Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b291d7d3-1582-4d15-9362-848d2950798a.roa
File: b291d7d3-1582-4d15-9362-848d2950798a.roa (raw, json)
Hash identifier: tzjt/M1KqNlo8CwSDxWRlOkKTdgQPFGhZtMt81n7j4A=
Subject key identifier: D2:0C:2E:E0:57:4F:9A:97:6E:A2:BB:14:6C:7B:CD:29:FA:D6:30:12
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 709C3F070EDB6A327C4BB4D8D7D38BFB3D28D2A0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b291d7d3-1582-4d15-9362-848d2950798a.roa
Signing time: Wed 12 Mar 2025 00:22:13 +0000
ROA not before: Wed 12 Mar 2025 00:22:13 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 198.148.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:9c:3f:07:0e:db:6a:32:7c:4b:b4:d8:d7:d3:8b:fb:3d:28:d2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 12 00:22:13 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:25:aa:0a:35:e0:4b:11:be:59:74:a7:af:
bc:ac:b3:8a:ae:50:72:24:8f:fe:02:fb:d3:79:8f:
8b:ef:5a:e3:1b:fc:83:4d:be:f0:5a:bb:b8:1b:5c:
a6:5c:b4:56:36:69:dd:25:f6:90:1f:73:fc:89:bc:
a2:82:30:16:3e:f9:54:94:c9:4b:28:4e:e2:27:c6:
f3:e7:45:32:d1:3a:89:2a:48:72:3a:38:92:fb:ef:
46:15:f1:df:b7:fc:bb:b7:55:30:88:cb:46:7b:33:
b9:8f:4b:71:b4:69:08:73:56:ce:f8:e5:3e:df:ff:
69:d6:16:57:9d:84:c1:f5:85:73:0c:cf:f7:43:a9:
e3:33:1c:f9:d0:cd:dc:d3:02:46:08:da:df:ef:82:
6f:37:39:48:3c:ae:c6:25:53:02:12:3f:2d:b9:cf:
79:32:38:b6:4c:8e:1f:a3:03:7a:db:3f:d9:03:8b:
f1:d0:ab:53:ad:12:47:90:b8:92:9a:24:51:1f:4c:
94:91:f3:d5:68:f8:59:63:1b:7e:f8:f4:e1:6c:74:
2d:49:fc:f1:5d:db:aa:77:52:e8:c1:c3:ba:97:35:
2e:5d:e5:c7:1b:59:05:1c:ec:c5:58:d0:0f:6f:77:
36:0b:8c:91:1e:37:89:b7:b9:38:c6:5c:29:63:d9:
1f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0C:2E:E0:57:4F:9A:97:6E:A2:BB:14:6C:7B:CD:29:FA:D6:30:12
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b291d7d3-1582-4d15-9362-848d2950798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.148.96.0/19
Signature Algorithm: sha256WithRSAEncryption
3d:c6:87:c6:e7:fc:50:a6:59:64:77:62:ee:15:fa:8d:55:cf:
d4:c2:0b:2d:6a:56:50:15:0c:ee:7e:f8:dd:24:ac:37:0d:66:
6b:2d:99:35:f4:a7:2f:4e:a7:6f:be:f8:fe:12:7e:90:02:f1:
29:76:2c:b8:50:fa:6a:5b:01:29:6d:97:4a:e8:49:b5:22:c8:
44:ff:db:fc:ab:ad:1e:61:dc:3f:2e:56:bb:a2:e8:2a:bb:66:
a7:29:8b:58:ab:4d:29:df:aa:e0:34:a0:35:42:8d:a9:8b:aa:
1d:15:23:78:7c:e5:2f:74:41:dd:f5:74:62:c7:42:50:33:34:
9e:13:14:48:26:7e:e9:1c:00:f9:d2:44:89:74:35:9f:60:50:
64:f1:65:c2:55:dd:e3:2f:53:ed:cd:bd:7c:b0:c6:8e:71:ba:
00:26:a4:2c:07:0d:87:23:2b:7f:33:9b:c3:5a:23:6c:23:53:
73:f5:c2:ed:69:03:84:15:9a:ff:70:52:56:ab:f6:5d:8c:3a:
c4:99:19:bc:94:25:aa:d7:44:86:5e:40:05:52:bb:0a:e6:8e:
ae:e0:d7:49:fd:3b:45:30:08:c3:07:1d:22:a3:13:9e:b6:48:
37:86:d6:ef:f3:dc:6e:94:ed:b6:60:29:dc:06:35:bd:c3:4c:
e5:0d:ec:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcJw/Bw7bajJ8S7TY19OL+z0o0qAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAyMjEzWhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNTNmOGFhMTQwYmFiNzA4YmQ4MzVlMTFhMjUwYmM5NDAz
OGVhZDUwNTU3MGFiM2JhYjUyOWQyZGE0ZWZlMGYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOOyWqCjXgSxG+WXSnr7yss4quUHIkj/4C+9N5j4vvWuMb
/INNvvBau7gbXKZctFY2ad0l9pAfc/yJvKKCMBY++VSUyUsoTuInxvPnRTLROokq
SHI6OJL770YV8d+3/Lu3VTCIy0Z7M7mPS3G0aQhzVs745T7f/2nWFledhMH1hXMM
z/dDqeMzHPnQzdzTAkYI2t/vgm83OUg8rsYlUwISPy25z3kyOLZMjh+jA3rbP9kD
i/HQq1OtEkeQuJKaJFEfTJSR89Vo+FljG3749OFsdC1J/PFd26p3UujBw7qXNS5d
5ccbWQUc7MVY0A9vdzYLjJEeN4m3uTjGXClj2R9fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0gwu4FdPmpduorsUbHvNKfrWMBIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IyOTFkN2QzLTE1ODItNGQxNS05MzYyLTg0OGQyOTUwNzk4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXGlGAwDQYJKoZIhvcNAQELBQADggEBAD3Gh8bn/FCmWWR3Yu4V+o1Vz9TC
Cy1qVlAVDO5++N0krDcNZmstmTX0py9Op2+++P4SfpAC8Sl2LLhQ+mpbASltl0ro
SbUiyET/2/yrrR5h3D8uVrui6Cq7Zqcpi1irTSnfquA0oDVCjamLqh0VI3h85S90
Qd31dGLHQlAzNJ4TFEgmfukcAPnSRIl0NZ9gUGTxZcJV3eMvU+3NvXywxo5xugAm
pCwHDYcjK38zm8NaI2wjU3P1wu1pA4QVmv9wUlar9l2MOsSZGbyUJarXRIZeQAVS
uwrmjq7g10n9O0UwCMMHHSKjE562SDeG1u/z3G6U7bZgKdwGNb3DTOUN7Nw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:22:36 2025 by rpki-client