Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d2edc00-ca50-4e81-83b1-680d86e032bf.roa
File: 8d2edc00-ca50-4e81-83b1-680d86e032bf.roa (raw, json)
Hash identifier: XVUjgVVTYC23huCW0uZ1204q1Uq2V0kctewg104hEak=
Subject key identifier: 0B:34:CA:5E:0B:E7:EE:F1:6A:58:B9:8F:EF:3E:C0:CA:40:F6:6E:DC
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5D9A1E29C627DAD7663E809D2A195708A451215F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d2edc00-ca50-4e81-83b1-680d86e032bf.roa
Signing time: Tue 18 Mar 2025 18:38:14 +0000
ROA not before: Tue 18 Mar 2025 18:38:14 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:9a:1e:29:c6:27:da:d7:66:3e:80:9d:2a:19:57:08:a4:51:21:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 18 18:38:14 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:31:40:86:1b:6d:d2:64:4d:f3:d7:c7:9d:
ff:5b:ae:39:b1:3f:01:1c:08:fe:d7:81:da:ef:a7:
9c:b6:1a:43:6b:3e:77:fd:e6:3f:b0:6e:99:c6:66:
8f:84:ce:d7:01:5b:94:e8:b0:80:a7:b5:fd:8e:d5:
4e:48:90:cf:67:4d:6a:62:15:6d:8b:d3:c2:a6:bd:
20:65:c9:55:a9:95:82:79:98:5a:a8:e7:74:2d:85:
7b:87:85:91:d9:16:8f:f5:db:be:8b:47:15:81:39:
d0:f6:f2:e0:79:89:77:0b:18:c7:6f:5f:0e:b9:76:
37:d6:56:28:3c:a8:d7:55:cc:30:1c:40:16:c6:7b:
cc:d3:69:41:b4:9a:d6:20:15:77:a0:41:a8:c3:7d:
ea:3c:11:7e:49:4f:49:08:b7:2c:9a:ba:38:7c:54:
52:d0:e6:37:1e:8d:ee:20:d6:d6:5f:00:a0:33:95:
60:3e:2a:c7:25:3b:eb:c7:4e:d8:d0:33:16:43:bf:
3a:52:d1:26:ee:c7:37:73:4f:de:3f:d8:e0:c6:17:
95:b4:55:1e:e5:70:99:79:a0:35:3e:d6:02:04:f7:
ed:86:fd:b1:42:48:84:7d:a0:9f:33:44:17:cc:ee:
a7:8f:1d:95:db:09:ea:c2:78:0f:23:62:cd:2d:86:
7d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:34:CA:5E:0B:E7:EE:F1:6A:58:B9:8F:EF:3E:C0:CA:40:F6:6E:DC
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d2edc00-ca50-4e81-83b1-680d86e032bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e1:78:a9:aa:9c:30:4c:8c:f5:29:d7:49:e4:4e:5a:ad:b8:
fa:87:d1:bb:da:cf:5a:4e:e8:43:9c:8e:a3:cf:ef:c9:2d:6c:
2a:29:b1:0f:60:e0:2d:cf:23:9b:98:7b:37:09:90:b1:55:50:
7b:df:e3:13:27:62:d2:93:b3:ea:e3:30:99:b9:fa:45:aa:42:
f4:05:9c:67:70:7f:39:00:c3:75:a1:33:57:42:c9:33:2f:69:
e4:e2:b8:9c:31:99:c9:14:55:3d:11:44:db:82:95:f3:e6:2f:
30:0c:e6:69:96:76:23:f3:86:da:eb:7a:03:36:bf:d9:d2:b9:
4b:8b:22:65:dd:36:83:22:c5:50:a1:00:c3:1f:e6:d8:be:26:
af:76:6c:c7:4e:a6:9e:1c:7e:e7:e7:02:4b:df:a2:84:27:2b:
34:7d:65:cc:d7:d6:93:81:4d:0c:7a:82:45:94:19:bb:c3:15:
da:e0:0e:24:74:e0:12:cf:e2:cf:24:aa:f0:a2:46:fd:d0:6e:
c7:b5:49:b1:68:dc:c3:96:7b:8e:59:b4:ee:be:17:03:8b:dd:
84:8a:a1:c4:44:4d:eb:cf:2d:ee:73:31:3c:1a:4c:1e:b5:7b:
e5:dc:a2:02:81:cc:ab:ea:35:b6:ed:a4:f8:0b:63:b7:7d:9b:
ef:f6:d8:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXZoeKcYn2tdmPoCdKhlXCKRRIV8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzE4MTgzODE0WhcNMjUwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YzVjOTdkNWM2MWY0ZjE5YzZjNzZkMWJiZGNiOTI2NGFh
MjNhMjM5OGJiMGE5MDBmOTVkM2RkZTUxNjQ5MGE4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC79TFAhhtt0mRN89fHnf9brjmxPwEcCP7Xgdrvp5y2GkNr
Pnf95j+wbpnGZo+EztcBW5TosICntf2O1U5IkM9nTWpiFW2L08KmvSBlyVWplYJ5
mFqo53QthXuHhZHZFo/1276LRxWBOdD28uB5iXcLGMdvXw65djfWVig8qNdVzDAc
QBbGe8zTaUG0mtYgFXegQajDfeo8EX5JT0kItyyaujh8VFLQ5jceje4g1tZfAKAz
lWA+KsclO+vHTtjQMxZDvzpS0SbuxzdzT94/2ODGF5W0VR7lcJl5oDU+1gIE9+2G
/bFCSIR9oJ8zRBfM7qePHZXbCerCeA8jYs0thn1FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCzTKXgvn7vFqWLmP7z7AykD2btwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhkMmVkYzAwLWNhNTAtNGU4MS04M2IxLTY4MGQ4NmUwMzJiZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEzheKmqnDBMjPUp10nkTlqtuPqH
0bvaz1pO6EOcjqPP78ktbCopsQ9g4C3PI5uYezcJkLFVUHvf4xMnYtKTs+rjMJm5
+kWqQvQFnGdwfzkAw3WhM1dCyTMvaeTiuJwxmckUVT0RRNuClfPmLzAM5mmWdiPz
htrregM2v9nSuUuLImXdNoMixVChAMMf5ti+Jq92bMdOpp4cfufnAkvfooQnKzR9
ZczX1pOBTQx6gkWUGbvDFdrgDiR04BLP4s8kqvCiRv3Qbse1SbFo3MOWe45ZtO6+
FwOL3YSKocRETevPLe5zMTwaTB61e+XcogKBzKvqNbbtpPgLY7d9m+/22Nw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:35 2025 by rpki-client