Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23f9e2ac-df66-40f5-a865-8922516e1c01.roa
File: 23f9e2ac-df66-40f5-a865-8922516e1c01.roa (raw, json)
Hash identifier: wbMYLoZakYqbkaCKWUmtbUcYM5Bq0CPDY2UrWnG+l74=
Subject key identifier: 8E:27:E1:20:F8:44:38:4A:60:43:B7:CE:89:C2:3D:61:76:92:70:65
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 07BB0F696084D925D607347DD30EF51D89C280DE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23f9e2ac-df66-40f5-a865-8922516e1c01.roa
Signing time: Mon 20 Jan 2025 00:00:00 +0000
ROA not before: Mon 20 Jan 2025 00:00:00 +0000
ROA not after: Mon 24 Feb 2025 23:59:59 +0000
asID: 6167
IP address blocks: 139.56.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:bb:0f:69:60:84:d9:25:d6:07:34:7d:d3:0e:f5:1d:89:c2:80:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 20 00:00:00 2025 GMT
Not After : Feb 24 23:59:59 2025 GMT
Subject: serialNumber=67a454c06e326a6771ee77c0ccbfd6d3937895f0424b36d6632acbbaac6cf04a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c4:50:37:c4:8d:f5:a4:bc:9b:cf:8f:d4:29:
d9:89:fe:86:bf:e3:33:d7:8f:4a:c1:c8:28:e2:49:
7d:36:e3:b7:ba:e8:c6:94:f3:bf:d2:c3:90:ca:4f:
d3:14:44:f3:86:13:ec:3e:12:74:25:4c:86:87:d6:
95:90:7a:bc:b8:0a:d1:1f:7c:4f:d6:2f:29:b4:90:
2a:86:e5:7f:86:31:0a:dd:e5:a6:3c:2f:56:ae:85:
ea:00:e5:b3:8e:18:16:16:8f:1f:45:2a:c2:eb:40:
f9:70:4b:26:23:0a:af:f8:42:77:e8:e3:02:e3:ff:
49:7b:06:fd:da:ad:d6:58:b3:e8:4e:5b:43:70:13:
ec:97:7a:86:04:9d:6f:38:3c:ff:9c:2f:57:c8:be:
2a:28:fd:fb:6a:66:3d:63:22:6d:f1:15:f0:f9:48:
9f:84:78:bd:05:6b:3b:af:21:00:46:fe:36:4b:db:
64:c3:68:65:61:63:bb:c9:44:c1:45:54:d9:70:2e:
db:df:e2:e7:9b:3f:cc:29:ab:74:8e:73:3d:17:42:
f1:75:ab:c6:56:52:90:65:12:df:20:82:48:68:d8:
57:01:be:b9:c5:f3:27:c0:3c:4c:12:e9:7d:4c:66:
88:eb:9a:04:84:ce:f6:f4:50:84:9f:f2:1c:bd:c6:
3f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:27:E1:20:F8:44:38:4A:60:43:B7:CE:89:C2:3D:61:76:92:70:65
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23f9e2ac-df66-40f5-a865-8922516e1c01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.56.1.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:4e:c7:cc:40:58:f3:f2:2e:b0:69:3c:b4:2a:86:67:d5:3c:
a1:10:af:07:34:64:67:0a:2a:d6:cf:95:71:50:7e:e2:78:21:
2a:d8:81:bc:4a:64:54:82:4a:1f:b5:95:1a:e5:a9:91:1b:60:
3f:0f:cb:59:58:a3:c8:53:c2:1b:7f:80:fe:34:52:e4:8d:ee:
83:eb:76:4f:b9:e4:c8:6f:2f:e2:40:e8:ae:d9:4d:c9:c5:04:
eb:36:af:73:45:ad:cc:36:56:88:bc:fc:c5:f6:51:11:5a:ef:
22:64:ab:42:36:cf:f8:7a:7f:1e:ea:2f:f6:a4:c6:50:7b:df:
65:30:15:78:40:16:25:e6:ff:f0:a5:19:ca:bf:06:a7:53:a8:
5c:70:b9:01:df:f3:0e:21:44:39:ac:84:41:c2:61:ca:f6:95:
82:40:7f:63:c8:6c:94:7c:09:c4:10:b7:82:ba:3a:c8:f8:fa:
d2:91:5e:cc:c1:91:e5:71:e9:18:f9:e2:a3:9b:38:51:98:d8:
ed:0a:43:50:7a:b6:9a:a5:b0:17:b7:d3:97:c9:3b:67:cb:80:
ef:df:35:8d:13:eb:06:1c:e3:e4:d4:3f:e0:3d:39:4e:b2:0d:
bf:a7:73:57:2e:63:05:e5:4a:24:ee:00:52:26:f1:19:43:df:
77:55:3c:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUB7sPaWCE2SXWBzR90w71HYnCgN4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIwMDAwMDAwWhcNMjUwMjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2N2E0NTRjMDZlMzI2YTY3NzFlZTc3YzBjY2JmZDZkMzkz
Nzg5NWYwNDI0YjM2ZDY2MzJhY2JiYWFjNmNmMDRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvxFA3xI31pLybz4/UKdmJ/oa/4zPXj0rByCjiSX0247e6
6MaU87/Sw5DKT9MURPOGE+w+EnQlTIaH1pWQery4CtEffE/WLym0kCqG5X+GMQrd
5aY8L1auheoA5bOOGBYWjx9FKsLrQPlwSyYjCq/4Qnfo4wLj/0l7Bv3ardZYs+hO
W0NwE+yXeoYEnW84PP+cL1fIvioo/ftqZj1jIm3xFfD5SJ+EeL0FazuvIQBG/jZL
22TDaGVhY7vJRMFFVNlwLtvf4uebP8wpq3SOcz0XQvF1q8ZWUpBlEt8ggkho2FcB
vrnF8yfAPEwS6X1MZojrmgSEzvb0UISf8hy9xj+9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjifhIPhEOEpgQ7fOicI9YXaScGUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzZjllMmFjLWRmNjYtNDBmNS1hODY1LTg5MjI1MTZlMWMwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACLOAEwDQYJKoZIhvcNAQELBQADggEBAC9Ox8xAWPPyLrBpPLQqhmfVPKEQ
rwc0ZGcKKtbPlXFQfuJ4ISrYgbxKZFSCSh+1lRrlqZEbYD8Py1lYo8hTwht/gP40
UuSN7oPrdk+55MhvL+JA6K7ZTcnFBOs2r3NFrcw2Voi8/MX2URFa7yJkq0I2z/h6
fx7qL/akxlB732UwFXhAFiXm//ClGcq/BqdTqFxwuQHf8w4hRDmshEHCYcr2lYJA
f2PIbJR8CcQQt4K6Osj4+tKRXszBkeVx6Rj54qObOFGY2O0KQ1B6tpqlsBe305fJ
O2fLgO/fNY0T6wYc4+TUP+A9OU6yDb+nc1cuYwXlSiTuAFIm8RlD33dVPFs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:52:34 2025 by rpki-client