Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70030b31-3e37-43ab-8141-a004de762038.roa
File: 70030b31-3e37-43ab-8141-a004de762038.roa (raw, json)
Hash identifier: cyKkms5Lo9CRg+KjUsvVTJcCo4tpvJFXx2wmQ4wmyGs=
Subject key identifier: D4:E3:01:C0:80:8D:D8:7B:42:F9:30:8E:9F:D3:27:4C:59:76:E7:F1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 76EC8B6B10D7993C317A8C748CE239578ED13A6C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70030b31-3e37-43ab-8141-a004de762038.roa
Signing time: Fri 20 Oct 2023 00:00:00 +0000
ROA not before: Fri 20 Oct 2023 00:00:00 +0000
ROA not after: Fri 24 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:ec:8b:6b:10:d7:99:3c:31:7a:8c:74:8c:e2:39:57:8e:d1:3a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 20 00:00:00 2023 GMT
Not After : Nov 24 23:59:59 2023 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e7:ef:b6:c7:5c:e3:74:fe:84:8b:6f:fd:4c:
3f:31:a0:7d:7d:b0:36:fe:1e:7f:86:9a:3d:f5:2f:
d3:59:73:96:fb:50:c9:05:e0:59:92:d1:62:8b:a1:
f8:94:94:e9:13:66:65:f4:3d:c9:33:b2:6b:e7:f2:
60:e3:58:d8:c4:ff:85:61:1b:a8:7d:7e:fb:f3:13:
06:f2:a7:7c:f6:73:e9:69:fb:a9:fe:59:9b:a6:45:
79:c7:ba:a4:68:38:11:28:22:aa:5e:ba:02:15:a5:
8f:d1:83:f0:89:bb:66:a2:77:68:c7:38:70:7a:97:
7a:11:51:a2:54:1b:3b:50:fa:1c:ed:9d:95:51:7a:
21:c0:fe:85:01:7d:71:34:06:f5:6a:cf:ab:f1:31:
b3:30:da:a8:63:d2:51:cd:70:4a:6f:7a:b1:a4:45:
8e:2e:80:2b:5f:56:c9:c9:f3:f3:f6:23:90:ce:ff:
c4:73:a0:15:4a:ad:99:25:d8:96:2a:4d:40:2f:74:
eb:c2:58:7a:2c:4a:58:3c:4f:8f:37:ec:ca:61:02:
09:90:07:78:2a:21:a3:81:f0:6b:bc:02:fd:b9:dd:
ab:34:ce:a3:16:5b:05:bd:8b:45:0e:e0:21:e4:28:
87:ca:d9:ae:f8:00:b6:cb:84:15:71:79:54:40:0d:
1b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E3:01:C0:80:8D:D8:7B:42:F9:30:8E:9F:D3:27:4C:59:76:E7:F1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70030b31-3e37-43ab-8141-a004de762038.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:72:26:3b:70:28:05:d2:5a:76:15:87:8e:55:11:29:fe:c3:
a0:28:0d:17:54:18:c6:97:48:32:c9:77:56:6e:6c:58:d3:db:
8e:74:72:75:03:44:3b:44:52:25:84:ef:80:c6:1b:9e:4a:72:
89:10:e1:c1:f0:d3:53:d8:98:a3:77:50:44:d3:00:87:21:41:
10:ed:8a:3e:8a:6f:ce:55:f5:f4:f6:1e:dc:bb:6d:96:85:87:
bd:5a:66:86:54:f9:27:99:c5:d9:ad:26:2f:fc:4b:f0:cb:d4:
6d:e5:f5:51:bb:d2:0e:6b:d9:c3:90:99:df:a5:36:03:fa:71:
59:ed:10:1f:57:15:31:d2:4a:6e:e6:7f:fb:79:56:64:ab:f2:
16:d1:0c:96:3f:4c:ba:e3:33:4f:c0:a5:f5:14:37:f6:67:f5:
cf:55:a3:e2:f7:c6:3f:69:1c:f4:53:e2:e0:69:dc:3a:8a:66:
d1:12:51:ea:c4:68:ed:4a:4e:49:3f:2a:c1:70:59:f3:94:1b:
b2:a0:b7:f9:96:dc:8f:02:cd:b0:f6:79:87:9f:8c:3a:c3:03:
00:45:a1:e1:e3:39:3f:09:68:9f:d9:ac:a5:67:14:26:28:9f:
26:58:00:92:d3:f0:a6:69:4c:74:1f:a4:fe:29:4e:cf:e5:66:
4f:89:8d:91
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUduyLaxDXmTwxeox0jOI5V47ROmwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDIwMDAwMDAwWhcNMjMxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNmI3Y2JlNDE3Y2MzM2M0MWMyNWQ5ODQ3YjgxMzU4NTg3
YmZlNGQxNWQzYWJkZDllYzU3OTg2Y2Q0YmQyM2ZjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx5++2x1zjdP6Ei2/9TD8xoH19sDb+Hn+Gmj31L9NZc5b7
UMkF4FmS0WKLofiUlOkTZmX0Pckzsmvn8mDjWNjE/4VhG6h9fvvzEwbyp3z2c+lp
+6n+WZumRXnHuqRoOBEoIqpeugIVpY/Rg/CJu2aid2jHOHB6l3oRUaJUGztQ+hzt
nZVReiHA/oUBfXE0BvVqz6vxMbMw2qhj0lHNcEpverGkRY4ugCtfVsnJ8/P2I5DO
/8RzoBVKrZkl2JYqTUAvdOvCWHosSlg8T4837MphAgmQB3gqIaOB8Gu8Av253as0
zqMWWwW9i0UO4CHkKIfK2a74ALbLhBVxeVRADRudAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1OMBwICN2HtC+TCOn9MnTFl25/EwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcwMDMwYjMxLTNlMzctNDNhYi04MTQxLWEwMDRkZTc2MjAzOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKxyJjtwKAXSWnYVh45VESn+w6Ao
DRdUGMaXSDLJd1ZubFjT2450cnUDRDtEUiWE74DGG55KcokQ4cHw01PYmKN3UETT
AIchQRDtij6Kb85V9fT2Hty7bZaFh71aZoZU+SeZxdmtJi/8S/DL1G3l9VG70g5r
2cOQmd+lNgP6cVntEB9XFTHSSm7mf/t5VmSr8hbRDJY/TLrjM0/ApfUUN/Zn9c9V
o+L3xj9pHPRT4uBp3DqKZtESUerEaO1KTkk/KsFwWfOUG7Kgt/mW3I8CzbD2eYef
jDrDAwBFoeHjOT8JaJ/ZrKVnFCYonyZYAJLT8KZpTHQfpP4pTs/lZk+JjZE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:22:35 2025 by rpki-client