Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/539f4f40-eaf3-45a9-9d2c-787e22d7447e.roa
File: 539f4f40-eaf3-45a9-9d2c-787e22d7447e.roa (raw, json)
Hash identifier: zmYmS6FP21hsUL+uk/DtxjuUH2hpF1eC9BwIcQrCTR4=
Subject key identifier: BA:FD:17:9A:EC:8D:8E:1F:FE:99:B6:96:BE:38:5B:43:B1:00:3B:B1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 71BE71757120764D0C910FC0829BE71DCF9DB016
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/539f4f40-eaf3-45a9-9d2c-787e22d7447e.roa
Signing time: Thu 28 Sep 2023 00:00:00 +0000
ROA not before: Thu 28 Sep 2023 00:00:00 +0000
ROA not after: Thu 02 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:be:71:75:71:20:76:4d:0c:91:0f:c0:82:9b:e7:1d:cf:9d:b0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 28 00:00:00 2023 GMT
Not After : Nov 2 23:59:59 2023 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:d4:0c:1f:66:96:2d:a4:08:b7:6c:d7:aa:
c7:4e:5c:cf:1d:f7:9a:6a:45:93:27:c4:d6:0c:e6:
65:e2:ca:e0:ea:32:59:9f:05:9e:f5:19:b2:5b:58:
de:18:84:29:c8:4e:91:a3:58:0a:2c:26:34:75:5f:
18:bf:bc:f7:0d:d3:54:ad:87:f4:0a:47:36:89:82:
02:b1:9d:17:5d:c8:7d:b3:25:12:b7:b3:63:45:ff:
61:31:92:be:19:98:ef:e7:8e:d9:29:e6:c5:8b:b9:
b8:63:77:a4:98:42:30:5f:19:64:94:f5:79:76:de:
50:2b:c9:e0:b8:5a:17:4c:58:78:6b:50:d0:96:47:
7b:11:24:cb:f6:95:9c:39:a4:92:2c:42:43:75:97:
3b:fb:fd:ac:d5:64:94:54:53:e8:b3:ed:ed:25:ed:
fb:ca:e6:73:ed:57:5c:5b:dd:c7:4f:20:8d:3b:e2:
6f:9d:6a:82:a5:79:4d:c6:fc:b5:46:2e:0a:35:b4:
95:11:54:b8:8c:10:a3:ba:b5:66:5e:ca:53:06:22:
5b:7d:16:28:87:8d:bf:e9:80:be:eb:27:40:a0:d0:
bb:51:6d:6a:e1:30:05:d5:57:ac:32:61:ec:e4:98:
0c:87:1a:e9:b6:e3:6a:3d:c7:8d:3b:8e:c6:8c:cb:
4c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:FD:17:9A:EC:8D:8E:1F:FE:99:B6:96:BE:38:5B:43:B1:00:3B:B1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/539f4f40-eaf3-45a9-9d2c-787e22d7447e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
75:d3:de:a0:b9:99:91:75:1f:4e:a6:2c:a6:24:1c:16:76:39:
52:83:1d:61:16:97:ac:bb:18:eb:a0:d4:7f:0c:76:e1:6c:4f:
eb:ec:1d:2d:3d:80:c0:e9:fd:cd:6f:ee:f1:2c:a3:2c:5e:ef:
15:79:22:cb:ad:d7:69:34:41:02:38:b6:19:47:97:7e:2b:b3:
3a:9b:a5:7f:ff:cd:4c:39:c9:e7:50:cf:d3:2e:82:02:a9:0c:
73:47:e2:97:e6:86:d4:f5:68:83:f1:d0:cc:c4:03:06:e3:20:
5a:0d:8c:c8:d8:11:4b:b7:a6:34:32:9c:80:a8:cb:b3:63:a3:
dd:ce:11:61:c9:df:22:30:e8:93:28:bd:6c:c2:59:71:1f:65:
cc:75:e3:28:4a:fb:00:ae:99:4b:1a:ed:0e:a1:bb:bb:47:89:
25:5c:67:8f:2c:d0:80:10:60:90:44:e0:37:b9:68:79:11:36:
90:e9:b8:83:2c:5d:1f:40:ad:48:0a:88:65:d9:75:d1:ab:72:
5e:dc:fd:6a:4b:25:4e:99:6f:b3:1e:fc:12:e6:1a:2a:8d:93:
22:a0:b4:ab:3b:2d:4f:f8:cf:2d:b2:c8:78:a2:1a:47:9b:5b:
c1:82:f2:30:31:80:9b:3a:bf:da:74:e9:98:21:93:cd:2e:94:
35:5a:a9:db
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcb5xdXEgdk0MkQ/AgpvnHc+dsBYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTI4MDAwMDAwWhcNMjMxMTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NmM4YzA4N2ZkZmUyNzFlNDMyYjA1Zjc3OTIwMGYxNmE2
MzhjMWYwZmE2M2M1NWYwZThiNDJkM2EwYmNkZjJiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDUNQMH2aWLaQIt2zXqsdOXM8d95pqRZMnxNYM5mXiyuDq
MlmfBZ71GbJbWN4YhCnITpGjWAosJjR1Xxi/vPcN01Sth/QKRzaJggKxnRddyH2z
JRK3s2NF/2Exkr4ZmO/njtkp5sWLubhjd6SYQjBfGWSU9Xl23lAryeC4WhdMWHhr
UNCWR3sRJMv2lZw5pJIsQkN1lzv7/azVZJRUU+iz7e0l7fvK5nPtV1xb3cdPII07
4m+daoKleU3G/LVGLgo1tJURVLiMEKO6tWZeylMGIlt9FiiHjb/pgL7rJ0Cg0LtR
bWrhMAXVV6wyYezkmAyHGum242o9x407jsaMy0xJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuv0XmuyNjh/+mbaWvjhbQ7EAO7EwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzUzOWY0ZjQwLWVhZjMtNDVhOS05ZDJjLTc4N2UyMmQ3NDQ3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHXT3qC5mZF1H06mLKYkHBZ2OVKD
HWEWl6y7GOug1H8MduFsT+vsHS09gMDp/c1v7vEsoyxe7xV5Isut12k0QQI4thlH
l34rszqbpX//zUw5yedQz9MuggKpDHNH4pfmhtT1aIPx0MzEAwbjIFoNjMjYEUu3
pjQynICoy7Njo93OEWHJ3yIw6JMovWzCWXEfZcx14yhK+wCumUsa7Q6hu7tHiSVc
Z48s0IAQYJBE4De5aHkRNpDpuIMsXR9ArUgKiGXZddGrcl7c/WpLJU6Zb7Me/BLm
GiqNkyKgtKs7LU/4zy2yyHiiGkebW8GC8jAxgJs6v9p06Zghk80ulDVaqds=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:34:36 2025 by rpki-client