Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/628f294d-91fb-4214-b47e-601508341308.roa
File: 628f294d-91fb-4214-b47e-601508341308.roa (raw, json)
Hash identifier: lLXEJVAoOgcA/FhPo1HU6UxEJq5rsMVfOCklXgQkDPQ=
Subject key identifier: 09:5A:F5:23:83:9E:46:3C:B2:FC:45:6C:36:54:06:E6:6E:03:D7:43
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 788636154F507AE6C34D42DAE2572ACF8D3FA1AB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/628f294d-91fb-4214-b47e-601508341308.roa
Signing time: Mon 24 Mar 2025 15:20:30 +0000
ROA not before: Mon 24 Mar 2025 15:20:30 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 125.253.192.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:86:36:15:4f:50:7a:e6:c3:4d:42:da:e2:57:2a:cf:8d:3f:a1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 24 15:20:30 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:e7:92:07:93:d7:8e:40:df:78:13:1a:d2:
05:40:74:55:3d:9d:5b:58:e4:32:2b:55:70:12:0b:
ed:26:27:10:7f:e8:e2:82:61:9b:6d:cf:81:c3:bc:
1a:f7:c3:bb:33:e4:61:52:35:9e:4a:c1:1a:96:c9:
44:f4:52:5a:7c:60:17:16:d0:3b:a4:70:8f:44:cb:
28:04:e1:37:29:6b:d6:35:a5:cc:ae:4b:66:5d:54:
33:83:e4:66:0d:de:f0:15:f0:5d:41:66:43:fc:cf:
2a:4b:ae:ff:ff:43:ed:8e:f1:cc:94:62:56:4f:d4:
2e:04:33:a2:17:21:0f:9a:1f:fc:dc:3b:77:ac:3f:
77:b2:62:58:6d:6a:28:20:7a:d5:17:aa:50:7e:82:
0a:75:c9:42:61:cd:93:9b:05:f4:01:d3:68:cf:21:
75:7a:b8:bc:57:fe:13:03:fa:ea:b8:91:2b:69:8c:
b5:41:b6:ad:b1:3d:cc:21:47:dd:db:2a:95:bf:30:
b7:57:b8:c2:ac:d8:df:1b:1f:f8:13:1a:c8:88:ee:
f6:38:3e:2f:89:bf:84:d2:e1:e3:b5:b9:f9:e3:66:
4a:81:94:1e:9d:28:83:8a:d5:6d:ee:9e:78:b5:f1:
4c:c3:de:0f:8a:a1:59:47:c2:59:d2:57:a6:82:0d:
1c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5A:F5:23:83:9E:46:3C:B2:FC:45:6C:36:54:06:E6:6E:03:D7:43
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/628f294d-91fb-4214-b47e-601508341308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
125.253.192.0/18
Signature Algorithm: sha256WithRSAEncryption
92:33:e5:1d:83:6d:db:ae:9c:fb:5e:71:19:fb:de:81:89:37:
50:e3:13:94:6d:44:cb:88:d6:b0:03:7c:fd:67:3c:be:de:54:
25:d5:c0:84:d8:06:f4:3a:bb:69:7b:11:97:02:99:db:0c:e8:
fd:f2:23:cf:a9:39:bd:18:d1:d3:ba:9c:d3:36:8a:a1:68:db:
0c:28:8d:6f:ea:bb:e1:b0:ea:1d:5b:79:2f:ed:4b:a6:cb:38:
04:74:f2:c2:cd:e2:70:32:f6:c8:e1:e1:19:7f:b0:a6:fd:21:
28:6c:94:2e:1c:b1:66:ec:47:21:4a:18:a5:47:0d:c3:8c:e6:
de:4a:f7:69:f8:d9:23:8a:3e:3c:23:84:be:2b:32:82:ef:cd:
a5:6b:d3:b2:3a:21:ae:d2:7b:a1:e7:85:82:b5:8a:14:38:fc:
d6:f0:ad:9e:ab:07:d1:18:00:0e:3b:8b:d6:c1:38:50:22:b4:
01:12:6b:28:dd:96:f7:2e:5a:7b:80:af:c4:7f:59:da:a8:47:
b5:bb:b9:f4:a4:ca:3a:58:ff:7d:b3:04:47:51:86:7e:4e:04:
0f:28:72:27:a6:46:b9:1e:13:57:bb:ed:2d:c4:4a:86:07:8d:
68:79:8b:32:8c:83:c6:3e:d1:b7:7c:2b:03:49:92:30:63:ef:
07:6c:05:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeIY2FU9QeubDTULa4lcqz40/oaswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTUyMDMwWhcNMjUwNDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MzU3YTYxZTYwYTA5YzIwZjE5NjgxMGQ3ZWVkMDNmMjlj
YjRmZDA1ZTliN2QwMzBmYTJkNWY0NTc3MWMwYWM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPJOeSB5PXjkDfeBMa0gVAdFU9nVtY5DIrVXASC+0mJxB/
6OKCYZttz4HDvBr3w7sz5GFSNZ5KwRqWyUT0Ulp8YBcW0DukcI9EyygE4Tcpa9Y1
pcyuS2ZdVDOD5GYN3vAV8F1BZkP8zypLrv//Q+2O8cyUYlZP1C4EM6IXIQ+aH/zc
O3esP3eyYlhtaiggetUXqlB+ggp1yUJhzZObBfQB02jPIXV6uLxX/hMD+uq4kStp
jLVBtq2xPcwhR93bKpW/MLdXuMKs2N8bH/gTGsiI7vY4Pi+Jv4TS4eO1ufnjZkqB
lB6dKIOK1W3unni18UzD3g+KoVlHwlnSV6aCDRyfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCVr1I4OeRjyy/EVsNlQG5m4D10MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyOGYyOTRkLTkxZmItNDIxNC1iNDdlLTYwMTUwODM0MTMwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZ9/cAwDQYJKoZIhvcNAQELBQADggEBAJIz5R2DbduunPtecRn73oGJN1Dj
E5RtRMuI1rADfP1nPL7eVCXVwITYBvQ6u2l7EZcCmdsM6P3yI8+pOb0Y0dO6nNM2
iqFo2wwojW/qu+Gw6h1beS/tS6bLOAR08sLN4nAy9sjh4Rl/sKb9IShslC4csWbs
RyFKGKVHDcOM5t5K92n42SOKPjwjhL4rMoLvzaVr07I6Ia7Se6HnhYK1ihQ4/Nbw
rZ6rB9EYAA47i9bBOFAitAESayjdlvcuWnuAr8R/WdqoR7W7ufSkyjpY/32zBEdR
hn5OBA8ociemRrkeE1e77S3ESoYHjWh5izKMg8Y+0bd8KwNJkjBj7wdsBTg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:30:40 2025 by rpki-client