Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ffcc1d00-0118-46e1-9202-061316eaeb46.roa
File: ffcc1d00-0118-46e1-9202-061316eaeb46.roa (raw, json)
Hash identifier: pt44eph3zlAbPkdj6E++uoEF5f4hfdmTYJ3abDyMdhI=
Subject key identifier: 07:93:64:91:5D:B3:E8:48:D1:B6:10:8E:8B:79:D8:ED:5F:A0:15:C0
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 76E016C2A4993B4F0783BB253BDF2D87BB768D61
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ffcc1d00-0118-46e1-9202-061316eaeb46.roa
Signing time: Tue 13 Feb 2024 00:00:00 +0000
ROA not before: Tue 13 Feb 2024 00:00:00 +0000
ROA not after: Tue 19 Mar 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:e0:16:c2:a4:99:3b:4f:07:83:bb:25:3b:df:2d:87:bb:76:8d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 13 00:00:00 2024 GMT
Not After : Mar 19 23:59:59 2024 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d5:e1:00:f1:13:e2:08:7d:36:f8:77:39:63:
a6:39:be:45:b3:81:6c:6c:31:72:7e:17:c6:9f:75:
01:8f:26:ee:65:f1:2d:78:17:92:c1:6c:34:f5:fc:
07:0b:1c:b1:f7:de:76:0f:37:9e:3c:8e:03:ff:af:
19:99:6a:2e:d2:10:bc:f9:dc:a4:74:1d:8b:ae:38:
9f:c6:b5:14:de:fb:bd:c8:d6:28:49:2a:00:78:0b:
f7:e8:c4:45:32:0e:6c:3c:4f:47:1e:ad:55:d1:c8:
ef:dd:d4:74:03:1a:38:b7:64:f7:03:3b:3c:21:8c:
43:12:aa:a9:c0:94:73:a4:0a:50:03:6a:55:06:4e:
f6:63:19:2a:6d:c1:eb:5b:99:ce:4f:4b:69:6f:6a:
07:e4:8a:c5:5f:00:4b:d8:69:64:61:7e:ac:63:fb:
3c:74:3e:34:18:00:b1:db:51:12:49:da:23:81:18:
6d:7c:e1:17:9d:e6:e5:52:0c:4d:6b:de:d3:8a:b0:
29:e1:fd:4d:ab:cd:f7:96:d0:44:e6:a6:ea:4b:27:
32:0a:d0:e8:c1:3a:78:34:00:ce:84:20:28:f6:24:
01:b4:52:04:7d:21:de:6e:55:39:5a:9e:e6:74:91:
9a:a3:97:61:4c:3e:71:24:0d:51:dc:87:e4:be:67:
0c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:93:64:91:5D:B3:E8:48:D1:B6:10:8E:8B:79:D8:ED:5F:A0:15:C0
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ffcc1d00-0118-46e1-9202-061316eaeb46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
09:87:e5:90:d7:fc:d6:80:3e:04:4f:03:ae:3a:6e:66:9f:ec:
e1:49:e2:7e:75:e4:e2:80:8a:9f:db:69:e9:e6:63:03:c2:dd:
04:cd:25:f1:8c:47:71:94:cf:da:3c:97:ef:ac:ef:03:8e:04:
06:88:4f:71:35:1d:ce:a8:6c:5a:33:45:38:5e:27:d8:0c:33:
06:4e:6e:30:9d:cb:c7:42:c3:6c:31:02:21:5b:a8:b2:ad:46:
15:9d:20:cf:67:3a:6d:18:9b:31:8d:cd:cc:68:6a:64:ab:54:
69:f3:12:8e:c3:40:06:9c:73:a7:ed:9b:2d:80:71:9b:99:1d:
21:b5:f9:1b:89:ac:76:4b:0c:bb:43:2c:a5:86:a4:74:a0:d5:
b7:12:fc:8b:f9:45:fc:c0:a7:c0:b3:a9:25:1d:48:df:46:77:
c7:32:15:d8:5c:bf:fc:ce:ed:c3:8f:99:80:68:41:03:af:8e:
13:f4:4b:ed:c3:fc:af:a7:72:59:c5:7e:13:7b:05:fc:7d:be:
8a:66:9a:88:be:0b:e4:ae:90:e7:d3:28:4a:d5:36:02:49:04:
fa:75:c2:78:0d:01:e9:4e:4f:69:2b:e4:5b:e2:44:9f:68:1a:
6c:8c:68:c2:03:88:f0:cd:38:50:b8:a0:ca:bd:78:83:a1:9f:
13:5e:97:06
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUduAWwqSZO08Hg7slO98th7t2jWEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMjEzMDAwMDAwWhcNMjQwMzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzgzOTBjZTA2Zjc1MjQ1ZGJiMDMwMzlhMjFlYmVlMTkz
MTIxNTQ4YTA0ZTcyYjNkMjkzZWM5OTAzMDg0MmEzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY1eEA8RPiCH02+Hc5Y6Y5vkWzgWxsMXJ+F8afdQGPJu5l
8S14F5LBbDT1/AcLHLH33nYPN548jgP/rxmZai7SELz53KR0HYuuOJ/GtRTe+73I
1ihJKgB4C/foxEUyDmw8T0cerVXRyO/d1HQDGji3ZPcDOzwhjEMSqqnAlHOkClAD
alUGTvZjGSptwetbmc5PS2lvagfkisVfAEvYaWRhfqxj+zx0PjQYALHbURJJ2iOB
GG184Red5uVSDE1r3tOKsCnh/U2rzfeW0ETmpupLJzIK0OjBOng0AM6EICj2JAG0
UgR9Id5uVTlanuZ0kZqjl2FMPnEkDVHch+S+ZwyrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUB5NkkV2z6EjRthCOi3nY7V+gFcAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZmY2MxZDAwLTAxMTgtNDZlMS05MjAyLTA2MTMxNmVhZWI0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAmH5ZDX/NaAPgRPA646bmaf7OFJ
4n515OKAip/baenmYwPC3QTNJfGMR3GUz9o8l++s7wOOBAaIT3E1Hc6obFozRThe
J9gMMwZObjCdy8dCw2wxAiFbqLKtRhWdIM9nOm0YmzGNzcxoamSrVGnzEo7DQAac
c6ftmy2AcZuZHSG1+RuJrHZLDLtDLKWGpHSg1bcS/Iv5RfzAp8CzqSUdSN9Gd8cy
Fdhcv/zO7cOPmYBoQQOvjhP0S+3D/K+nclnFfhN7Bfx9vopmmoi+C+SukOfTKErV
NgJJBPp1wngNAelOT2kr5FviRJ9oGmyMaMIDiPDNOFC4oMq9eIOhnxNelwY=
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:16:11 2025 by rpki-client