Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa
File: 20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa (raw, json)
Hash identifier: pvTaEYTeXQuFrFJrgU8BgvmLnPHMOor1T0W9BnnBcXw=
Subject key identifier: 1D:3D:3C:94:63:10:BE:DF:53:A9:DA:CE:A8:BF:A3:9F:40:F0:D4:37
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7DD17FF6F9EFE6EE2A5EDC7742BB6B0DE4C03A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa
Signing time: Sat 12 Apr 2025 00:11:54 +0000
ROA not before: Sat 12 Apr 2025 00:11:54 +0000
ROA not after: Sat 17 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 44.210.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:d1:7f:f6:f9:ef:e6:ee:2a:5e:dc:77:42:bb:6b:0d:e4:c0:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Apr 12 00:11:54 2025 GMT
Not After : May 17 23:59:59 2025 GMT
Subject: serialNumber=2a572d08ef0c57483149e459cc87da53b1d92cd8b723fef5d5b6500e66230801, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ff:57:e4:ab:87:68:70:df:92:4e:56:07:9a:
e1:a2:87:61:f9:8e:bc:38:c4:01:40:a8:ad:f2:ce:
7d:65:25:93:ee:10:dc:5c:23:86:2c:06:9e:31:f6:
d2:4d:6a:fc:65:bb:92:2b:3a:29:44:31:5e:cb:5c:
df:67:b9:82:db:65:38:65:69:08:7f:9a:c4:2f:28:
01:e2:75:67:18:15:2a:ac:86:73:d7:eb:7c:69:13:
ba:58:fc:54:9d:9c:72:17:30:58:7f:eb:c3:1b:26:
91:6b:2f:0c:35:e9:1b:9a:83:84:e8:0d:cc:83:88:
29:4d:0e:0e:a4:82:d7:bb:e0:0b:1b:bd:04:68:07:
75:ef:53:7f:08:99:88:28:81:49:34:36:a5:11:61:
12:d4:11:9e:63:d2:35:cf:0c:3e:87:a8:58:bd:cf:
a4:e3:aa:c1:04:ec:05:86:fa:b5:cd:ba:b3:04:98:
49:7d:89:6d:69:9d:1a:3a:07:95:55:c9:3c:dc:21:
2b:aa:26:0e:d4:22:19:2d:08:03:43:c8:86:75:99:
2e:3d:95:c1:02:2a:7b:70:49:87:e3:e9:bd:e6:68:
eb:0d:bd:f5:03:ef:0d:e5:1b:e1:5e:34:e9:97:dd:
02:22:cd:4c:27:16:18:43:a8:5d:b3:4e:c6:71:e3:
6f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3D:3C:94:63:10:BE:DF:53:A9:DA:CE:A8:BF:A3:9F:40:F0:D4:37
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20a8d1d7-3bfc-4928-91be-6fe72d40652c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
44.210.202.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:f0:c8:bf:36:b5:3a:dd:7e:49:31:18:b3:4b:ae:bc:ce:eb:
1b:27:7b:80:6f:62:fe:58:2d:65:71:f7:14:65:8a:a3:22:08:
25:c1:f5:68:60:6f:49:b3:d7:d4:83:ae:d7:1d:f3:d0:16:47:
17:9b:70:03:a0:bd:12:c8:72:71:c7:a0:16:fc:36:63:83:ac:
2b:7e:5a:b5:4a:80:6b:4f:43:3b:b5:40:1a:56:fd:f2:54:ae:
58:9b:7b:97:e1:fa:ac:18:bc:b8:86:ba:8c:e8:01:3c:83:79:
33:ec:df:12:f7:1b:6d:d4:ae:97:9a:9a:52:0a:7b:d3:00:53:
7a:09:80:1a:99:b1:cf:53:af:f0:c6:20:4d:40:ca:9d:8f:0d:
c3:1e:e8:e2:99:23:dd:f1:c9:2d:f1:b8:ec:0d:51:2f:85:1b:
24:00:04:65:88:65:97:a8:5f:2c:c7:eb:f9:3a:88:80:cb:2b:
ef:3b:f8:ca:37:b8:35:b4:c0:92:bf:ae:38:24:b9:ab:47:28:
a1:10:35:0a:82:c3:ca:95:1b:9d:17:62:5a:6f:af:39:4f:f5:
8b:b0:97:54:4e:b2:86:34:11:31:5a:3c:c8:cf:86:00:8b:e5:
08:27:41:91:ee:bc:80:98:98:44:1f:f5:34:91:3b:bd:d1:ad:
08:67:41:a5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITfdF/9vnv5u4qXtx3QrtrDeTAOjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA0MTIwMDExNTRaFw0yNTA1MTcyMzU5NTla
MHoxSTBHBgNVBAUTQDJhNTcyZDA4ZWYwYzU3NDgzMTQ5ZTQ1OWNjODdkYTUzYjFk
OTJjZDhiNzIzZmVmNWQ1YjY1MDBlNjYyMzA4MDExLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3/V+Srh2hw35JOVgea4aKHYfmOvDjEAUCorfLOfWUlk+4Q
3FwjhiwGnjH20k1q/GW7kis6KUQxXstc32e5gttlOGVpCH+axC8oAeJ1ZxgVKqyG
c9frfGkTulj8VJ2cchcwWH/rwxsmkWsvDDXpG5qDhOgNzIOIKU0ODqSC17vgCxu9
BGgHde9TfwiZiCiBSTQ2pRFhEtQRnmPSNc8MPoeoWL3PpOOqwQTsBYb6tc26swSY
SX2JbWmdGjoHlVXJPNwhK6omDtQiGS0IA0PIhnWZLj2VwQIqe3BJh+PpveZo6w29
9QPvDeUb4V406ZfdAiLNTCcWGEOoXbNOxnHjb/8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQdPTyUYxC+31Op2s6ov6OfQPDUNzAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvMjBhOGQxZDctM2JmYy00OTI4LTkxYmUtNmZlNzJkNDA2NTJjLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEACzSyjANBgkqhkiG9w0BAQsFAAOCAQEAwPDIvza1Ot1+STEYs0uuvM7rGyd7
gG9i/lgtZXH3FGWKoyIIJcH1aGBvSbPX1IOu1x3z0BZHF5twA6C9EshyccegFvw2
Y4OsK35atUqAa09DO7VAGlb98lSuWJt7l+H6rBi8uIa6jOgBPIN5M+zfEvcbbdSu
l5qaUgp70wBTegmAGpmxz1Ov8MYgTUDKnY8Nwx7o4pkj3fHJLfG47A1RL4UbJAAE
ZYhll6hfLMfr+TqIgMsr7zv4yje4NbTAkr+uOCS5q0cooRA1CoLDypUbnRdiWm+v
OU/1i7CXVE6yhjQRMVo8yM+GAIvlCCdBke68gJiYRB/1NJE7vdGtCGdBpQ==
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:18:59 2025 by rpki-client on console.sobornost.net