Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/82d3ea36-4be4-4790-8ed6-2ae647e98784.roa
File: 82d3ea36-4be4-4790-8ed6-2ae647e98784.roa (raw, json)
Hash identifier: JHJgFmCOF3euAmVmYAGY7bu36mP0Fhv5el1bMYdN+Iw=
Subject key identifier: CB:58:C8:A1:61:E4:46:2B:26:84:E9:94:A2:D9:0E:94:8C:2D:FE:3D
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0C25F3A0DA363748EB5745E0EBCE77152B3069F4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/82d3ea36-4be4-4790-8ed6-2ae647e98784.roa
Signing time: Thu 14 Dec 2023 00:00:00 +0000
ROA not before: Thu 14 Dec 2023 00:00:00 +0000
ROA not after: Thu 18 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:25:f3:a0:da:36:37:48:eb:57:45:e0:eb:ce:77:15:2b:30:69:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 14 00:00:00 2023 GMT
Not After : Jan 18 23:59:59 2024 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3b:d4:4d:cd:75:07:d9:ca:c2:f4:8c:8e:56:
65:6d:48:0d:07:2a:2c:b3:ca:22:b3:14:bc:b4:a7:
90:8b:40:00:a7:b8:c5:d9:e9:4f:5e:e2:77:74:61:
13:10:aa:97:96:13:12:01:68:b5:1d:41:c6:cb:23:
84:f2:34:48:84:44:d0:a6:83:8e:86:ec:a8:e0:74:
b4:ca:7e:6c:05:d5:2f:f6:77:b9:e9:97:22:d7:e0:
80:c9:2a:2b:7e:30:b5:9c:be:c2:dd:83:63:24:df:
95:15:43:4c:aa:69:f6:d2:67:2b:ed:4e:6b:5f:10:
f1:f8:58:f8:cc:39:79:61:95:3a:5e:0e:26:76:de:
73:8f:2f:16:6f:9d:82:bd:61:b3:40:03:38:bb:4e:
77:d3:05:3f:01:66:d7:bb:d7:0e:e8:60:54:4f:7d:
c2:28:0e:f1:23:cf:8e:08:9c:a8:87:11:4c:5b:5e:
f9:0c:da:f8:e9:e9:68:90:19:6c:b8:a5:12:5c:ff:
dd:7a:96:3c:e3:0a:c3:6f:5d:6a:de:36:43:28:3c:
65:54:07:8b:c1:cc:e6:69:ea:14:4a:e2:56:31:1c:
2e:1c:6a:ea:73:4c:7d:f6:93:5c:6c:89:a3:74:f4:
c6:e1:71:27:f5:ae:e1:90:20:fb:8d:d2:17:b2:f4:
e6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:58:C8:A1:61:E4:46:2B:26:84:E9:94:A2:D9:0E:94:8C:2D:FE:3D
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/82d3ea36-4be4-4790-8ed6-2ae647e98784.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:2f:f3:a6:62:7d:e1:12:32:4f:d0:de:f4:41:88:23:6f:de:
d6:dd:f1:8f:71:27:a4:3d:d8:af:fd:21:4a:61:f7:e8:54:20:
9a:0a:2e:2a:bc:45:7a:21:eb:9f:85:c1:f8:36:9a:c5:c9:19:
25:a4:bc:b5:99:f2:06:72:6d:f0:c8:b4:35:28:f5:1d:1b:74:
ee:d8:c8:96:41:81:66:71:82:01:30:85:16:fe:9d:6f:6c:bc:
79:cc:a8:7f:29:2c:75:70:6e:6d:e5:2d:5e:0a:d3:81:91:8e:
95:61:38:b9:19:ce:b6:00:eb:a8:03:f4:9d:50:62:b8:03:e2:
b3:18:13:b0:09:a2:43:04:dc:88:b8:a9:f7:a7:ef:9f:14:50:
ec:1b:a6:e2:55:d8:7d:9c:d0:01:51:fe:7f:42:69:ec:07:cb:
81:d8:b3:83:a4:da:05:95:70:a3:4e:88:b3:98:0a:31:1b:10:
81:19:57:62:d4:04:82:05:f5:62:3c:81:40:13:6d:5f:ba:04:
9c:57:60:a3:87:60:c0:21:83:2a:29:6c:8a:aa:34:aa:05:2a:
95:aa:0c:32:ef:cc:ef:ab:ef:ce:c8:7b:bb:50:9e:95:01:4a:
50:49:05:87:0c:72:48:a6:5e:03:4a:03:b0:5e:df:46:e9:ad:
f6:fb:54:15
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDCXzoNo2N0jrV0Xg6853FSswafQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjE0MDAwMDAwWhcNMjQwMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1N2E2NjhlMDAzZjUxNzA2MzFlZTZlYTM4OTBiNTRiZTg3
NjBlOThlMGMyMWU3NmY0ODBhYThlODdjMTNiZDA1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXO9RNzXUH2crC9IyOVmVtSA0HKiyzyiKzFLy0p5CLQACn
uMXZ6U9e4nd0YRMQqpeWExIBaLUdQcbLI4TyNEiERNCmg46G7KjgdLTKfmwF1S/2
d7nplyLX4IDJKit+MLWcvsLdg2Mk35UVQ0yqafbSZyvtTmtfEPH4WPjMOXlhlTpe
DiZ23nOPLxZvnYK9YbNAAzi7TnfTBT8BZte71w7oYFRPfcIoDvEjz44InKiHEUxb
XvkM2vjp6WiQGWy4pRJc/916ljzjCsNvXWreNkMoPGVUB4vBzOZp6hRK4lYxHC4c
aupzTH32k1xsiaN09MbhcSf1ruGQIPuN0hey9OYbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUy1jIoWHkRismhOmUotkOlIwt/j0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzgyZDNlYTM2LTRiZTQtNDc5MC04ZWQ2LTJhZTY0N2U5ODc4NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAG4v86ZifeESMk/Q3vRBiCNv3tbd
8Y9xJ6Q92K/9IUph9+hUIJoKLiq8RXoh65+Fwfg2msXJGSWkvLWZ8gZybfDItDUo
9R0bdO7YyJZBgWZxggEwhRb+nW9svHnMqH8pLHVwbm3lLV4K04GRjpVhOLkZzrYA
66gD9J1QYrgD4rMYE7AJokME3Ii4qfen758UUOwbpuJV2H2c0AFR/n9CaewHy4HY
s4Ok2gWVcKNOiLOYCjEbEIEZV2LUBIIF9WI8gUATbV+6BJxXYKOHYMAhgyopbIqq
NKoFKpWqDDLvzO+r787Ie7tQnpUBSlBJBYcMckimXgNKA7Be30bprfb7VBU=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:32:15 2025 by rpki-client