Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e3973a0-6f9e-4d6a-981e-b0146a441803.roa
File: 9e3973a0-6f9e-4d6a-981e-b0146a441803.roa (raw, json)
Hash identifier: ZPmMILlZdCNJXsa4sRHk2P8eS28UotRJWaR3mEYwlDo=
Subject key identifier: 4A:01:91:FA:BF:E0:DA:D1:BC:EF:73:EA:DA:EB:A1:5A:A1:79:A5:85
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 048E7F539396460F141E30DAC284C8C13B4E4EB7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e3973a0-6f9e-4d6a-981e-b0146a441803.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.77.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:8e:7f:53:93:96:46:0f:14:1e:30:da:c2:84:c8:c1:3b:4e:4e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=4dca15a0b2e3ece8c2077af900c2a5c723d96cb2280a808039e9f2c2d0117375, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:db:25:99:03:62:71:dc:4f:fc:0f:98:84:c6:
7c:a8:ab:8f:f1:67:86:ff:33:9d:63:bb:95:a7:2b:
61:1b:4b:9c:dd:3c:fc:b0:d3:f0:20:02:3c:10:71:
7b:86:51:51:71:07:97:3c:d8:5d:27:5a:c9:11:bc:
32:65:30:8b:07:89:5a:3c:d1:8b:5b:81:d8:65:41:
93:6a:7e:55:3d:f6:9c:d0:3b:c8:0e:e4:7f:6a:39:
c9:7c:53:15:16:23:76:b7:8e:7d:24:ae:50:b5:82:
34:4b:94:c5:3e:3f:e5:c9:d5:63:c5:dd:eb:4f:d4:
3a:c9:9f:5c:f5:9f:45:60:17:d7:1c:74:c4:24:ba:
06:84:2b:d6:14:8a:e1:99:d4:f2:dd:05:bc:1e:ff:
c7:df:99:32:80:f3:a9:4f:4f:e7:ea:e2:60:20:af:
33:2d:38:ea:ca:73:68:22:c2:04:44:58:68:63:7c:
15:45:bd:74:3f:da:d3:21:67:76:b0:04:29:cf:65:
c1:22:b8:6d:07:e4:6b:bd:7f:e6:aa:15:b1:54:2b:
86:1d:50:37:c5:0b:1e:56:14:38:86:ee:3b:18:c9:
5b:e3:ab:20:bd:5d:14:37:51:44:a2:68:c6:a1:bf:
f6:48:a8:d3:12:72:e1:cf:5a:e8:65:6a:70:54:95:
68:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:01:91:FA:BF:E0:DA:D1:BC:EF:73:EA:DA:EB:A1:5A:A1:79:A5:85
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e3973a0-6f9e-4d6a-981e-b0146a441803.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.77.236.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:73:18:ad:a4:ea:9f:15:fb:f4:57:b5:86:18:86:fd:ba:2b:
2c:d6:65:f3:65:b5:c5:f5:be:59:52:79:5c:d1:93:79:b2:33:
fd:a0:3c:24:7f:b3:85:6c:ac:bd:8a:1b:05:dd:bb:8c:71:2e:
30:b2:98:dd:1e:ed:46:6d:04:d8:ba:9c:ef:cf:c8:07:bb:c7:
66:4f:c6:69:db:fa:68:a6:77:59:d0:0e:24:a6:c6:7d:85:64:
f8:bc:f4:61:0b:fa:2a:c6:db:4a:3a:e1:0f:39:20:17:dc:11:
f1:31:ab:a7:1c:d1:fa:a0:8b:2c:9d:b5:b3:aa:f5:17:34:ee:
9a:7c:2c:94:b0:43:25:85:80:ca:9d:7e:33:38:2a:e9:a6:9d:
dc:ef:37:57:56:ab:47:fa:e2:28:e5:06:bb:c6:d4:c5:72:5c:
71:f6:69:60:9b:f1:8f:75:a5:9d:f9:4a:67:5a:1a:74:7a:18:
ff:cb:fc:3c:da:da:3e:e4:96:f0:86:37:e0:85:40:13:a5:d5:
8d:ae:ca:f9:a9:97:87:7c:d6:a7:d9:ac:30:f2:cf:cf:4b:3b:
82:26:5c:a2:99:36:6d:bd:01:06:0d:ea:53:b7:85:0e:9f:a2:
85:01:b4:c6:bd:81:25:82:40:d0:ed:56:18:7a:c9:7d:d2:0e:
63:a0:c9:51
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBI5/U5OWRg8UHjDawoTIwTtOTrcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZGNhMTVhMGIyZTNlY2U4YzIwNzdhZjkwMGMyYTVjNzIz
ZDk2Y2IyMjgwYTgwODAzOWU5ZjJjMmQwMTE3Mzc1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDo2yWZA2Jx3E/8D5iExnyoq4/xZ4b/M51ju5WnK2EbS5zd
PPyw0/AgAjwQcXuGUVFxB5c82F0nWskRvDJlMIsHiVo80YtbgdhlQZNqflU99pzQ
O8gO5H9qOcl8UxUWI3a3jn0krlC1gjRLlMU+P+XJ1WPF3etP1DrJn1z1n0VgF9cc
dMQkugaEK9YUiuGZ1PLdBbwe/8ffmTKA86lPT+fq4mAgrzMtOOrKc2giwgREWGhj
fBVFvXQ/2tMhZ3awBCnPZcEiuG0H5Gu9f+aqFbFUK4YdUDfFCx5WFDiG7jsYyVvj
qyC9XRQ3UUSiaMahv/ZIqNMScuHPWuhlanBUlWjDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSgGR+r/g2tG873Pq2uuhWqF5pYUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllMzk3M2EwLTZmOWUtNGQ2YS05ODFlLWIwMTQ2YTQ0MTgwMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTewwDQYJKoZIhvcNAQELBQADggEBAI9zGK2k6p8V+/RXtYYYhv26KyzW
ZfNltcX1vllSeVzRk3myM/2gPCR/s4VsrL2KGwXdu4xxLjCymN0e7UZtBNi6nO/P
yAe7x2ZPxmnb+mimd1nQDiSmxn2FZPi89GEL+irG20o64Q85IBfcEfExq6cc0fqg
iyydtbOq9Rc07pp8LJSwQyWFgMqdfjM4KummndzvN1dWq0f64ijlBrvG1MVyXHH2
aWCb8Y91pZ35SmdaGnR6GP/L/Dza2j7klvCGN+CFQBOl1Y2uyvmpl4d81qfZrDDy
z89LO4ImXKKZNm29AQYN6lO3hQ6fooUBtMa9gSWCQNDtVhh6yX3SDmOgyVE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:35:04 2025 by rpki-client