Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e8a746b-196e-4958-804c-1ff8ad621b8e.roa
File: 5e8a746b-196e-4958-804c-1ff8ad621b8e.roa (raw, json)
Hash identifier: MfyodzouxOkFyEt5HNOxPWXkOeaFM2Q6xeHXjT02w4o=
Subject key identifier: 16:DC:11:D7:F4:CC:9A:EF:E5:ED:FA:FA:43:6A:B0:0B:D4:32:CD:3E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 76B845E581BE489148E6CE8CAFEAD0DA58A54C1B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e8a746b-196e-4958-804c-1ff8ad621b8e.roa
Signing time: Mon 24 Mar 2025 15:20:21 +0000
ROA not before: Mon 24 Mar 2025 15:20:21 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 121.95.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:b8:45:e5:81:be:48:91:48:e6:ce:8c:af:ea:d0:da:58:a5:4c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 24 15:20:21 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7a:d2:a6:8d:88:15:b8:b3:f4:85:d7:80:02:
68:6d:73:d1:60:53:92:58:e8:ea:7d:2d:c1:e0:f8:
22:19:ff:a8:d3:e0:8d:e0:cc:19:ee:38:1b:19:ca:
dc:46:be:de:ab:0f:0a:5b:a2:5f:50:49:9d:cd:e8:
96:14:d7:73:b0:7b:56:e5:64:37:09:5f:23:ab:03:
56:c9:98:bd:48:a1:25:fe:49:cc:38:11:b3:fa:09:
23:28:8d:59:a7:32:eb:6a:13:d7:bc:81:58:75:f9:
d9:c2:f1:2d:c5:7d:81:4f:88:1b:98:a5:15:df:8e:
71:9e:c7:01:81:60:86:a2:20:0a:53:bc:f2:6b:13:
85:8f:59:30:1a:04:c1:e2:92:4a:a7:e1:de:f5:7a:
25:a4:00:93:31:7b:ea:e0:eb:63:2d:7f:ba:ec:f4:
59:44:e7:91:81:6d:78:d7:79:5f:2f:9a:fa:05:9b:
ec:1c:40:72:91:8a:8d:63:af:f5:f9:a3:8e:82:08:
5c:ac:ba:dd:14:5b:b6:5c:6e:ae:65:f3:26:4b:8b:
42:91:96:75:af:13:4c:8a:b0:f3:49:8c:e8:86:6c:
24:7f:24:b0:e0:32:ce:e2:6c:0b:0c:29:2f:0f:35:
f7:c0:3e:f5:f7:54:5f:5b:7a:4c:21:0f:83:27:40:
fa:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:DC:11:D7:F4:CC:9A:EF:E5:ED:FA:FA:43:6A:B0:0B:D4:32:CD:3E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e8a746b-196e-4958-804c-1ff8ad621b8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.95.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c4:f4:c7:8b:4e:a5:9e:f5:15:f3:89:6c:d5:0e:77:45:30:ff:
57:03:da:b4:cc:62:0f:89:91:97:9a:07:68:63:db:cf:d8:84:
ed:3d:0c:eb:19:2a:db:7c:e8:4d:23:f4:57:37:33:ac:2d:36:
03:71:2b:26:68:a5:81:ba:e2:e2:44:dd:9d:9d:bd:10:78:e8:
2a:d2:df:3a:c7:0d:9b:c8:03:01:d7:f8:d0:52:dd:95:f2:c8:
40:d8:97:da:7d:f0:51:93:6f:e8:aa:49:f3:b6:fa:36:46:4f:
97:f5:4a:ba:aa:0a:1c:86:85:0c:47:bc:36:ab:79:cf:54:40:
ae:6f:ae:7d:ac:9f:c1:c8:fb:d8:8c:03:2e:57:32:55:ba:9e:
9c:1d:7d:cd:6d:3d:06:2f:54:70:27:92:a3:bb:58:a0:7d:e9:
5c:34:b4:b9:c6:3d:09:f1:08:83:6e:12:12:61:3e:6c:ef:f2:
88:41:f2:7f:81:e6:55:09:11:17:6e:4a:14:7e:8b:3a:bd:9b:
7f:68:2c:cd:11:d4:7a:f0:68:19:63:99:91:40:a2:a5:29:00:
bf:b4:36:f6:37:aa:ff:7f:4f:ce:35:49:e8:82:37:e4:f3:ba:
c1:3f:66:92:76:34:33:22:17:fa:72:98:7e:5b:fb:4d:98:5d:
0a:ab:13:39
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdrhF5YG+SJFI5s6Mr+rQ2lilTBswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTUyMDIxWhcNMjUwNDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNzdlZmY4YjlkYjY4MDdiZmIwMmQ3MjgzMmZjNmJkOTll
YmY2NmMwMGM0Y2FmMGZmYjRlZjlmNTM2ZTA2ZTg5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfetKmjYgVuLP0hdeAAmhtc9FgU5JY6Op9LcHg+CIZ/6jT
4I3gzBnuOBsZytxGvt6rDwpbol9QSZ3N6JYU13Owe1blZDcJXyOrA1bJmL1IoSX+
Scw4EbP6CSMojVmnMutqE9e8gVh1+dnC8S3FfYFPiBuYpRXfjnGexwGBYIaiIApT
vPJrE4WPWTAaBMHikkqn4d71eiWkAJMxe+rg62Mtf7rs9FlE55GBbXjXeV8vmvoF
m+wcQHKRio1jr/X5o46CCFysut0UW7Zcbq5l8yZLi0KRlnWvE0yKsPNJjOiGbCR/
JLDgMs7ibAsMKS8PNffAPvX3VF9bekwhD4MnQPoLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFtwR1/TMmu/l7fr6Q2qwC9QyzT4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVlOGE3NDZiLTE5NmUtNDk1OC04MDRjLTFmZjhhZDYyMWI4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAd5X4AwDQYJKoZIhvcNAQELBQADggEBAMT0x4tOpZ71FfOJbNUOd0Uw/1cD
2rTMYg+JkZeaB2hj28/YhO09DOsZKtt86E0j9Fc3M6wtNgNxKyZopYG64uJE3Z2d
vRB46CrS3zrHDZvIAwHX+NBS3ZXyyEDYl9p98FGTb+iqSfO2+jZGT5f1SrqqChyG
hQxHvDarec9UQK5vrn2sn8HI+9iMAy5XMlW6npwdfc1tPQYvVHAnkqO7WKB96Vw0
tLnGPQnxCINuEhJhPmzv8ohB8n+B5lUJERduShR+izq9m39oLM0R1HrwaBljmZFA
oqUpAL+0NvY3qv9/T841SeiCN+TzusE/ZpJ2NDMiF/pymH5b+02YXQqrEzk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:17:54 2025 by rpki-client