Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9dbfe7a-efda-4ffb-a0bd-f69d913f21d8.roa
File: e9dbfe7a-efda-4ffb-a0bd-f69d913f21d8.roa (raw, json)
Hash identifier: wXS/SxYqHV3H20+YM1u1TNB3ZP904kbPF2WGadgZMmc=
Subject key identifier: B0:74:5D:FB:B4:F5:52:61:07:BF:A1:91:38:0C:FB:BC:51:8A:B5:36
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0488A587355FB5647EECB851F461D4A67D3A770F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9dbfe7a-efda-4ffb-a0bd-f69d913f21d8.roa
Signing time: Tue 04 Mar 2025 16:11:18 +0000
ROA not before: Tue 04 Mar 2025 16:11:18 +0000
ROA not after: Tue 08 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.236.192.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:88:a5:87:35:5f:b5:64:7e:ec:b8:51:f4:61:d4:a6:7d:3a:77:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 4 16:11:18 2025 GMT
Not After : Apr 8 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b7:9d:a4:af:8f:99:6e:62:b3:02:41:14:da:
8f:68:a1:33:c6:cb:f1:40:c7:e6:62:bc:52:41:cb:
2d:d9:3a:c4:24:ac:01:cb:b7:06:b1:d1:f3:94:c5:
fb:bc:3a:55:8e:0d:e2:f0:7c:f6:ed:2a:d6:c5:cf:
15:d8:63:0d:b6:16:5e:28:f1:8c:8c:88:35:f1:2d:
cc:b5:98:4e:38:23:6d:67:a4:a7:89:c4:f5:36:c9:
ae:2c:71:bf:0f:dd:b0:b3:ce:92:04:ca:0b:46:5c:
2a:67:42:fd:3c:0a:1e:f8:82:7d:00:9a:72:aa:8c:
f1:16:eb:5c:0c:3e:3d:62:6b:5f:a5:c8:d9:28:01:
58:0c:8e:9f:5a:f0:5a:d2:97:94:9b:61:71:20:bf:
5e:53:4a:1e:95:00:aa:59:9e:8d:06:48:ba:b0:d1:
3a:a8:34:c1:1c:1a:32:71:e7:6a:98:3e:18:ae:2a:
8a:47:32:48:04:0b:91:d4:ec:fe:6b:14:b0:75:52:
8e:1b:80:c7:02:2a:8d:4a:38:9d:d3:5c:f6:3b:46:
8c:80:ed:24:61:06:96:fa:ef:f6:8c:20:a5:4d:c6:
79:30:63:e3:db:7f:ea:fb:45:c3:1c:ea:78:15:c1:
21:c4:5c:58:ec:60:af:70:e2:ef:14:bc:87:4d:d7:
98:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:74:5D:FB:B4:F5:52:61:07:BF:A1:91:38:0C:FB:BC:51:8A:B5:36
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9dbfe7a-efda-4ffb-a0bd-f69d913f21d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.236.192.0/20
Signature Algorithm: sha256WithRSAEncryption
01:84:23:29:2c:b1:63:c4:bf:df:e2:bd:80:8c:58:7c:94:aa:
13:6a:95:e2:35:fa:4f:80:b8:51:36:0e:ab:ff:7f:7d:9e:c8:
72:3b:bf:2a:95:84:75:74:77:0a:ba:92:36:b3:f8:0f:2a:1d:
2e:50:2e:27:b2:53:f5:c6:75:ee:f3:9d:5c:89:e9:43:e5:fc:
bb:fd:5c:e6:20:95:08:cc:03:16:80:23:1f:21:d0:0a:b7:87:
49:e9:5e:c3:9e:c3:53:3e:88:24:61:2d:eb:c8:24:46:85:10:
c5:2d:d2:bf:b1:48:e4:52:44:8e:e3:af:6b:24:4e:46:bf:57:
8c:26:48:02:d6:a2:26:21:7c:45:8a:a6:6e:26:aa:43:04:dd:
70:13:90:34:40:e2:85:3d:d9:b5:32:80:fa:8f:0b:e6:bc:17:
55:a6:70:4c:c2:a0:b2:50:f3:d6:64:00:53:22:ef:cd:48:dd:
3e:79:30:fd:11:e8:5e:1e:ab:25:74:f3:23:53:4a:4a:72:23:
8f:fd:65:ef:92:ab:73:1b:f2:f3:f2:47:06:e6:02:13:34:af:
c8:88:c7:2a:2e:fe:2d:d0:d0:4c:86:8d:3b:3f:c0:39:23:87:
6d:2f:bf:ec:14:4e:1e:17:3c:ce:c0:3b:27:ec:fb:ca:e7:73:
03:ed:58:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBIilhzVftWR+7LhR9GHUpn06dw8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA0MTYxMTE4WhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYzc1NmIxMTc4MDhiZWI4MDdlODJkMTE4ZmZhNGY5MTA2
MzI1Mzk0MGFkN2YwNGEwYTk2MjJlZTg4OGVmNWI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHt52kr4+ZbmKzAkEU2o9ooTPGy/FAx+ZivFJByy3ZOsQk
rAHLtwax0fOUxfu8OlWODeLwfPbtKtbFzxXYYw22Fl4o8YyMiDXxLcy1mE44I21n
pKeJxPU2ya4scb8P3bCzzpIEygtGXCpnQv08Ch74gn0AmnKqjPEW61wMPj1ia1+l
yNkoAVgMjp9a8FrSl5SbYXEgv15TSh6VAKpZno0GSLqw0TqoNMEcGjJx52qYPhiu
KopHMkgEC5HU7P5rFLB1Uo4bgMcCKo1KOJ3TXPY7RoyA7SRhBpb67/aMIKVNxnkw
Y+Pbf+r7RcMc6ngVwSHEXFjsYK9w4u8UvIdN15idAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsHRd+7T1UmEHv6GROAz7vFGKtTYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U5ZGJmZTdhLWVmZGEtNGZmYi1hMGJkLWY2OWQ5MTNmMjFkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATM7MAwDQYJKoZIhvcNAQELBQADggEBAAGEIykssWPEv9/ivYCMWHyUqhNq
leI1+k+AuFE2Dqv/f32eyHI7vyqVhHV0dwq6kjaz+A8qHS5QLieyU/XGde7znVyJ
6UPl/Lv9XOYglQjMAxaAIx8h0Aq3h0npXsOew1M+iCRhLevIJEaFEMUt0r+xSORS
RI7jr2skTka/V4wmSALWoiYhfEWKpm4mqkME3XATkDRA4oU92bUygPqPC+a8F1Wm
cEzCoLJQ89ZkAFMi781I3T55MP0R6F4eqyV08yNTSkpyI4/9Ze+Sq3Mb8vPyRwbm
AhM0r8iIxyou/i3Q0EyGjTs/wDkjh20vv+wUTh4XPM7AOyfs+8rncwPtWCw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:22:45 2025 by rpki-client