=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:27:11 2025 by rpki-client