Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
File: 5eadccc1-2a48-4240-972e-4e5473a01e2e.roa (raw, json)
Hash identifier: UiffXAHO/Qmkf/ro8ywNPHMoQxDh9blFWJOgcZAaoD4=
Subject key identifier: E2:BB:7F:F9:48:22:E1:AC:D1:5E:96:8A:C3:D7:58:E3:B7:CE:F6:61
Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial: 04DC81DC6AB8ED4A98A615A7146133D4A2BC7486
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
Signing time: Wed 30 Oct 2024 00:00:00 +0000
ROA not before: Wed 30 Oct 2024 00:00:00 +0000
ROA not after: Wed 04 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 23.249.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:dc:81:dc:6a:b8:ed:4a:98:a6:15:a7:14:61:33:d4:a2:bc:74:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Validity
Not Before: Oct 30 00:00:00 2024 GMT
Not After : Dec 4 23:59:59 2024 GMT
Subject: serialNumber=be35d925b7c2c1dacefba4653340be140a5f68549572b953caf6b941a60581b4, CN=42519eb9-9579-4979-bdaf-164abd0e290e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:96:25:21:66:73:3c:6b:12:46:7a:c8:89:b8:
c8:e7:14:f2:bc:f3:52:09:1f:84:e7:a9:da:2a:4c:
1c:56:24:ee:ec:c2:6a:59:96:d3:00:aa:0f:ad:c6:
e4:dc:73:ae:d0:5a:40:82:87:ec:8e:0f:91:ab:3c:
20:ce:c9:4d:ee:1b:9b:95:16:04:42:68:ae:79:29:
29:fb:36:02:68:e0:6c:fa:5c:f2:12:ee:4c:66:f2:
68:7a:6c:f0:db:75:21:d5:59:af:bf:60:dd:64:a8:
d1:6e:01:d8:95:71:19:b1:51:ed:a5:f8:40:07:b0:
d6:68:a7:34:9f:26:5d:18:1b:ae:c6:7b:7f:04:9f:
37:1d:23:59:66:db:66:53:28:06:60:b0:29:d8:cf:
da:36:07:cf:fa:28:cf:7e:71:de:d7:cf:bb:a3:5a:
b6:d0:93:74:51:80:dd:37:51:8c:00:10:46:e8:0a:
d6:46:e3:d2:94:da:25:ee:6e:dc:d2:51:5a:64:cd:
3a:a6:81:3e:2c:d3:b3:ef:f6:11:27:6e:02:5a:9d:
9e:28:ad:f9:3d:63:c0:df:0d:7c:0c:53:12:6d:f9:
89:36:76:c8:d9:6d:5d:88:06:fb:88:f9:f1:8d:01:
03:04:0b:d7:55:65:61:5d:f8:1a:ea:52:dd:e0:39:
d4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BB:7F:F9:48:22:E1:AC:D1:5E:96:8A:C3:D7:58:E3:B7:CE:F6:61
X509v3 Authority Key Identifier:
keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.249.208.0/20
Signature Algorithm: sha256WithRSAEncryption
26:46:4c:52:da:9f:a5:b9:9a:1a:db:ed:e0:cb:97:cc:20:3a:
1c:e3:08:f2:a9:ab:41:b9:a2:ff:2b:69:ca:df:0c:87:95:19:
e7:da:92:40:0a:9c:cb:fd:9a:ce:ec:6a:92:c9:1c:90:ac:4d:
b0:fc:dd:e8:6a:5f:f3:8d:d8:d2:62:44:8b:3b:a6:b0:87:15:
2f:51:dc:4e:b8:de:cd:a5:23:73:77:a5:4d:93:3c:89:eb:63:
d8:7b:95:1e:58:98:ea:02:1b:66:b9:48:9d:a6:0a:ad:3d:df:
f5:02:bf:d3:8f:97:01:b3:74:b6:ee:76:28:f0:36:61:40:ac:
0d:23:cb:13:32:d8:c6:36:7b:66:c2:fa:95:03:70:7d:30:e5:
40:63:92:45:3d:97:3b:64:ed:c3:42:c3:e1:40:a9:36:69:2f:
dd:cc:58:d8:43:7b:50:60:8c:4d:e4:06:4b:7c:a7:35:19:27:
30:3f:c4:d8:d9:76:13:9f:f4:a2:98:08:95:dd:65:cd:1b:3c:
bf:a4:de:d0:6b:2d:98:2f:c0:55:be:8e:d2:0a:d4:47:78:d4:
32:f3:ad:e9:c0:ed:ad:02:f3:16:9f:59:f1:52:01:ce:82:50:
53:f5:eb:47:18:24:cc:51:6b:da:39:fe:b2:ba:14:cd:cb:6b:
80:9f:20:ab
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBNyB3Gq47UqYphWnFGEz1KK8dIYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMDMwMDAwMDAwWhcNMjQxMjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTM1ZDkyNWI3YzJjMWRhY2VmYmE0NjUzMzQwYmUxNDBh
NWY2ODU0OTU3MmI5NTNjYWY2Yjk0MWE2MDU4MWI0MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfliUhZnM8axJGesiJuMjnFPK881IJH4TnqdoqTBxWJO7s
wmpZltMAqg+txuTcc67QWkCCh+yOD5GrPCDOyU3uG5uVFgRCaK55KSn7NgJo4Gz6
XPIS7kxm8mh6bPDbdSHVWa+/YN1kqNFuAdiVcRmxUe2l+EAHsNZopzSfJl0YG67G
e38EnzcdI1lm22ZTKAZgsCnYz9o2B8/6KM9+cd7Xz7ujWrbQk3RRgN03UYwAEEbo
CtZG49KU2iXubtzSUVpkzTqmgT4s07Pv9hEnbgJanZ4orfk9Y8DfDXwMUxJt+Yk2
dsjZbV2IBvuI+fGNAQMEC9dVZWFd+BrqUt3gOdTjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4rt/+Ugi4azRXpaKw9dY47fO9mEwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzVlYWRjY2MxLTJhNDgtNDI0MC05NzJlLTRlNTQ3M2EwMWUyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQX+dAwDQYJKoZIhvcNAQELBQADggEBACZGTFLan6W5mhrb7eDLl8wgOhzj
CPKpq0G5ov8racrfDIeVGefakkAKnMv9ms7sapLJHJCsTbD83ehqX/ON2NJiRIs7
prCHFS9R3E643s2lI3N3pU2TPInrY9h7lR5YmOoCG2a5SJ2mCq093/UCv9OPlwGz
dLbudijwNmFArA0jyxMy2MY2e2bC+pUDcH0w5UBjkkU9lztk7cNCw+FAqTZpL93M
WNhDe1BgjE3kBkt8pzUZJzA/xNjZdhOf9KKYCJXdZc0bPL+k3tBrLZgvwFW+jtIK
1Ed41DLzrenA7a0C8xafWfFSAc6CUFP160cYJMxRa9o5/rK6FM3La4CfIKs=
-----END CERTIFICATE-----
Generated at Fri Nov 8 03:30:14 2024 by rpki-client on console.sobornost.net