Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6194b27-8378-4959-8e87-076083a0e654.roa
File: f6194b27-8378-4959-8e87-076083a0e654.roa (raw, json)
Hash identifier: a5KMYVCYnxTSf7sukXPyaGr16eKOXTW5otyjD5hdxdE=
Subject key identifier: 76:53:F8:B4:32:B1:D0:1F:E8:09:9B:14:82:12:4C:47:83:3A:FF:F3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 71728388D53C51D794728C6C5A417A76F18FBA7E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6194b27-8378-4959-8e87-076083a0e654.roa
Signing time: Wed 29 Jan 2025 00:00:00 +0000
ROA not before: Wed 29 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 107.179.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:72:83:88:d5:3c:51:d7:94:72:8c:6c:5a:41:7a:76:f1:8f:ba:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 29 00:00:00 2025 GMT
Not After : Mar 5 23:59:59 2025 GMT
Subject: serialNumber=674c20c4558c93f46e15a7a102fbf1a19583edc1cdcf593dd1d088a3d15f8d4f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7a:e0:f3:8a:36:ca:31:90:5d:fb:48:09:33:
b6:b7:40:f6:7a:67:d7:37:d9:9a:1a:03:3e:2b:cf:
ad:de:27:54:54:d0:a1:86:0f:74:09:b1:63:3a:a2:
1d:16:74:3e:c2:d5:4c:ee:42:02:73:90:e2:05:90:
66:45:19:37:8a:61:83:7a:8f:2b:a6:d2:97:08:de:
ce:dc:ba:47:ac:8f:87:61:5d:48:b9:ec:fc:3b:4d:
8f:ce:73:ce:98:5c:c9:21:b1:e6:69:c9:e7:40:96:
15:96:9e:38:ef:03:8d:e9:f9:8b:c6:6c:eb:d4:d3:
3a:93:eb:19:c8:bd:92:26:15:5e:e6:83:90:c9:3e:
27:ed:95:e9:5b:cc:69:7a:a3:02:ba:54:05:a0:62:
02:16:9f:42:66:64:00:06:00:99:7a:a2:1a:23:ed:
d8:ca:cd:0b:a7:3b:d7:99:2e:58:62:b0:b7:11:03:
4f:62:b3:8f:9f:5a:e6:24:9b:c5:ea:d4:99:74:5c:
66:7e:a9:cd:47:fe:0e:d0:6a:23:7c:bb:31:88:b9:
55:1f:5b:27:82:69:53:5b:65:ae:17:37:c9:d6:1e:
be:ff:7a:a9:9f:d3:7a:7e:5c:8c:66:3c:b6:96:78:
e0:61:a1:7c:3a:c5:fb:51:32:93:b4:86:14:8d:72:
92:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:53:F8:B4:32:B1:D0:1F:E8:09:9B:14:82:12:4C:47:83:3A:FF:F3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6194b27-8378-4959-8e87-076083a0e654.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.179.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9d:f0:46:df:96:06:a3:f6:0d:fa:e4:92:47:24:39:57:73:8f:
b4:c8:6d:3e:66:8c:d8:3b:09:f2:c9:51:26:b1:f6:36:68:0a:
4b:da:13:f9:19:12:16:f8:0f:b6:d8:d2:45:02:3f:f5:60:eb:
3d:a9:99:cf:f6:64:81:15:a1:b2:6d:8c:06:01:3d:d8:f7:64:
6d:cd:07:19:2a:03:1a:f9:f0:af:3a:f6:91:82:ab:d3:f5:e4:
d1:60:00:0b:00:3e:71:71:92:44:82:65:9e:30:3c:af:a5:9e:
5e:be:89:1e:c8:af:bd:3e:a2:bf:75:b8:81:42:6e:d9:b5:3f:
4b:1f:7a:30:03:84:e4:ef:67:52:49:86:dd:e3:c6:95:18:6e:
0d:d1:7d:52:6a:d4:53:e4:07:22:e6:05:24:4e:6a:e3:db:64:
14:e3:fd:d8:bb:ed:c1:96:6f:27:9f:ce:af:ad:f7:43:88:67:
b7:db:f2:23:f9:b8:f9:6f:37:01:18:31:fa:4f:80:91:cd:0b:
d2:d2:54:c8:f1:fe:9b:31:5d:61:ce:3c:4e:25:22:2a:e6:fc:
58:6b:d8:96:1b:43:70:43:bb:49:a3:ad:cc:1c:5b:b2:a3:d6:
a0:54:26:05:88:43:90:c7:58:98:98:0b:c3:12:35:b2:b5:a2:
e3:97:d8:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcXKDiNU8UdeUcoxsWkF6dvGPun4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI5MDAwMDAwWhcNMjUwMzA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzRjMjBjNDU1OGM5M2Y0NmUxNWE3YTEwMmZiZjFhMTk1
ODNlZGMxY2RjZjU5M2RkMWQwODhhM2QxNWY4ZDRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWeuDzijbKMZBd+0gJM7a3QPZ6Z9c32ZoaAz4rz63eJ1RU
0KGGD3QJsWM6oh0WdD7C1UzuQgJzkOIFkGZFGTeKYYN6jyum0pcI3s7cukesj4dh
XUi57Pw7TY/Oc86YXMkhseZpyedAlhWWnjjvA43p+YvGbOvU0zqT6xnIvZImFV7m
g5DJPiftlelbzGl6owK6VAWgYgIWn0JmZAAGAJl6ohoj7djKzQunO9eZLlhisLcR
A09is4+fWuYkm8Xq1Jl0XGZ+qc1H/g7QaiN8uzGIuVUfWyeCaVNbZa4XN8nWHr7/
eqmf03p+XIxmPLaWeOBhoXw6xftRMpO0hhSNcpLNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdlP4tDKx0B/oCZsUghJMR4M6//MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2MTk0YjI3LTgzNzgtNDk1OS04ZTg3LTA3NjA4M2EwZTY1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdrswAwDQYJKoZIhvcNAQELBQADggEBAJ3wRt+WBqP2DfrkkkckOVdzj7TI
bT5mjNg7CfLJUSax9jZoCkvaE/kZEhb4D7bY0kUCP/Vg6z2pmc/2ZIEVobJtjAYB
Pdj3ZG3NBxkqAxr58K869pGCq9P15NFgAAsAPnFxkkSCZZ4wPK+lnl6+iR7Ir70+
or91uIFCbtm1P0sfejADhOTvZ1JJht3jxpUYbg3RfVJq1FPkByLmBSROauPbZBTj
/di77cGWbyefzq+t90OIZ7fb8iP5uPlvNwEYMfpPgJHNC9LSVMjx/psxXWHOPE4l
Iirm/Fhr2JYbQ3BDu0mjrcwcW7Kj1qBUJgWIQ5DHWJiYC8MSNbK1ouOX2J4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:11:54 2025 by rpki-client