Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/854b0ccc-21b0-4120-9690-48e4d8492039.roa
File: 854b0ccc-21b0-4120-9690-48e4d8492039.roa (raw, json)
Hash identifier: owTjHLtR3zk8y4OFvkyRRSi+7zdqHPcUDdsa1uPhZuc=
Subject key identifier: E5:0E:5A:24:42:A1:3F:23:C5:EA:23:B4:26:DC:E9:04:65:52:45:67
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 66AE4120A3DB225E83E3A04DA22594F0009123CD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/854b0ccc-21b0-4120-9690-48e4d8492039.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 164.152.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:ae:41:20:a3:db:22:5e:83:e3:a0:4d:a2:25:94:f0:00:91:23:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=dd5b282bc34fd98d348401581e8c1885981110a8a6398745a881e6dd76d64e57, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1f:85:46:74:36:f0:cf:a0:94:07:3b:8b:45:
1a:9c:14:a9:7a:6a:c8:e8:81:da:90:04:b0:47:a5:
04:17:b9:30:f7:38:e1:96:50:a7:be:56:78:a6:76:
6e:4c:99:a7:d5:ef:5c:12:f7:d5:65:29:1f:78:e7:
60:50:81:28:36:0f:11:a1:0d:8c:8b:b5:28:2a:48:
54:3c:f9:0d:3f:54:e8:4b:d2:b5:b7:09:04:b0:55:
d5:a6:29:a4:fa:23:b4:25:42:39:60:06:c1:94:fe:
89:69:d6:f6:d7:1f:7f:ba:fe:ca:1c:24:69:90:76:
57:c4:f1:75:c2:7c:30:e7:ec:11:f5:f2:09:5a:32:
54:4d:28:73:cc:0b:95:b1:8b:57:cb:19:0a:90:9f:
c9:64:71:cf:ad:3b:5d:db:f2:24:58:eb:e7:8d:d1:
59:e9:ea:7d:db:d5:84:73:da:3f:7d:96:02:25:70:
d0:f6:3e:03:4b:49:05:91:d2:10:de:25:20:64:3a:
37:f8:bd:0d:eb:3b:5c:fb:9c:28:c0:63:49:42:fd:
60:50:3a:d1:6e:71:69:ab:0a:b8:f8:56:9b:06:0d:
ff:fb:00:ee:54:91:ea:d5:b1:23:1b:93:59:27:3a:
65:d1:83:a2:63:68:48:45:93:e1:24:8d:41:c4:b8:
a8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0E:5A:24:42:A1:3F:23:C5:EA:23:B4:26:DC:E9:04:65:52:45:67
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/854b0ccc-21b0-4120-9690-48e4d8492039.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.152.228.0/22
Signature Algorithm: sha256WithRSAEncryption
01:a9:ac:c3:54:22:5b:b8:35:53:3e:04:00:0f:3c:21:44:ba:
98:aa:06:a8:19:e8:44:c8:67:b4:76:83:a6:bf:eb:9b:ba:f4:
7d:15:40:28:96:2b:6f:0f:ba:ca:52:8c:d2:6a:26:9b:27:5e:
70:59:08:16:ab:7a:a4:6e:b0:1b:d1:b0:18:d8:e5:c5:88:5f:
35:f8:79:55:d9:9c:55:b6:b0:bc:28:60:0d:ca:66:11:ba:df:
1b:4e:a8:cb:f6:d8:2d:18:ca:8b:64:08:f9:7c:64:44:2f:73:
06:1a:22:3f:4b:d3:fa:49:a7:64:7a:48:41:57:b2:72:ad:2d:
98:2a:35:ab:14:7a:6a:59:af:cf:6b:44:64:79:06:4f:e0:8c:
b3:ba:23:41:c9:56:9d:8b:90:2a:9e:0c:59:59:8b:33:a9:18:
40:e9:58:e7:6e:a2:2b:23:14:97:35:d1:e8:8b:6a:76:9f:1a:
d3:d1:19:dc:5a:9e:ac:5f:08:65:81:3e:e6:5f:3f:40:f5:25:
af:88:20:4a:78:56:91:6e:01:e8:8a:9e:89:e0:53:58:b6:04:
9a:c7:bb:8c:39:01:54:61:cb:76:6d:ab:5d:4c:e7:ca:0d:0c:
a8:ad:37:a3:4e:28:c6:47:64:fc:cb:62:ba:95:4a:b3:da:67:
44:d9:34:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZq5BIKPbIl6D46BNoiWU8ACRI80wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZDViMjgyYmMzNGZkOThkMzQ4NDAxNTgxZThjMTg4NTk4
MTExMGE4YTYzOTg3NDVhODgxZTZkZDc2ZDY0ZTU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0H4VGdDbwz6CUBzuLRRqcFKl6asjogdqQBLBHpQQXuTD3
OOGWUKe+Vnimdm5MmafV71wS99VlKR9452BQgSg2DxGhDYyLtSgqSFQ8+Q0/VOhL
0rW3CQSwVdWmKaT6I7QlQjlgBsGU/olp1vbXH3+6/socJGmQdlfE8XXCfDDn7BH1
8glaMlRNKHPMC5Wxi1fLGQqQn8lkcc+tO13b8iRY6+eN0Vnp6n3b1YRz2j99lgIl
cND2PgNLSQWR0hDeJSBkOjf4vQ3rO1z7nCjAY0lC/WBQOtFucWmrCrj4VpsGDf/7
AO5UkerVsSMbk1knOmXRg6JjaEhFk+EkjUHEuKiJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5Q5aJEKhPyPF6iO0JtzpBGVSRWcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg1NGIwY2NjLTIxYjAtNDEyMC05NjkwLTQ4ZTRkODQ5MjAzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKkmOQwDQYJKoZIhvcNAQELBQADggEBAAGprMNUIlu4NVM+BAAPPCFEupiq
BqgZ6ETIZ7R2g6a/65u69H0VQCiWK28PuspSjNJqJpsnXnBZCBareqRusBvRsBjY
5cWIXzX4eVXZnFW2sLwoYA3KZhG63xtOqMv22C0YyotkCPl8ZEQvcwYaIj9L0/pJ
p2R6SEFXsnKtLZgqNasUempZr89rRGR5Bk/gjLO6I0HJVp2LkCqeDFlZizOpGEDp
WOduoisjFJc10eiLanafGtPRGdxanqxfCGWBPuZfP0D1Ja+IIEp4VpFuAeiKnong
U1i2BJrHu4w5AVRhy3Ztq11M58oNDKitN6NOKMZHZPzLYrqVSrPaZ0TZNI0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:56:52 2025 by rpki-client