Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e87e4908-56e8-4607-9eaa-66bc2b561735.roa
File: e87e4908-56e8-4607-9eaa-66bc2b561735.roa (raw, json)
Hash identifier: w+HgabxNSnx1RivLdE90tdSm1AxTwm/knWGonbXTUbk=
Subject key identifier: 83:24:2A:8F:2D:73:3B:73:8E:1F:4A:E4:26:44:B8:E8:2E:8D:A0:CB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 36E52B3191117B1F1A703C1BAC1EA9C85CAA0D86
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e87e4908-56e8-4607-9eaa-66bc2b561735.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.77.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:e5:2b:31:91:11:7b:1f:1a:70:3c:1b:ac:1e:a9:c8:5c:aa:0d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=e02d4a13af41fe5b9fff29775aa689ad9a8da795cd05497239bd3fb6680850d2, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:56:c9:9c:d9:06:0a:48:18:1c:76:f2:47:fb:
3e:99:59:db:80:fa:59:b3:cc:40:b7:1a:3f:62:7c:
a8:22:e7:ca:01:f5:9f:0e:17:0a:56:f1:95:fa:8c:
15:bd:cc:bc:7a:b4:e9:bb:44:9a:b4:90:87:f9:61:
9f:c5:44:25:72:68:33:d9:af:d0:ea:ac:d8:9d:32:
fb:40:9c:e1:7a:f6:64:c4:9f:89:0f:56:69:76:27:
dd:35:a0:90:d9:c2:4c:8d:5a:d5:98:84:a3:90:39:
ef:82:e8:ca:36:ba:22:b4:86:b8:43:cd:c6:b2:5c:
83:f5:eb:04:c4:18:83:41:27:b1:cc:cd:b9:3e:7f:
6c:f5:58:da:dc:51:97:df:64:13:06:0b:25:da:14:
18:c4:a7:28:9b:4c:9c:0f:ab:cc:c3:39:e8:52:66:
22:8f:bc:06:78:b3:69:d0:b9:aa:69:62:f6:78:9e:
25:32:ed:ee:79:45:93:15:0c:a6:cf:40:4e:6d:84:
a5:b7:93:d5:28:57:97:3e:b5:5f:24:7e:0d:b6:e4:
8f:84:6c:e6:a6:e6:6c:59:8f:a2:25:29:21:d2:30:
4e:72:0d:52:0e:97:55:3e:37:79:55:3d:0a:17:53:
52:49:46:3b:69:a9:b8:07:64:15:a5:81:cd:38:3e:
81:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:24:2A:8F:2D:73:3B:73:8E:1F:4A:E4:26:44:B8:E8:2E:8D:A0:CB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e87e4908-56e8-4607-9eaa-66bc2b561735.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.77.128.0/24
Signature Algorithm: sha256WithRSAEncryption
85:b4:53:ea:03:80:c4:8e:9d:ed:8d:f3:6a:87:2b:58:fc:8b:
e3:9e:4f:63:06:a7:01:02:62:e3:e5:60:a3:61:43:a7:68:2f:
1e:9b:c6:5b:67:ef:f2:b1:16:ca:ea:53:a1:82:fd:fa:4e:2e:
6c:3b:3b:df:e5:c3:4b:f4:98:8d:b4:ea:d0:b8:fb:8f:bd:67:
c5:89:42:be:2b:b7:a1:c7:26:b0:88:ba:52:dc:b4:8b:2c:3d:
ca:14:6c:91:a5:a2:1d:d5:ac:4e:f2:b8:39:fb:f4:ba:cc:98:
a6:ae:a6:b9:d6:c2:7e:ef:29:bd:ae:ae:5e:b0:f5:03:c3:cd:
03:3e:3f:a0:34:a7:73:5c:05:2d:bf:3d:91:76:c3:3c:78:0e:
eb:9f:85:2e:1e:75:22:15:86:58:7c:cd:9e:5a:7c:b5:85:e4:
58:67:36:00:f9:ae:15:5b:94:d3:14:de:37:45:be:04:0b:ab:
bc:26:54:55:de:b0:e1:02:68:3f:cf:e9:fa:db:14:3e:14:d8:
73:64:77:cf:1b:f9:cd:4c:49:5d:e0:67:d8:17:13:43:ed:cd:
cb:f1:fc:0b:a4:ce:a7:72:d2:18:26:dd:36:67:7f:72:52:9e:
e7:56:1f:f0:55:48:fc:89:af:f6:94:26:f4:47:9c:7c:b7:cc:
ff:03:7c:b7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNuUrMZERex8acDwbrB6pyFyqDYYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMDJkNGExM2FmNDFmZTViOWZmZjI5Nzc1YWE2ODlhZDlh
OGRhNzk1Y2QwNTQ5NzIzOWJkM2ZiNjY4MDg1MGQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkVsmc2QYKSBgcdvJH+z6ZWduA+lmzzEC3Gj9ifKgi58oB
9Z8OFwpW8ZX6jBW9zLx6tOm7RJq0kIf5YZ/FRCVyaDPZr9DqrNidMvtAnOF69mTE
n4kPVml2J901oJDZwkyNWtWYhKOQOe+C6Mo2uiK0hrhDzcayXIP16wTEGINBJ7HM
zbk+f2z1WNrcUZffZBMGCyXaFBjEpyibTJwPq8zDOehSZiKPvAZ4s2nQuappYvZ4
niUy7e55RZMVDKbPQE5thKW3k9UoV5c+tV8kfg225I+EbOam5mxZj6IlKSHSME5y
DVIOl1U+N3lVPQoXU1JJRjtpqbgHZBWlgc04PoExAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgyQqjy1zO3OOH0rkJkS46C6NoMswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U4N2U0OTA4LTU2ZTgtNDYwNy05ZWFhLTY2YmMyYjU2MTczNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYAwDQYJKoZIhvcNAQELBQADggEBAIW0U+oDgMSOne2N82qHK1j8i+Oe
T2MGpwECYuPlYKNhQ6doLx6bxltn7/KxFsrqU6GC/fpOLmw7O9/lw0v0mI206tC4
+4+9Z8WJQr4rt6HHJrCIulLctIssPcoUbJGloh3VrE7yuDn79LrMmKauprnWwn7v
Kb2url6w9QPDzQM+P6A0p3NcBS2/PZF2wzx4DuufhS4edSIVhlh8zZ5afLWF5Fhn
NgD5rhVblNMU3jdFvgQLq7wmVFXesOECaD/P6frbFD4U2HNkd88b+c1MSV3gZ9gX
E0Ptzcvx/Aukzqdy0hgm3TZnf3JSnudWH/BVSPyJr/aUJvRHnHy3zP8DfLc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:45:51 2025 by rpki-client