Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1dd8be8a-bead-4d5b-a818-4d1482f479ff/3e233b44-911d-3c32-9600-9580640a3557.roa
File: 3e233b44-911d-3c32-9600-9580640a3557.roa (raw, json)
Hash identifier: FnQwWsX5DbrArUWLJujr1DzeG+Q46MsyQtFhV8vabA4=
Subject key identifier: E2:45:6C:11:8D:9C:53:20:E6:57:DC:FB:4A:E9:4E:20:62:43:C3:AF
Certificate issuer: /CN=1dd8be8a-bead-4d5b-a818-4d1482f479ff
Certificate serial: 010D0C9F4328584847E02BC59FD782B1853BD400
Authority key identifier: E3:28:40:84:94:46:48:1D:6F:B2:BD:50:2C:4E:64:AF:32:56:B3:37
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1dd8be8a-bead-4d5b-a818-4d1482f479ff.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1dd8be8a-bead-4d5b-a818-4d1482f479ff/3e233b44-911d-3c32-9600-9580640a3557.roa
Signing time: Sat 21 Dec 2024 14:00:52 +0000
ROA not before: Sat 21 Dec 2024 14:00:52 +0000
ROA not after: Fri 21 Mar 2025 13:00:52 +0000
asID: 17378
IP address blocks: 72.29.96.0/19 maxlen: 24
72.249.0.0/17 maxlen: 24
72.249.128.0/18 maxlen: 24
74.112.92.0/22 maxlen: 24
74.114.180.0/22 maxlen: 24
74.118.40.0/22 maxlen: 24
74.120.208.0/22 maxlen: 24
74.213.128.0/19 maxlen: 24
96.31.160.0/20 maxlen: 24
98.142.80.0/20 maxlen: 24
104.37.108.0/22 maxlen: 24
144.202.128.0/17 maxlen: 24
162.216.52.0/22 maxlen: 24
162.220.104.0/22 maxlen: 24
162.222.96.0/22 maxlen: 24
162.248.248.0/21 maxlen: 24
173.237.128.0/18 maxlen: 24
173.240.48.0/20 maxlen: 24
174.136.0.0/18 maxlen: 24
192.197.58.0/23 maxlen: 24
198.35.116.0/22 maxlen: 24
199.21.64.0/21 maxlen: 24
199.87.60.0/22 maxlen: 24
199.96.248.0/21 maxlen: 24
199.188.208.0/22 maxlen: 24
199.193.140.0/22 maxlen: 24
199.193.176.0/22 maxlen: 24
199.233.224.0/22 maxlen: 24
204.11.208.0/22 maxlen: 24
204.15.100.0/22 maxlen: 24
204.16.108.0/22 maxlen: 24
205.147.202.0/24 maxlen: 24
205.147.208.0/24 maxlen: 24
205.147.218.0/24 maxlen: 24
205.147.235.0/24 maxlen: 24
206.123.64.0/18 maxlen: 24
206.245.164.0/24 maxlen: 24
207.8.244.0/22 maxlen: 24
207.45.160.0/20 maxlen: 24
207.154.0.0/18 maxlen: 24
207.210.192.0/18 maxlen: 24
207.254.208.0/20 maxlen: 24
208.67.120.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:47:e0:2b:c5:9f:d7:82:b1:85:3b:d4:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dd8be8a-bead-4d5b-a818-4d1482f479ff
Validity
Not Before: Dec 21 14:00:52 2024 GMT
Not After : Mar 21 13:00:52 2025 GMT
Subject: CN=adde6267-4662-4ca0-8a0d-081eda4dac37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:25:a4:2c:4b:78:0e:93:17:33:0a:b9:68:83:
a2:7e:5d:5c:5c:5a:68:19:64:bc:c6:2a:4e:c4:48:
