Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bb1f2a27-f685-4356-80e2-8d7092810765.roa
File: bb1f2a27-f685-4356-80e2-8d7092810765.roa (raw, json)
Hash identifier: HGV3uuEzJKiGZH58ym9Oi3b6CxqaFm83u/g4PJ0/1Wg=
Subject key identifier: D7:CB:CC:CF:3C:A2:E5:48:5A:3D:E3:9E:98:0A:AA:D4:DE:0C:FB:FF
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3FABB82FDB97141F8065A8F65678B069A91472
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bb1f2a27-f685-4356-80e2-8d7092810765.roa
Signing time: Mon 11 Mar 2024 00:00:00 +0000
ROA not before: Mon 11 Mar 2024 00:00:00 +0000
ROA not after: Mon 15 Apr 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:ab:b8:2f:db:97:14:1f:80:65:a8:f6:56:78:b0:69:a9:14:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 11 00:00:00 2024 GMT
Not After : Apr 15 23:59:59 2024 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:95:6d:aa:f3:7f:89:fd:9a:27:1f:db:4c:e4:
6d:7d:da:89:08:5e:70:83:74:61:0d:42:ad:66:46:
cf:f1:c2:72:42:46:a6:4b:e7:56:88:16:06:8b:da:
ba:f4:b1:99:9b:fb:08:e7:c4:a5:d9:ef:3c:0e:5a:
d2:b5:60:31:58:31:c9:c9:b8:9d:26:41:de:8e:fb:
71:0e:9e:15:81:4d:45:7e:3f:b4:10:4a:3a:59:55:
0a:9c:4c:2b:fa:c3:60:8c:62:fa:de:1e:e2:6a:bd:
1a:80:96:98:6f:4f:15:65:c5:4c:1e:21:f2:64:e0:
ba:e5:7a:de:26:c7:91:86:ae:ed:22:5e:74:14:ff:
ea:ce:98:86:65:ee:4c:8f:67:ce:9f:c6:da:aa:6e:
ae:e0:81:66:d7:6b:53:d3:0b:14:f8:c5:b9:3f:df:
1b:f9:cb:43:ff:71:32:15:64:08:ec:a5:bc:cf:50:
7f:22:a9:ac:13:c1:bc:50:87:ae:7c:ab:65:19:d5:
a8:03:79:55:7f:ac:d6:7f:07:91:6e:8f:96:8d:d5:
94:c3:17:6f:dc:99:88:dd:cf:e4:a2:f1:45:02:3d:
78:54:ac:33:c8:5f:69:fd:97:bf:e8:c7:53:d9:76:
ab:29:92:13:14:dd:40:ce:5c:2a:e3:8c:9d:66:e0:
99:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CB:CC:CF:3C:A2:E5:48:5A:3D:E3:9E:98:0A:AA:D4:DE:0C:FB:FF
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bb1f2a27-f685-4356-80e2-8d7092810765.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:ba:95:69:77:4e:e8:20:cc:9b:6d:05:24:86:54:80:32:bb:
54:fa:23:73:6f:3c:3d:78:e5:1c:d4:9e:72:e0:36:5d:4f:d7:
f0:cd:0c:0a:8a:2f:4e:0d:ce:17:52:3b:ae:51:69:60:05:f5:
69:db:f6:fd:e4:07:d7:cc:89:57:85:7f:62:46:e1:bd:82:97:
db:26:b2:8a:84:9a:44:d8:1c:97:77:65:e1:ed:28:18:33:cc:
22:38:ce:12:8e:78:05:d5:5e:f7:3b:7e:b6:53:0c:23:b5:8b:
b5:9c:0a:0b:62:b1:89:4a:77:75:a3:44:7c:59:6a:7f:4d:93:
