Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b3b38e52-269e-4888-a4e3-a2e1a3392a61.roa
File: b3b38e52-269e-4888-a4e3-a2e1a3392a61.roa (raw, json)
Hash identifier: Oz9qlsljho2WrhsH2Wjdma7p0lJo31DamnjpGlMmNhs=
Subject key identifier: FB:4A:07:1C:02:17:F7:A9:75:97:37:FD:0B:02:1A:E6:00:8A:91:D3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 379AB96B6B9AE53E3D8154017AC416727F8CD5B4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b3b38e52-269e-4888-a4e3-a2e1a3392a61.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 72.44.34.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:9a:b9:6b:6b:9a:e5:3e:3d:81:54:01:7a:c4:16:72:7f:8c:d5:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=11616389c3aa691ffa0bf12744d100f0176aa3f8f76a8fc9a49e9edf979fc00a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:03:67:f0:25:8b:ea:c6:fd:94:1d:19:09:24:
e8:fe:2b:15:7e:cd:15:32:32:61:ab:9d:f4:c7:78:
63:57:c4:a1:31:de:4a:5c:a7:5f:b0:53:de:fc:cd:
17:6a:4f:ed:54:78:cb:a5:59:44:93:ac:7b:6f:86:
0d:04:be:c1:89:80:6a:19:6f:67:68:d8:c4:bc:50:
24:99:84:c0:eb:e9:1f:44:84:3d:f9:45:1a:72:b4:
75:86:ec:80:4d:e6:41:19:52:c4:ee:2c:8f:6d:04:
16:15:54:01:56:d0:b7:4f:72:1e:bc:87:4f:02:0c:
70:92:8e:5a:7c:1c:23:46:29:0a:e7:0e:f6:31:87:
6b:cc:4f:6e:95:16:dc:c7:f9:d4:3a:15:29:c3:d8:
f1:c3:2a:ea:b2:3c:01:ac:bf:26:e0:f2:76:ed:1b:
18:84:0d:88:dd:38:8e:89:78:19:f2:e3:17:3d:c9:
0d:87:01:02:92:b7:8d:30:83:48:51:be:3c:c2:54:
90:cc:35:d7:65:5c:41:3c:37:37:20:54:a7:6d:7c:
29:df:33:bb:0d:78:9d:43:ab:81:5b:55:94:35:be:
e5:24:e2:11:52:e5:d7:e5:42:d7:e5:c4:9d:05:6d:
55:41:25:8e:ee:4b:75:e7:eb:a9:70:04:4d:b1:04:
f9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4A:07:1C:02:17:F7:A9:75:97:37:FD:0B:02:1A:E6:00:8A:91:D3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b3b38e52-269e-4888-a4e3-a2e1a3392a61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.44.34.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:cb:2f:41:9f:05:d4:97:4b:b1:d8:ca:67:cf:8c:d0:23:03:
5b:19:45:a5:04:f9:99:c7:17:50:17:c8:38:f5:1a:f8:c2:4d:
e4:a3:5c:1d:6c:45:6e:a2:78:86:44:1c:7c:de:b2:4c:09:cd:
bd:80:22:5d:82:7e:d0:09:25:ab:cd:95:7f:79:ad:df:7a:6c:
94:ee:e9:26:cd:be:3a:c9:ea:83:f8:b3:9d:f8:5c:b4:a4:74:
b4:9d:2c:bf:77:0e:26:05:ae:8b:fa:cb:2a:82:82:63:39:16:
ad:85:32:1f:11:57:84:5c:c1:42:c2:92:16:75:5f:95:ea:9d:
14:f0:24:74:bf:ec:af:0a:8c:5e:95:27:c1:58:06:36:51:82:
d2:73:b8:9b:e7:7c:72:4b:58:43:0a:e5:46:4f:21:bf:be:2a:
92:8b:b9:b6:b1:9f:b5:ed:a1:70:9a:e2:76:c7:72:31:1c:10:
c2:44:b1:18:55:7e:9d:dd:00:68:ba:ad:35:cb:eb:1f:d0:c1:
51:63:7d:a2:5f:ea:c1:1a:07:59:21:f0:be:f0:1c:bd:e9:9a:
c4:bc:f6:53:5a:a4:7a:a0:63:93:95:6e:66:ee:36:0a:bf:16:
c5:e6:65:e8:0b:3f:86:aa:a3:86:c5:27:7e:e0:bc:ba:ce:54:
c2:b9:ae:2d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUN5q5a2ua5T49gVQBesQWcn+M1bQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMTYxNjM4OWMzYWE2OTFmZmEwYmYxMjc0NGQxMDBmMDE3
NmFhM2Y4Zjc2YThmYzlhNDllOWVkZjk3OWZjMDBhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtA2fwJYvqxv2UHRkJJOj+KxV+zRUyMmGrnfTHeGNXxKEx
3kpcp1+wU978zRdqT+1UeMulWUSTrHtvhg0EvsGJgGoZb2do2MS8UCSZhMDr6R9E
hD35RRpytHWG7IBN5kEZUsTuLI9tBBYVVAFW0LdPch68h08CDHCSjlp8HCNGKQrn
DvYxh2vMT26VFtzH+dQ6FSnD2PHDKuqyPAGsvybg8nbtGxiEDYjdOI6JeBny4xc9
yQ2HAQKSt40wg0hRvjzCVJDMNddlXEE8NzcgVKdtfCnfM7sNeJ1Dq4FbVZQ1vuUk
4hFS5dflQtflxJ0FbVVBJY7uS3Xn66lwBE2xBPk1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+0oHHAIX96l1lzf9CwIa5gCKkdMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IzYjM4ZTUyLTI2OWUtNDg4OC1hNGUzLWEyZTFhMzM5MmE2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFILCIwDQYJKoZIhvcNAQELBQADggEBAKvLL0GfBdSXS7HYymfPjNAjA1sZ
RaUE+ZnHF1AXyDj1GvjCTeSjXB1sRW6ieIZEHHzeskwJzb2AIl2CftAJJavNlX95
rd96bJTu6SbNvjrJ6oP4s534XLSkdLSdLL93DiYFrov6yyqCgmM5Fq2FMh8RV4Rc
wULCkhZ1X5XqnRTwJHS/7K8KjF6VJ8FYBjZRgtJzuJvnfHJLWEMK5UZPIb++KpKL
ubaxn7XtoXCa4nbHcjEcEMJEsRhVfp3dAGi6rTXL6x/QwVFjfaJf6sEaB1kh8L7w
HL3pmsS89lNapHqgY5OVbmbuNgq/FsXmZegLP4aqo4bFJ37gvLrOVMK5ri0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:49:46 2025 by rpki-client