Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0e40c41-1ab6-4eb5-8522-0209480072ff.roa
File: b0e40c41-1ab6-4eb5-8522-0209480072ff.roa (raw, json)
Hash identifier: UqzbHSxUJLqao39uahzrUErtJKzk9Dx2y24SWlzFJ7E=
Subject key identifier: 72:64:79:7F:0A:F7:34:A6:B5:43:78:CE:CA:E7:29:B0:CD:46:F9:A4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3F581406B191621E2A4EB2475CCC18374DA03348
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0e40c41-1ab6-4eb5-8522-0209480072ff.roa
Signing time: Wed 09 Apr 2025 00:00:18 +0000
ROA not before: Wed 09 Apr 2025 00:00:18 +0000
ROA not after: Wed 14 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 104.255.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:58:14:06:b1:91:62:1e:2a:4e:b2:47:5c:cc:18:37:4d:a0:33:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Apr 9 00:00:18 2025 GMT
Not After : May 14 23:59:59 2025 GMT
Subject: serialNumber=1c3ddebfe70473b20e98537375bf7f9599cbc34e049f66004a4c2af5b5d73da0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:34:ef:5b:24:f3:f8:ad:6e:6d:42:ff:db:db:
2b:e6:f7:24:41:9b:8a:f7:db:32:d6:a1:be:a0:c4:
e9:19:d7:90:ed:fd:4f:f7:3c:8d:c9:64:58:c5:b0:
0a:30:16:c3:03:12:02:d6:77:d5:80:03:c6:34:c0:
38:8b:08:b7:75:8a:64:e6:6f:97:5c:c3:29:b7:f6:
c4:5f:96:61:ec:a3:e0:a1:9c:85:f8:a0:ab:ac:b8:
cf:43:83:d3:f3:b7:c8:5c:ca:27:15:01:fd:5d:83:
2b:ca:e3:c2:48:d4:85:d2:2b:d5:b8:0f:81:e2:63:
4b:a2:fc:93:2b:09:79:43:d0:fa:37:24:36:9c:d1:
53:45:22:59:d3:da:44:03:27:8f:f4:31:a4:0d:75:
25:a6:d8:39:45:52:da:c6:72:72:7d:2f:69:e5:dd:
80:63:f8:4c:e7:f1:46:a3:9d:fb:e8:fc:02:9f:32:
05:e0:c2:6d:3c:f5:5e:c0:54:68:71:11:e8:89:a4:
35:30:05:49:9a:49:f2:4d:e7:34:b3:c5:5f:37:75:
c2:b7:9a:da:2d:cf:fc:34:7a:b4:5d:d8:2e:e9:a4:
1a:60:a8:86:1c:e5:c4:e6:77:3f:d2:33:46:c5:cb:
55:59:4b:91:62:bd:ed:a7:89:e0:9d:34:d6:f1:ab:
af:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:64:79:7F:0A:F7:34:A6:B5:43:78:CE:CA:E7:29:B0:CD:46:F9:A4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0e40c41-1ab6-4eb5-8522-0209480072ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.255.56.0/21
Signature Algorithm: sha256WithRSAEncryption
cd:9b:e5:26:e1:78:cc:ad:75:34:8c:c0:f9:1d:8e:40:9a:3c:
66:71:60:4e:4e:79:fd:12:07:75:db:46:b9:36:7f:55:be:19:
52:71:c7:00:97:21:d5:1a:e6:d9:a8:f6:5e:4a:0b:3a:fb:bb:
b5:9f:80:06:66:40:94:3d:8e:2d:01:4e:6b:84:0c:88:7c:43:
52:dc:08:7b:76:62:94:90:1a:6d:82:8a:82:e8:ae:39:24:d2:
05:e8:4a:8f:95:94:85:cb:6f:7f:48:d9:92:03:db:2c:3b:51:
9f:89:93:96:90:3f:1f:00:ef:2d:65:12:4a:76:a4:75:1c:b4:
e5:61:d3:8b:64:5b:c0:df:90:bb:49:d5:24:cd:81:09:44:de:
3a:be:10:7a:99:d7:15:0c:8c:79:ae:56:21:db:9e:3c:ea:e7:
0d:b7:d1:65:dd:3e:03:88:2e:fb:e5:79:c0:83:43:72:d1:ea:
6b:04:6c:68:23:5a:38:dd:51:97:12:d9:e7:cf:93:6b:18:23:
5f:5c:3f:57:ff:20:fe:75:c1:90:c1:69:e3:ea:2a:4a:23:80:
8f:55:e2:97:3f:90:35:6f:2a:15:e4:37:b5:6f:75:06:8e:ca:
15:b1:cf:32:62:ab:7b:ec:08:ce:ea:d6:21:14:c1:3a:91:76:
b4:8e:a8:4d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUP1gUBrGRYh4qTrJHXMwYN02gM0gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDA5MDAwMDE4WhcNMjUwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzNkZGViZmU3MDQ3M2IyMGU5ODUzNzM3NWJmN2Y5NTk5
Y2JjMzRlMDQ5ZjY2MDA0YTRjMmFmNWI1ZDczZGEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUNO9bJPP4rW5tQv/b2yvm9yRBm4r32zLWob6gxOkZ15Dt
/U/3PI3JZFjFsAowFsMDEgLWd9WAA8Y0wDiLCLd1imTmb5dcwym39sRflmHso+Ch
nIX4oKusuM9Dg9Pzt8hcyicVAf1dgyvK48JI1IXSK9W4D4HiY0ui/JMrCXlD0Po3
JDac0VNFIlnT2kQDJ4/0MaQNdSWm2DlFUtrGcnJ9L2nl3YBj+Ezn8Uajnfvo/AKf
MgXgwm089V7AVGhxEeiJpDUwBUmaSfJN5zSzxV83dcK3mtotz/w0erRd2C7ppBpg
qIYc5cTmdz/SM0bFy1VZS5Five2nieCdNNbxq6/XAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcmR5fwr3NKa1Q3jOyucpsM1G+aQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IwZTQwYzQxLTFhYjYtNGViNS04NTIyLTAyMDk0ODAwNzJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANo/zgwDQYJKoZIhvcNAQELBQADggEBAM2b5SbheMytdTSMwPkdjkCaPGZx
YE5Oef0SB3XbRrk2f1W+GVJxxwCXIdUa5tmo9l5KCzr7u7WfgAZmQJQ9ji0BTmuE
DIh8Q1LcCHt2YpSQGm2CioLorjkk0gXoSo+VlIXLb39I2ZID2yw7UZ+Jk5aQPx8A
7y1lEkp2pHUctOVh04tkW8DfkLtJ1STNgQlE3jq+EHqZ1xUMjHmuViHbnjzq5w23
0WXdPgOILvvlecCDQ3LR6msEbGgjWjjdUZcS2efPk2sYI19cP1f/IP51wZDBaePq
KkojgI9V4pc/kDVvKhXkN7VvdQaOyhWxzzJiq3vsCM7q1iEUwTqRdrSOqE0=
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:19:18 2025 by rpki-client on console.sobornost.net