f6:06:62:64:c8:1b:59:9e:a2:b6:ee:77:51:9c:d6:08:e8:7b:
57:a9:5f:09:15:12:fc:78:a5:29:6c:3c:c1:6e:81:2b:9d:4a:
7a:fe:27:04:6c:7a:87:fe:f6:cb:2b:44:c3:e8:0d:c5:b1:59:
a9:e4:c2:c3:47:34:e1:cb:9a:96:c9:72:69:40:0c:23:c6:d8:
40:81:95:34:ef:bd:d1:de:b8:0d:1d:24:cf:c2:5a:ee:32:b4:
c8:33:1a:9a:f6:d4:2c:f8:52:cb:91:83:1c:5f:be:99:98:f5:
06:6b:85:cc:d4:29:d2:c2:87:99:77:27:03:0c:c6:1d:16:99:
b3:4b:62:d3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITP6u4L9uXFB+AZaj2VniwaakUcjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjY2MmNlMTRlOTA1ZTE4ZWJjYjc1MjJm
OTJiMzY4NGJjNDg2NWI0ZDAeFw0yNDAzMTEwMDAwMDBaFw0yNDA0MTUyMzU5NTla
MHoxSTBHBgNVBAUTQGU5OWNiZThhOWZjYThjZWZkOWVhYzBmNDMzOThkY2RiOTk0
OWM1YWJhYzQzMTljNjFlZDY0OWQyODcwZjMyOWQxLTArBgNVBAMTJGMwY2UyM2Vh
LTQzZmMtNGJlNC1iZWVlLWMwMTQ3ODEyMmEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6Vbarzf4n9micf20zkbX3aiQhecIN0YQ1CrWZGz/HCckJG
pkvnVogWBovauvSxmZv7COfEpdnvPA5a0rVgMVgxycm4nSZB3o77cQ6eFYFNRX4/
tBBKOllVCpxMK/rDYIxi+t4e4mq9GoCWmG9PFWXFTB4h8mTguuV63ibHkYau7SJe
dBT/6s6YhmXuTI9nzp/G2qpuruCBZtdrU9MLFPjFuT/fG/nLQ/9xMhVkCOylvM9Q
fyKprBPBvFCHrnyrZRnVqAN5VX+s1n8HkW6Plo3VlMMXb9yZiN3P5KLxRQI9eFSs
M8hfaf2Xv+jHU9l2qymSExTdQM5cKuOMnWbgmZsCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBTXy8zPPKLlSFo9456YCqrU3gz7/zAfBgNVHSMEGDAWgBRVqN1F2UQT+dGS
9Sxjzoz7xhSWuDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzE0MzNlYmZmLWRm
ZDYtNGM1Yy1iN2ZmLTk5Yzg1MTM5ZDRhOC8yNzhhYWI4NzhmMjY2MmNlMTRlOTA1
ZTE4ZWJjYjc1MjJmOTJiMzY4NGJjNDg2NWI0ZC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8xNmYxZmZlZS03NDYxLTQ2NzQtYmIwNS1mZGRl
ZmE5YTAyYzYvYmIxZjJhMjctZjY4NS00MzU2LTgwZTItOGQ3MDkyODEwNzY1LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUt
ZmRkZWZhOWEwMmM2L0ptTE9GT2tGNFk2OHQxSXZrck5vUzhTR1cwMC5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAnbqVaXdO6CDMm20FJIZUgDK7VPoj
c288PXjlHNSecuA2XU/X8M0MCoovTg3OF1I7rlFpYAX1adv2/eQH18yJV4V/Ykbh
vYKX2yayioSaRNgcl3dl4e0oGDPMIjjOEo54BdVe9zt+tlMMI7WLtZwKC2KxiUp3
daNEfFlqf02T9gZiZMgbWZ6itu53UZzWCOh7V6lfCRUS/HilKWw8wW6BK51Kev4n
BGx6h/72yytEw+gNxbFZqeTCw0c04cualslyaUAMI8bYQIGVNO+90d64DR0kz8Ja
7jK0yDMamvbULPhSy5GDHF++mZj1BmuFzNQp0sKHmXcnAwzGHRaZs0ti0w==
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:34:51 2025 by rpki-client