Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7b7bc93-87d7-4f06-a0e0-039600e45253.roa
File: e7b7bc93-87d7-4f06-a0e0-039600e45253.roa (raw, json)
Hash identifier: /aaeINCAnK19XiHMWNASbKjMHYWFbunIj6cF+J0p+P0=
Subject key identifier: B8:B4:E4:9D:08:2D:B4:F7:9A:50:F3:53:DB:32:75:7D:59:CE:E4:E5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 19E6F727CC241B0F80DA130A1706D241D1FB8409
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7b7bc93-87d7-4f06-a0e0-039600e45253.roa
Signing time: Fri 28 Mar 2025 21:37:05 +0000
ROA not before: Fri 28 Mar 2025 21:37:05 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 121.91.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:e6:f7:27:cc:24:1b:0f:80:da:13:0a:17:06:d2:41:d1:fb:84:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 28 21:37:05 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:43:aa:06:ab:66:c6:f0:f3:7c:c8:0c:7a:b5:
f5:74:8d:53:54:87:8a:48:df:c0:6f:b2:c4:19:b1:
7c:09:5e:b5:53:72:b1:39:a2:3e:87:97:4b:97:d7:
cb:92:1e:a9:ba:02:47:37:85:ec:3c:d0:90:57:54:
3a:24:77:8d:4e:b2:c9:1b:82:d8:7e:2f:ca:dd:83:
b9:2d:2c:3a:38:c9:df:5f:0b:dd:59:82:91:b7:cf:
f8:09:26:e7:0a:7d:d1:4c:b7:a4:f9:1a:38:5a:ab:
a5:c2:92:75:d6:42:33:d6:11:6f:95:00:97:db:b9:
d0:7b:98:e6:11:0e:56:72:4f:90:25:fc:0c:8b:fc:
f8:08:cf:3b:3b:0a:a2:e5:e1:f7:4e:cf:af:e9:0d:
62:05:7e:be:d4:ee:17:b3:dd:5b:4c:93:86:9d:bb:
c9:56:1e:19:66:44:c9:73:5c:21:f8:0d:3e:4e:02:
ab:72:21:79:2a:ad:a6:34:e7:b3:b0:4b:5e:ac:7f:
c5:6f:0c:24:ac:a4:a5:c9:a0:45:67:c3:5e:93:b7:
d9:45:c1:83:95:51:c1:e4:99:aa:52:b7:a0:4e:f9:
9c:2b:3e:f3:c2:33:7b:81:c3:31:30:c7:88:2e:ea:
2e:a6:18:90:55:9d:b5:a4:7c:4e:d8:0d:13:3b:d1:
12:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B4:E4:9D:08:2D:B4:F7:9A:50:F3:53:DB:32:75:7D:59:CE:E4:E5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7b7bc93-87d7-4f06-a0e0-039600e45253.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.91.160.0/21
Signature Algorithm: sha256WithRSAEncryption
0a:a8:03:f9:e7:8a:a9:80:1b:52:df:51:11:92:b3:49:0e:0e:
e2:a9:97:e3:b2:13:bd:5e:78:13:03:cd:cb:a7:0e:55:5c:8c:
26:dd:e4:6b:67:27:2c:fd:63:f6:0d:57:1d:44:c6:bb:5d:08:
b8:e9:73:e8:b8:bd:50:e8:f4:dc:fa:44:4b:66:0c:14:20:6b:
85:26:a6:b2:67:29:8f:37:81:4b:30:44:9f:92:cd:52:4a:88:
20:53:0c:f6:5a:11:0f:f7:e8:dc:fb:26:17:04:c9:e0:8f:a2:
44:a8:1d:35:d6:7f:f2:7d:7c:52:a0:e2:69:14:9a:27:21:e3:
ad:e3:14:33:2b:0d:41:15:37:19:2c:a8:56:f7:53:93:74:28:
db:4e:18:6e:2f:34:dd:e4:05:0c:ad:8e:51:ad:31:03:28:17:
70:cb:51:24:04:f6:bd:8c:fc:a3:27:d1:eb:7d:a7:20:e4:0b:
3e:48:d6:73:31:3c:b9:58:dd:d3:6e:e6:81:7f:dd:4a:5f:12:
b6:7f:9a:36:7e:84:cb:ee:60:19:f9:47:d1:8b:8b:0c:e9:a9:
9a:0c:c1:52:eb:ba:a1:72:4c:98:a4:55:74:13:cc:0a:05:83:
97:4f:60:d8:de:21:46:9e:a2:d4:ce:30:b7:45:f0:79:a2:ac:
19:75:5f:26
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGeb3J8wkGw+A2hMKFwbSQdH7hAkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MjEzNzA1WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZTJkODllMmNiYWUyMWI0OTE0MmQ5N2FmZWY2ZDFjNzRk
MjM0ZTMyYTg2NjMzYzIwYWQ2MTY5ZjA1OWU4NWU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbQ6oGq2bG8PN8yAx6tfV0jVNUh4pI38BvssQZsXwJXrVT
crE5oj6Hl0uX18uSHqm6Akc3hew80JBXVDokd41Osskbgth+L8rdg7ktLDo4yd9f
C91ZgpG3z/gJJucKfdFMt6T5Gjhaq6XCknXWQjPWEW+VAJfbudB7mOYRDlZyT5Al
/AyL/PgIzzs7CqLl4fdOz6/pDWIFfr7U7hez3VtMk4adu8lWHhlmRMlzXCH4DT5O
AqtyIXkqraY057OwS16sf8VvDCSspKXJoEVnw16Tt9lFwYOVUcHkmapSt6BO+Zwr
PvPCM3uBwzEwx4gu6i6mGJBVnbWkfE7YDRM70RK7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuLTknQgttPeaUPNT2zJ1fVnO5OUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3YjdiYzkzLTg3ZDctNGYwNi1hMGUwLTAzOTYwMGU0NTI1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAN5W6AwDQYJKoZIhvcNAQELBQADggEBAAqoA/nniqmAG1LfURGSs0kODuKp
l+OyE71eeBMDzcunDlVcjCbd5GtnJyz9Y/YNVx1ExrtdCLjpc+i4vVDo9Nz6REtm
DBQga4UmprJnKY83gUswRJ+SzVJKiCBTDPZaEQ/36Nz7JhcEyeCPokSoHTXWf/J9
fFKg4mkUmich463jFDMrDUEVNxksqFb3U5N0KNtOGG4vNN3kBQytjlGtMQMoF3DL
USQE9r2M/KMn0et9pyDkCz5I1nMxPLlY3dNu5oF/3UpfErZ/mjZ+hMvuYBn5R9GL
iwzpqZoMwVLruqFyTJikVXQTzAoFg5dPYNjeIUaeotTOMLdF8HmirBl1XyY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:59 2025 by rpki-client