Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
File: b59643bf-eb80-414a-aca0-653646d46e07.roa (raw, json)
Hash identifier: hiukdSYFWScHwBBskx4e6tTpcHKRelrVEEafrz0VXog=
Subject key identifier: 4B:83:AA:7E:DE:ED:27:74:30:0E:63:22:3B:F7:A1:FC:B2:97:55:EB
Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial: 2214A9F528A18B37F52F0037B53AB9A6FDAC097F
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 199.127.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:14:a9:f5:28:a1:8b:37:f5:2f:00:37:b5:3a:b9:a6:fd:ac:09:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=ecd22a5ef17c8222153c7eb51fc9df7f0d5ec2586c07463aa9efd01eeb52d6ad, CN=42519eb9-9579-4979-bdaf-164abd0e290e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:34:bd:2a:30:f1:b8:15:94:02:9a:eb:00:ec:
4c:be:f2:d7:c1:14:7d:df:7c:93:98:43:74:68:0e:
bc:e5:7e:d3:a9:70:cf:2b:c2:eb:cd:c0:3d:09:ac:
51:fb:c2:7b:43:cc:56:28:6a:7c:24:e4:67:7d:66:
e6:27:25:54:57:75:0e:cc:0b:22:7c:af:7c:f0:bc:
6d:b5:43:04:37:81:7d:41:60:de:2a:cf:39:c6:34:
46:e8:2f:25:14:c5:28:02:17:86:29:35:8d:43:a8:
1c:e6:22:a4:6b:ef:6f:b0:df:9c:11:4a:b6:15:e5:
29:3e:99:05:b4:9f:a8:f0:32:b8:86:f0:bd:4c:41:
84:2d:79:ce:4d:ef:1c:69:5b:3e:2c:b7:64:65:d9:
94:a8:25:be:e3:3f:67:fd:b6:db:27:a4:ac:c7:a7:
3f:81:63:86:a7:9c:2e:58:8c:64:68:80:94:0f:b6:
c7:4e:04:54:c8:2f:31:24:3e:11:27:d2:84:0c:b8:
6b:44:0c:7e:67:50:db:75:cb:44:40:4f:8b:97:17:
1c:0d:bc:51:ba:5b:5d:0d:02:fd:9b:72:8c:03:0c:
fa:6d:38:26:f5:ff:25:bf:78:d9:56:c5:47:78:13:
5f:b8:e3:4e:7c:60:12:f9:2d:42:63:e5:0d:cb:31:
99:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:83:AA:7E:DE:ED:27:74:30:0E:63:22:3B:F7:A1:FC:B2:97:55:EB
X509v3 Authority Key Identifier:
keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.127.232.0/22
Signature Algorithm: sha256WithRSAEncryption
38:28:e3:a7:2e:e2:e4:94:a8:4a:88:13:d5:78:51:f7:a5:96:
33:1a:66:0e:9e:eb:56:d5:f4:e6:94:ef:3b:43:00:11:0e:b6:
cd:47:f3:b6:03:5f:21:30:79:cf:6f:91:b6:59:21:ac:06:cc:
03:ac:4b:ea:56:ed:b3:1a:99:c1:f2:1a:6b:b0:57:fc:25:03:
a4:95:6a:89:9d:b6:e3:4d:6d:ba:7e:6c:22:4a:1a:29:67:37:
d6:7f:a2:e2:b7:cd:f5:36:38:1d:8a:a7:a2:59:24:8e:28:46:
89:fd:69:cb:e2:d0:e3:ee:70:ea:81:0c:fb:4f:97:af:9f:6e:
6b:91:43:2a:69:ce:20:7c:d3:94:0e:40:df:a5:d0:4c:b9:dc:
a4:45:f4:25:ae:0f:9f:7a:e0:c9:10:02:31:de:a0:a2:16:b7:
ba:37:82:31:1b:5d:f2:61:b1:a0:37:52:a0:0e:8d:2f:09:9f:
4a:6f:49:4d:fd:39:27:fe:0b:3d:91:46:ac:6d:35:d0:45:31:
be:7d:2c:7f:7c:56:02:09:3a:0b:38:87:d6:8c:4b:e2:89:31:
db:f7:95:67:db:13:dd:b1:9c:23:60:95:32:56:29:04:09:e2:
83:7d:14:86:5f:64:cc:46:0d:18:64:06:bc:47:50:50:b7:c8:
c1:6a:04:a9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIhSp9Sihizf1LwA3tTq5pv2sCX8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlY2QyMmE1ZWYxN2M4MjIyMTUzYzdlYjUxZmM5ZGY3ZjBk
NWVjMjU4NmMwNzQ2M2FhOWVmZDAxZWViNTJkNmFkMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrNL0qMPG4FZQCmusA7Ey+8tfBFH3ffJOYQ3RoDrzlftOp
cM8rwuvNwD0JrFH7wntDzFYoanwk5Gd9ZuYnJVRXdQ7MCyJ8r3zwvG21QwQ3gX1B
YN4qzznGNEboLyUUxSgCF4YpNY1DqBzmIqRr72+w35wRSrYV5Sk+mQW0n6jwMriG
8L1MQYQtec5N7xxpWz4st2Rl2ZSoJb7jP2f9ttsnpKzHpz+BY4annC5YjGRogJQP
tsdOBFTILzEkPhEn0oQMuGtEDH5nUNt1y0RAT4uXFxwNvFG6W10NAv2bcowDDPpt
OCb1/yW/eNlWxUd4E1+44058YBL5LUJj5Q3LMZn9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUS4Oqft7tJ3QwDmMiO/eh/LKXVeswHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2I1OTY0M2JmLWViODAtNDE0YS1hY2EwLTY1MzY0NmQ0NmUwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALHf+gwDQYJKoZIhvcNAQELBQADggEBADgo46cu4uSUqEqIE9V4UfelljMa
Zg6e61bV9OaU7ztDABEOts1H87YDXyEwec9vkbZZIawGzAOsS+pW7bMamcHyGmuw
V/wlA6SVaomdtuNNbbp+bCJKGilnN9Z/ouK3zfU2OB2Kp6JZJI4oRon9acvi0OPu
cOqBDPtPl6+fbmuRQyppziB805QOQN+l0Ey53KRF9CWuD5964MkQAjHeoKIWt7o3
gjEbXfJhsaA3UqAOjS8Jn0pvSU39OSf+Cz2RRqxtNdBFMb59LH98VgIJOgs4h9aM
S+KJMdv3lWfbE92xnCNglTJWKQQJ4oN9FIZfZMxGDRhkBrxHUFC3yMFqBKk=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:43:26 2025 by rpki-client