Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1820a02-368b-475a-8c64-c87e903d2117.roa
File: a1820a02-368b-475a-8c64-c87e903d2117.roa (raw, json)
Hash identifier: MFCxcLWy7EPw1BKlSHUWcUblYf2+5PjVhdd4MQfDzsQ=
Subject key identifier: 13:D7:E9:91:D7:55:44:83:29:00:3E:C4:EF:ED:87:80:8B:32:84:4B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 57971B145E04B432686DD31D263FC8DE80A8982E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1820a02-368b-475a-8c64-c87e903d2117.roa
Signing time: Wed 26 Mar 2025 00:11:12 +0000
ROA not before: Wed 26 Mar 2025 00:11:12 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 164.152.184.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:97:1b:14:5e:04:b4:32:68:6d:d3:1d:26:3f:c8:de:80:a8:98:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 26 00:11:12 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:29:39:fc:df:7f:8c:94:9f:d3:1a:c7:74:75:
5a:67:2c:40:79:02:3a:da:db:2b:5f:83:e1:fd:0c:
a6:87:97:d9:5d:a4:52:45:e9:9e:5c:4c:0a:de:e4:
45:57:88:81:f1:a9:50:de:f9:9f:68:9f:ef:63:62:
ce:5c:4a:e2:90:ff:f9:63:36:43:b2:93:d7:38:3a:
b1:7e:ab:0f:9e:08:6c:f0:43:71:cf:53:d0:5d:ac:
73:59:6b:40:54:76:5a:54:62:12:e3:b5:7a:1e:32:
27:12:95:b4:da:20:1f:be:cc:0f:b1:3b:f0:f4:6e:
1d:1c:0e:0c:e7:36:b1:4d:b5:f5:20:ec:d3:64:ff:
f8:3a:d9:ad:ba:30:52:23:6c:fb:f8:f7:53:c2:0b:
42:f5:10:8a:d5:2d:9b:7b:45:cd:95:2f:ce:86:8d:
53:1b:da:0b:87:a0:05:04:11:91:2a:a3:2f:23:07:
68:29:1d:6a:21:84:28:b8:7d:52:0d:cb:95:17:0d:
a8:9f:9e:f3:14:33:c8:e3:48:e6:a3:ae:98:ae:35:
3b:7f:6d:c6:b0:dc:a5:91:70:4e:b1:d6:00:b6:d4:
95:e2:55:91:ad:03:d0:b5:a7:5d:a3:1f:23:e8:68:
aa:a9:e3:b0:08:99:68:71:50:12:b5:be:e3:4b:38:
03:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D7:E9:91:D7:55:44:83:29:00:3E:C4:EF:ED:87:80:8B:32:84:4B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1820a02-368b-475a-8c64-c87e903d2117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.152.184.0/21
Signature Algorithm: sha256WithRSAEncryption
32:87:02:2f:48:0b:35:3e:53:f9:fc:22:95:a0:98:d5:5a:02:
a6:31:61:7e:e2:8c:78:b5:36:6d:4c:83:48:c8:be:34:7f:e6:
5e:b7:c8:39:14:fb:57:20:70:b4:1e:82:88:27:54:36:b1:2a:
a3:c5:8d:cb:a5:f4:e7:1e:60:ab:01:43:0e:e9:fe:61:a7:b9:
4b:5e:2c:b9:72:b9:27:7a:db:a7:82:d1:c9:1e:16:71:90:ff:
d7:dd:35:50:dc:3f:2c:d6:a0:a5:42:d7:1e:4c:5f:ea:af:77:
1a:35:41:75:6e:b9:dc:b2:8a:0c:66:27:59:a7:8e:ce:59:2b:
47:a7:8e:22:e4:b5:b4:fd:65:ae:61:57:47:53:61:3c:07:1d:
8f:d5:1d:c2:9a:a1:78:77:f7:19:68:29:2e:5a:d0:8e:74:45:
74:85:a4:4a:e7:dc:10:ad:3b:dc:0f:e0:fa:a6:63:70:3d:f0:
46:21:cd:98:8b:4f:9e:70:d3:c5:a2:74:9f:98:91:e1:d8:ad:
fd:46:3e:3e:a2:b5:ed:6d:c7:9e:b6:b5:35:17:1b:ea:af:d5:
30:c0:c6:6e:39:19:a0:07:c3:a6:e2:bc:10:a0:22:1b:c4:5f:
bd:f3:51:18:f8:46:b2:ef:44:49:61:5c:c6:e1:04:4f:f9:23:
4f:94:18:c3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV5cbFF4EtDJobdMdJj/I3oComC4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI2MDAxMTEyWhcNMjUwNDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNmJiMThhOWI2YjY4NzdlOGY3OTc5MDAxYTMwMDkwNzFm
Mzg1ZmM5MmVkNDIwMzY1ODBkZWE4MWVhMzg3MDdjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWKTn833+MlJ/TGsd0dVpnLEB5Ajra2ytfg+H9DKaHl9ld
pFJF6Z5cTAre5EVXiIHxqVDe+Z9on+9jYs5cSuKQ//ljNkOyk9c4OrF+qw+eCGzw
Q3HPU9BdrHNZa0BUdlpUYhLjtXoeMicSlbTaIB++zA+xO/D0bh0cDgznNrFNtfUg
7NNk//g62a26MFIjbPv491PCC0L1EIrVLZt7Rc2VL86GjVMb2guHoAUEEZEqoy8j
B2gpHWohhCi4fVINy5UXDaifnvMUM8jjSOajrpiuNTt/bcaw3KWRcE6x1gC21JXi
VZGtA9C1p12jHyPoaKqp47AImWhxUBK1vuNLOAMVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUE9fpkddVRIMpAD7E7+2HgIsyhEswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ExODIwYTAyLTM2OGItNDc1YS04YzY0LWM4N2U5MDNkMjExNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAOkmLgwDQYJKoZIhvcNAQELBQADggEBADKHAi9ICzU+U/n8IpWgmNVaAqYx
YX7ijHi1Nm1Mg0jIvjR/5l63yDkU+1cgcLQegognVDaxKqPFjcul9OceYKsBQw7p
/mGnuUteLLlyuSd626eC0ckeFnGQ/9fdNVDcPyzWoKVC1x5MX+qvdxo1QXVuudyy
igxmJ1mnjs5ZK0enjiLktbT9Za5hV0dTYTwHHY/VHcKaoXh39xloKS5a0I50RXSF
pErn3BCtO9wP4PqmY3A98EYhzZiLT55w08WidJ+YkeHYrf1GPj6ite1tx562tTUX
G+qv1TDAxm45GaAHw6bivBCgIhvEX73zURj4RrLvRElhXMbhBE/5I0+UGMM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:21:00 2025 by rpki-client