b6:7a:c9:65:f3:28:23:0f:cf:e7:90:f3:3b:0e:cd:
14:c7:41:8c:31:7e:e1:df:5b:24:93:f0:2a:dc:69:
88:d0:80:c7:6b:5c:2b:1f:49:7d:37:0a:5f:13:7a:
23:0a:3c:6a:dd:9b:6c:64:a2:ca:7a:3a:77:3d:bd:
58:09:4f:68:cb:98:a6:34:aa:03:85:b5:5f:ca:48:
07:72:3a:ec:50:23:06:3b:7c:cd:a3:3f:bc:b3:fa:
f5:f2:04:6e:d4:34:88:02:08:89:75:f5:c2:cc:e3:
be:b7:03:85:aa:3b:00:63:0a:16:92:75:65:49:2c:
e3:a9:c6:28:25:63:67:e0:bd:33:1f:ff:82:65:1b:
f3:b8:10:aa:89:99:14:fe:fa:50:ca:93:25:d4:81:
ec:83:3d:45:4d:b9:c9:65:3b:18:d8:0d:e9:76:ea:
83:9c:64:8f:0b:14:10:b5:3d:2a:88:7b:97:d9:1a:
f0:c5:bf:57:f7:36:46:b5:6a:e6:f9:d6:c1:34:c4:
07:92:f1:77:b2:0f:82:d4:8d:ac:c5:e1:94:81:94:
d3:5e:31:7a:d3:e8:03:53:50:0f:68:44:f7:e3:49:
c3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:45:6C:11:8D:9C:53:20:E6:57:DC:FB:4A:E9:4E:20:62:43:C3:AF
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1dd8be8a-bead-4d5b-a818-4d1482f479ff/3e233b44-911d-3c32-9600-9580640a3557.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1dd8be8a-bead-4d5b-a818-4d1482f479ff/1dd8be8a-bead-4d5b-a818-4d1482f479ff.crl
X509v3 Authority Key Identifier:
keyid:E3:28:40:84:94:46:48:1D:6F:B2:BD:50:2C:4E:64:AF:32:56:B3:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1dd8be8a-bead-4d5b-a818-4d1482f479ff.cer
sbgp-ipAddrBlock: critical
IPv4:
72.29.96.0/19
72.249.0.0-72.249.191.255
74.112.92.0/22
74.114.180.0/22
74.118.40.0/22
74.120.208.0/22
74.213.128.0/19
96.31.160.0/20
98.142.80.0/20
104.37.108.0/22
144.202.128.0/17
162.216.52.0/22
162.220.104.0/22
162.222.96.0/22
162.248.248.0/21
173.237.128.0/18
173.240.48.0/20
174.136.0.0/18
192.197.58.0/23
198.35.116.0/22
199.21.64.0/21
199.87.60.0/22
199.96.248.0/21
199.188.208.0/22
199.193.140.0/22
199.193.176.0/22
199.233.224.0/22
204.11.208.0/22
204.15.100.0/22
204.16.108.0/22
205.147.202.0/24
205.147.208.0/24
205.147.218.0/24
205.147.235.0/24
206.123.64.0/18
206.245.164.0/24
207.8.244.0/22
207.45.160.0/20
207.154.0.0/18
207.210.192.0/18
207.254.208.0/20
208.67.120.0/21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
91:a5:0b:39:0d:9a:ee:e2:49:55:50:6a:f1:bf:8c:20:db:10:
71:2c:89:5a:22:49:b1:ec:37:69:96:70:fd:d5:1f:24:2e:36:
b1:11:ab:d3:15:a7:73:4a:09:fa:41:05:c5:bd:1c:16:f2:fa:
4d:60:ab:32:6d:74:73:ed:2d:10:fa:0c:20:c2:fa:09:82:c0:
f8:d3:24:1c:de:6f:0e:31:31:82:dc:6b:bd:88:b2:d1:05:be:
ed:35:49:0f:b9:9d:5b:09:00:23:69:e4:87:0d:30:8c:68:98:
c1:af:a4:8a:a0:89:da:76:de:c3:4c:84:72:c1:6a:54:c5:31:
b7:e6:08:6e:f9:4d:93:35:dc:08:ef:30:6b:39:16:62:78:c9:
2a:b6:ad:1f:c8:a0:86:a9:f1:af:62:7e:11:53:d0:cf:14:52:
0f:8b:42:d9:d2:7e:a8:aa:87:94:ca:6a:1e:42:a2:81:c6:66:
29:9e:4d:b6:a2:32:cf:f9:ec:c5:21:8a:b3:7a:96:68:26:92:
89:79:bd:b1:36:c8:01:76:44:a8:81:d6:60:d5:bf:b5:32:aa:
67:16:8c:8d:a3:9e:9b:19:d8:3f:15:52:d9:b4:f2:18:fe:16:
18:37:31:7a:cd:c1:78:6d:d0:87:2e:94:e7:5a:17:5e:24:73:
58:54:22:fd
-----BEGIN CERTIFICATE-----
MIIHSjCCBjKgAwIBAgIUAQ0Mn0MoWEhH4CvFn9eCsYU71AAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMWRkOGJlOGEtYmVhZC00ZDViLWE4MTgtNGQxNDgyZjQ3
OWZmMB4XDTI0MTIyMTE0MDA1MloXDTI1MDMyMTEzMDA1MlowLzEtMCsGA1UEAxMk
YWRkZTYyNjctNDY2Mi00Y2EwLThhMGQtMDgxZWRhNGRhYzM3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CWkLEt4DpMXMwq5aIOifl1cXFpoGWS8xipO
xEi2esll8ygjD8/nkPM7Ds0Ux0GMMX7h31skk/Aq3GmI0IDHa1wrH0l9NwpfE3oj
Cjxq3ZtsZKLKejp3Pb1YCU9oy5imNKoDhbVfykgHcjrsUCMGO3zNoz+8s/r18gRu
1DSIAgiJdfXCzOO+twOFqjsAYwoWknVlSSzjqcYoJWNn4L0zH/+CZRvzuBCqiZkU
/vpQypMl1IHsgz1FTbnJZTsY2A3pduqDnGSPCxQQtT0qiHuX2Rrwxb9X9zZGtWrm
+dbBNMQHkvF3sg+C1I2sxeGUgZTTXjF60+gDU1APaET340nDnwIDAQABo4IEXDCC
BFgwHQYDVR0OBBYEFOJFbBGNnFMg5lfc+0rpTiBiQ8OvMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi8xZGQ4
YmU4YS1iZWFkLTRkNWItYTgxOC00ZDE0ODJmNDc5ZmYvM2UyMzNiNDQtOTExZC0z
YzMyLTk2MDAtOTU4MDY0MGEzNTU3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81YjdmYjEyMi1k
ZmRmLTRjMGMtYjkwZC0zYmM3YTVmZWI4MmIvMWRkOGJlOGEtYmVhZC00ZDViLWE4
MTgtNGQxNDgyZjQ3OWZmLzFkZDhiZThhLWJlYWQtNGQ1Yi1hODE4LTRkMTQ4MmY0
NzlmZi5jcmwwHwYDVR0jBBgwFoAU4yhAhJRGSB1vsr1QLE5krzJWszcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMw
Yy1iOTBkLTNiYzdhNWZlYjgyYi8xZGQ4YmU4YS1iZWFkLTRkNWItYTgxOC00ZDE0
ODJmNDc5ZmYuY2VyMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCCAQsEAgABMIIB
AwMEBUgdYDALAwMASPkDBAZI+YADBAJKcFwDBAJKcrQDBAJKdigDBAJKeNADBAVK
1YADBARgH6ADBARijlADBAJoJWwDBAeQyoADBAKi2DQDBAKi3GgDBAKi3mADBAOi
+PgDBAat7YADBASt8DADBAauiAADBAHAxToDBALGI3QDBAPHFUADBALHVzwDBAPH
YPgDBALHvNADBALHwYwDBALHwbADBALH6eADBALMC9ADBALMD2QDBALMEGwDBADN
k8oDBADNk9ADBADNk9oDBADNk+sDBAbOe0ADBADO9aQDBALPCPQDBATPLaADBAbP
mgADBAbP0sADBATP/tADBAPQQ3gwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6
MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBr
aS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAkaULOQ2a7uJJVVBq8b+MINsQ
cSyJWiJJsew3aZZw/dUfJC42sRGr0xWnc0oJ+kEFxb0cFvL6TWCrMm10c+0tEPoM
IML6CYLA+NMkHN5vDjExgtxrvYiy0QW+7TVJD7mdWwkAI2nkhw0wjGiYwa+kiqCJ
2nbew0yEcsFqVMUxt+YIbvlNkzXcCO8wazkWYnjJKratH8ighqnxr2J+EVPQzxRS
D4tC2dJ+qKqHlMpqHkKigcZmKZ5NtqIyz/nsxSGKs3qWaCaSiXm9sTbIAXZEqIHW
YNW/tTKqZxaMjaOemxnYPxVS2bTyGP4WGDcxes3BeG3Qhy6U51oXXiRzWFQi/Q==
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:43:31 2025 by rpki-client