Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f67fb5f-21c1-4d9c-a7cc-916978836e5f.roa
File: 4f67fb5f-21c1-4d9c-a7cc-916978836e5f.roa (raw, json)
Hash identifier: dCWCScCW32BblwoLwrpSoQGefgVoJ1JBSqX3+DLmIMo=
Subject key identifier: 74:F1:76:3A:FB:70:00:3B:13:6B:9E:9D:B0:E5:D9:2D:9C:B8:23:E8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4D87862EBFF437787A1C4C020003DAA841E3741B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f67fb5f-21c1-4d9c-a7cc-916978836e5f.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.75.192.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:87:86:2e:bf:f4:37:78:7a:1c:4c:02:00:03:da:a8:41:e3:74:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=bc3e7889e1e511976faf158295c1c9b911c7f44ae36118310abb1e33763602f7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b5:45:00:03:ea:5b:89:6a:c1:85:af:e1:78:
68:0e:fa:ee:6e:d9:6e:a1:fe:25:1a:b1:14:5b:76:
59:24:67:28:19:6f:a7:89:66:66:60:bd:c4:a6:bd:
04:32:4b:1d:78:f6:6d:b6:bf:76:eb:4e:34:fb:ef:
d7:a8:9d:54:6f:23:d7:aa:d2:03:fb:d4:84:2c:37:
5f:7d:47:a7:ee:f7:fd:18:47:f5:09:14:f1:f2:1a:
56:2c:04:12:d4:65:bd:5b:6c:47:7b:2f:be:ad:ad:
18:95:b1:4e:11:73:d8:42:f0:4a:48:a1:44:19:53:
2d:73:73:9b:ea:4a:ef:82:5c:64:7a:86:cf:73:b8:
d4:76:c8:d1:42:49:d0:55:0b:16:56:a1:8f:a8:3d:
65:6a:b5:b9:d2:57:ef:93:f5:57:24:1d:67:e0:48:
00:23:f1:6d:d2:ae:49:13:69:b8:89:9c:16:14:3c:
bd:5e:02:42:71:ac:67:bb:3a:ab:c6:fc:d5:22:9d:
91:f7:1c:39:d9:d9:dc:9f:df:81:76:0e:74:c8:68:
67:ca:ed:3d:85:0f:0c:ab:4d:cb:b8:10:b7:0e:0f:
8c:df:c4:57:5a:e2:94:17:25:b7:44:71:de:e8:38:
80:ee:44:d2:71:74:e4:f2:d9:4f:02:d9:63:33:1f:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F1:76:3A:FB:70:00:3B:13:6B:9E:9D:B0:E5:D9:2D:9C:B8:23:E8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f67fb5f-21c1-4d9c-a7cc-916978836e5f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.75.192.0/18
Signature Algorithm: sha256WithRSAEncryption
12:60:5c:37:24:14:2e:f3:fb:61:bb:3d:3f:61:a9:dd:32:fc:
07:a6:55:79:68:2a:17:50:ed:0a:ed:48:8d:48:0e:d9:f6:b2:
ff:da:39:a4:7a:4f:f8:8c:bd:0c:dd:76:b0:49:71:23:3f:58:
99:be:08:e5:f1:fe:4b:4c:3e:79:27:57:58:83:39:4d:78:cd:
f9:d7:a0:1d:ea:d2:15:0b:2f:89:bf:12:07:d9:1b:66:cc:21:
d0:22:78:44:d8:50:5c:34:da:cb:1c:f3:1b:6b:33:9f:59:d7:
a7:8c:cc:e8:f7:91:e8:c2:89:fa:66:96:19:bb:74:b2:fc:58:
00:c1:1b:7a:d6:b0:90:45:cd:73:5d:b7:ef:4a:f2:c5:10:9d:
e5:20:4c:8e:75:49:43:a8:b0:db:86:f5:22:00:0c:36:0e:fb:
6a:00:5e:02:eb:a0:90:0a:47:44:87:b8:fe:10:84:32:0d:87:
73:70:d9:06:62:f9:af:a2:3f:d5:6d:cd:05:06:f7:cf:a2:a3:
ff:58:82:37:c5:ac:7c:76:57:3d:1f:c6:a7:ec:64:66:a7:e7:
b1:0a:7b:37:89:8c:f7:3a:0d:b5:2e:b1:37:65:5f:3d:9d:7d:
1a:66:b0:4f:6c:3f:b2:0f:6a:b2:9d:c3:98:94:2b:16:f3:83:
d9:2a:85:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTYeGLr/0N3h6HEwCAAPaqEHjdBswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYzNlNzg4OWUxZTUxMTk3NmZhZjE1ODI5NWMxYzliOTEx
YzdmNDRhZTM2MTE4MzEwYWJiMWUzMzc2MzYwMmY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrtUUAA+pbiWrBha/heGgO+u5u2W6h/iUasRRbdlkkZygZ
b6eJZmZgvcSmvQQySx149m22v3brTjT779eonVRvI9eq0gP71IQsN199R6fu9/0Y
R/UJFPHyGlYsBBLUZb1bbEd7L76trRiVsU4Rc9hC8EpIoUQZUy1zc5vqSu+CXGR6
hs9zuNR2yNFCSdBVCxZWoY+oPWVqtbnSV++T9VckHWfgSAAj8W3SrkkTabiJnBYU
PL1eAkJxrGe7OqvG/NUinZH3HDnZ2dyf34F2DnTIaGfK7T2FDwyrTcu4ELcOD4zf
xFda4pQXJbdEcd7oOIDuRNJxdOTy2U8C2WMzHx8vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdPF2OvtwADsTa56dsOXZLZy4I+gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRmNjdmYjVmLTIxYzEtNGQ5Yy1hN2NjLTkxNjk3ODgzNmU1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZjS8AwDQYJKoZIhvcNAQELBQADggEBABJgXDckFC7z+2G7PT9hqd0y/Aem
VXloKhdQ7QrtSI1IDtn2sv/aOaR6T/iMvQzddrBJcSM/WJm+COXx/ktMPnknV1iD
OU14zfnXoB3q0hULL4m/EgfZG2bMIdAieETYUFw02ssc8xtrM59Z16eMzOj3kejC
ifpmlhm7dLL8WADBG3rWsJBFzXNdt+9K8sUQneUgTI51SUOosNuG9SIADDYO+2oA
XgLroJAKR0SHuP4QhDINh3Nw2QZi+a+iP9VtzQUG98+io/9YgjfFrHx2Vz0fxqfs
ZGan57EKezeJjPc6DbUusTdlXz2dfRpmsE9sP7IParKdw5iUKxbzg9kqhY4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:24:12 2025 by rpki-client