Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/1c959e66-f967-43d6-93bd-cbdcf160cbb5.roa
File: 1c959e66-f967-43d6-93bd-cbdcf160cbb5.roa (raw, json)
Hash identifier: f028DhEYJx97tNYtHlTZDolYQQ0UFGjp7B/BS/ci+rQ=
Subject key identifier: 95:AB:87:2A:C8:D2:D5:D4:1F:4B:27:53:05:14:E4:64:C8:8B:49:6E
Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial: 61B93868D50450D2C38814DC96ED5EEFF1FC6416
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/1c959e66-f967-43d6-93bd-cbdcf160cbb5.roa
Signing time: Sat 29 Mar 2025 00:10:16 +0000
ROA not before: Sat 29 Mar 2025 00:10:16 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.249.208.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:b9:38:68:d5:04:50:d2:c3:88:14:dc:96:ed:5e:ef:f1:fc:64:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Validity
Not Before: Mar 29 00:10:16 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:01:50:8c:82:0f:b5:bf:e1:2b:58:fa:e0:fd:
1e:1a:e7:d7:44:12:5a:da:f8:78:68:d6:ef:48:50:
70:59:a1:65:e0:a8:08:0e:62:9b:75:82:ae:a4:4b:
e6:18:44:50:c0:0c:b7:bf:52:c5:dd:49:e3:2f:b7:
8e:11:f7:b0:36:a4:16:e0:f0:9c:3e:2d:99:65:f4:
a6:56:43:97:dc:83:8f:86:3f:9f:ea:7d:56:13:62:
f6:f2:25:03:2e:30:c1:ea:b9:f6:03:08:3a:9a:90:
30:9e:c4:ee:26:36:8a:41:d9:09:87:4d:77:01:8e:
fd:9a:a0:ca:31:c9:88:88:f1:2b:7a:85:3c:fa:15:
70:d4:e2:44:b3:06:fa:d9:c4:12:9d:90:ae:62:fb:
02:26:e2:31:80:4f:1e:27:0d:b4:8b:72:ad:fe:a8:
da:a9:33:d2:a1:15:fa:63:46:3b:82:26:a3:61:5e:
76:be:52:59:ce:d4:c0:1e:07:a7:b8:10:aa:8a:dc:
c6:17:23:68:5a:8e:b2:09:20:42:d6:e4:7d:32:b7:
d0:2e:d0:ce:6b:02:f2:ae:fa:6f:e0:6a:94:87:4d:
ce:f7:b8:14:a4:96:c8:60:00:78:84:2e:09:10:17:
e2:36:19:3e:14:bd:0a:b3:f9:ff:aa:65:9c:a0:4a:
f9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AB:87:2A:C8:D2:D5:D4:1F:4B:27:53:05:14:E4:64:C8:8B:49:6E
X509v3 Authority Key Identifier:
keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/1c959e66-f967-43d6-93bd-cbdcf160cbb5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.249.208.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:ba:cd:00:eb:5f:86:53:bb:8b:65:b9:99:7e:8a:19:b5:42:
db:1f:2f:de:b2:5f:f3:7f:e5:5a:6a:3b:58:69:57:e6:7a:f2:
d7:b6:5b:e0:b3:70:b5:a3:1e:30:c9:dd:73:c8:31:cf:b7:8f:
75:8a:ea:11:1c:99:1b:9a:9d:25:f3:a9:bc:78:c8:e7:10:3e:
18:e0:fa:14:dd:a9:20:26:76:e7:36:ab:62:b0:dd:d6:88:57:
c2:eb:7e:1e:b9:24:94:5e:dc:d3:a2:c2:96:5a:0c:d3:77:8f:
51:9f:8f:9e:c5:f1:fb:4a:1f:17:79:49:b7:a6:d3:35:39:5c:
1e:51:18:90:7a:c2:a4:ed:f2:96:cb:82:75:93:f9:02:3c:f5:
2d:75:9c:12:50:3a:89:61:cc:9f:68:fe:59:7d:9b:00:24:ef:
e3:3c:53:9c:10:cd:0a:22:48:63:57:98:7e:cf:ba:eb:fd:e7:
5d:cd:5d:a6:ef:7e:1a:62:ec:a9:f8:26:32:22:98:f9:cc:83:
c9:37:54:6c:16:77:b3:d9:bd:7a:4d:81:cf:d9:af:9b:a3:41:
cf:50:cc:dc:2c:ff:0e:9f:bc:ee:5b:87:a9:56:07:68:eb:42:
b2:8e:33:25:af:37:d0:91:ac:d5:49:84:6e:ce:5b:8d:e8:9e:
79:6a:c7:a7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYbk4aNUEUNLDiBTclu1e7/H8ZBYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMzI5MDAxMDE2WhcNMjUwNTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjhiMDA0M2E5OGI0NzE4MWY5M2UwNzRjZDE0MjE4ZTNk
YjdhNThjMmVmODIwZTkzMGMwOGM3ZWQxOWMzZWQ4MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClAVCMgg+1v+ErWPrg/R4a59dEElra+Hho1u9IUHBZoWXg
qAgOYpt1gq6kS+YYRFDADLe/UsXdSeMvt44R97A2pBbg8Jw+LZll9KZWQ5fcg4+G
P5/qfVYTYvbyJQMuMMHqufYDCDqakDCexO4mNopB2QmHTXcBjv2aoMoxyYiI8St6
hTz6FXDU4kSzBvrZxBKdkK5i+wIm4jGATx4nDbSLcq3+qNqpM9KhFfpjRjuCJqNh
Xna+UlnO1MAeB6e4EKqK3MYXI2hajrIJIELW5H0yt9Au0M5rAvKu+m/gapSHTc73
uBSklshgAHiELgkQF+I2GT4UvQqz+f+qZZygSvnTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlauHKsjS1dQfSydTBRTkZMiLSW4wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzFjOTU5ZTY2LWY5NjctNDNkNi05M2JkLWNiZGNmMTYwY2JiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQX+dAwDQYJKoZIhvcNAQELBQADggEBAB66zQDrX4ZTu4tluZl+ihm1Qtsf
L96yX/N/5VpqO1hpV+Z68te2W+CzcLWjHjDJ3XPIMc+3j3WK6hEcmRuanSXzqbx4
yOcQPhjg+hTdqSAmduc2q2Kw3daIV8Lrfh65JJRe3NOiwpZaDNN3j1Gfj57F8ftK
Hxd5Sbem0zU5XB5RGJB6wqTt8pbLgnWT+QI89S11nBJQOolhzJ9o/ll9mwAk7+M8
U5wQzQoiSGNXmH7Puuv9513NXabvfhpi7Kn4JjIimPnMg8k3VGwWd7PZvXpNgc/Z
r5ujQc9QzNws/w6fvO5bh6lWB2jrQrKOMyWvN9CRrNVJhG7OW43onnlqx6c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:09 2025 by rpki-client