Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/58f9ffe5-09fd-40ac-8ea4-fe1f8d01d875.roa
File: 58f9ffe5-09fd-40ac-8ea4-fe1f8d01d875.roa (raw, json)
Hash identifier: kSFH8BdCqzieTmZCl/CFfhBTe3Zem4z8QLiMg3iKJxQ=
Subject key identifier: 6B:2B:76:68:2A:11:78:EC:65:30:03:7C:2A:F0:35:4B:FE:F7:97:84
Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial: 029F32661319317479A68AAEFE3E6C09718FE4B1
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/58f9ffe5-09fd-40ac-8ea4-fe1f8d01d875.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 69.169.232.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:9f:32:66:13:19:31:74:79:a6:8a:ae:fe:3e:6c:09:71:8f:e4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=3c6b05fc2c0d985d2affa6e86b77eb6e3cb3da44630d3786dcb03ca0a26aa7e3, CN=42519eb9-9579-4979-bdaf-164abd0e290e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:59:c4:b8:b1:d3:9a:c0:2c:f7:e4:a5:f7:f6:
50:88:d3:3a:fd:aa:66:bf:2d:e6:9b:69:88:00:38:
cc:df:ea:2a:f0:91:d6:64:99:18:5c:c7:cb:62:90:
da:1f:ed:48:d9:7f:07:49:7d:0f:a5:cd:5f:1c:37:
e5:84:a3:17:fe:7c:16:e0:63:18:72:a7:3c:a5:41:
89:b0:28:b9:5b:9a:c1:65:8b:65:07:cc:75:15:13:
42:30:66:c1:c8:b0:70:32:22:e8:cf:e5:7a:54:02:
6f:37:3e:96:ff:2f:91:64:a9:b4:fb:9d:de:ee:29:
96:b2:b9:ae:18:bd:ec:1f:95:1c:f8:3d:88:c3:c4:
36:08:e2:42:34:8a:9b:4e:ff:64:ab:55:69:5c:17:
d3:e7:6f:f7:ed:ce:b3:1e:d7:45:e0:74:bd:65:ec:
79:6d:03:43:97:d1:3e:54:0f:be:19:a6:9a:53:a3:
c9:d6:41:d1:85:97:bc:2d:a3:95:ea:62:1c:fb:2d:
97:fa:c1:6c:13:c9:66:d1:61:cf:03:68:3a:ae:bb:
b4:a5:d7:fd:28:86:fc:c8:18:44:02:40:6b:78:24:
13:4c:db:0b:1e:a8:a4:74:5c:c2:9a:08:90:b2:95:
92:b3:86:d8:b0:d0:d7:9f:da:da:5e:31:31:03:1c:
c5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2B:76:68:2A:11:78:EC:65:30:03:7C:2A:F0:35:4B:FE:F7:97:84
X509v3 Authority Key Identifier:
keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/58f9ffe5-09fd-40ac-8ea4-fe1f8d01d875.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.169.232.0/23
Signature Algorithm: sha256WithRSAEncryption
74:93:73:76:9b:85:5c:a0:45:ba:9f:05:3e:85:3a:02:9f:42:
06:74:f2:e4:c1:fd:48:85:36:c0:0b:a1:04:c4:24:d3:30:13:
54:1e:97:c0:c0:23:3a:c1:31:59:83:51:99:d1:2d:1f:8f:06:
c3:42:35:c0:d1:90:80:1a:e2:fc:fd:2f:4a:74:4f:0e:0f:21:
66:53:5a:96:a7:cd:14:6f:2a:68:12:54:d1:44:5b:19:02:a2:
5a:99:58:9e:e7:42:3e:46:c2:81:92:dd:a9:3c:85:11:36:19:
de:09:66:0e:9a:75:41:26:c3:b4:5e:76:02:e8:13:b9:5a:c4:
e9:ff:6f:66:cd:e0:43:19:d4:3e:93:8e:3d:a6:0f:7a:d1:e0:
02:0a:81:0e:a8:3f:d5:26:1b:82:90:41:6b:e7:d1:b1:89:d8:
be:5f:63:7c:68:dd:ae:a8:fa:87:9e:6d:20:76:a5:b5:c0:cb:
01:24:d4:26:f5:ec:56:4c:04:66:ac:de:00:94:2e:3c:49:ff:
4b:09:ae:1d:6f:aa:f2:22:ce:c6:42:21:1f:af:73:e7:21:7c:
56:be:0e:e4:28:80:77:96:db:d4:0f:44:2a:69:b0:9d:23:6d:
7f:b4:0e:18:34:e4:17:73:ca:74:8d:95:84:37:68:98:94:23:
43:b8:6c:e6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAp8yZhMZMXR5poqu/j5sCXGP5LEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYzZiMDVmYzJjMGQ5ODVkMmFmZmE2ZTg2Yjc3ZWI2ZTNj
YjNkYTQ0NjMwZDM3ODZkY2IwM2NhMGEyNmFhN2UzMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjWcS4sdOawCz35KX39lCI0zr9qma/LeabaYgAOMzf6irw
kdZkmRhcx8tikNof7UjZfwdJfQ+lzV8cN+WEoxf+fBbgYxhypzylQYmwKLlbmsFl
i2UHzHUVE0IwZsHIsHAyIujP5XpUAm83Ppb/L5FkqbT7nd7uKZayua4YvewflRz4
PYjDxDYI4kI0iptO/2SrVWlcF9Pnb/ftzrMe10XgdL1l7HltA0OX0T5UD74ZpppT
o8nWQdGFl7wto5XqYhz7LZf6wWwTyWbRYc8DaDquu7Sl1/0ohvzIGEQCQGt4JBNM
2wseqKR0XMKaCJCylZKzhtiw0Nef2tpeMTEDHMX3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUayt2aCoReOxlMAN8KvA1S/73l4QwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzU4ZjlmZmU1LTA5ZmQtNDBhYy04ZWE0LWZlMWY4ZDAxZDg3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFFqegwDQYJKoZIhvcNAQELBQADggEBAHSTc3abhVygRbqfBT6FOgKfQgZ0
8uTB/UiFNsALoQTEJNMwE1Qel8DAIzrBMVmDUZnRLR+PBsNCNcDRkIAa4vz9L0p0
Tw4PIWZTWpanzRRvKmgSVNFEWxkColqZWJ7nQj5GwoGS3ak8hRE2Gd4JZg6adUEm
w7RedgLoE7laxOn/b2bN4EMZ1D6Tjj2mD3rR4AIKgQ6oP9UmG4KQQWvn0bGJ2L5f
Y3xo3a6o+oeebSB2pbXAywEk1Cb17FZMBGas3gCULjxJ/0sJrh1vqvIizsZCIR+v
c+chfFa+DuQogHeW29QPRCppsJ0jbX+0Dhg05BdzynSNlYQ3aJiUI0O4bOY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:49:21 2025 by rpki-client