Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/621aa1ba-7f47-41bb-bde3-9ec6a731a085.roa
File: 621aa1ba-7f47-41bb-bde3-9ec6a731a085.roa (raw, json)
Hash identifier: C+aDrI+J5L4r3bARSun0nImx2EVamhWE//NeF2P0eu8=
Subject key identifier: 71:69:85:63:BF:7B:29:C2:0E:E9:68:E4:71:2C:D9:3F:31:CD:13:7A
Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial: 4D14AADD2EBA6506870C473CDE4361BFE2F92693
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/621aa1ba-7f47-41bb-bde3-9ec6a731a085.roa
Signing time: Sat 22 Mar 2025 00:10:39 +0000
ROA not before: Sat 22 Mar 2025 00:10:39 +0000
ROA not after: Sat 26 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 13.248.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:14:aa:dd:2e:ba:65:06:87:0c:47:3c:de:43:61:bf:e2:f9:26:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Validity
Not Before: Mar 22 00:10:39 2025 GMT
Not After : Apr 26 23:59:59 2025 GMT
Subject: serialNumber=ea698a2511f8dd2e9af3193ad24d5cb8af20996f798605d49841dbb784fc9c32, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:05:33:d4:04:99:77:04:79:44:90:c7:4e:18:
d3:6c:d5:80:cc:46:a1:f9:a9:76:a2:60:a8:c6:c8:
18:eb:e2:51:8a:dd:04:0e:87:d0:4b:39:06:3e:13:
14:31:5f:b6:59:7a:a6:ee:68:6b:e1:42:a5:9f:04:
ea:57:5c:82:55:ad:22:38:d7:c4:f6:3b:d2:3a:9f:
77:2e:11:8b:fc:bf:35:04:36:b0:57:b5:06:a6:7c:
b1:13:ca:b7:01:e4:06:54:04:02:80:0f:4a:a6:8c:
8d:f5:73:ca:4c:58:84:f0:cc:96:c3:d0:29:fe:f2:
29:5f:94:e2:79:57:38:fa:8c:d8:97:70:c3:a1:15:
43:4d:40:a7:69:82:0b:80:ba:47:b9:f0:d2:f3:d3:
58:e9:f1:07:cf:21:58:b2:20:b2:be:44:52:ca:9a:
45:f6:e0:cb:7b:06:c7:7f:ee:db:16:9c:ff:e0:e5:
de:e5:30:fe:a6:5a:69:ec:bc:57:05:20:6f:45:7b:
fc:a3:23:36:2b:4a:c0:03:32:65:9f:5d:33:33:d0:
50:65:b0:4a:35:cb:7c:be:f3:ac:a3:25:1f:1c:a7:
5f:b2:4e:17:2a:e2:3b:a8:40:e9:90:a3:a4:6a:82:
0e:3b:b6:15:b2:70:db:f3:f9:4b:40:15:35:ab:53:
5a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:69:85:63:BF:7B:29:C2:0E:E9:68:E4:71:2C:D9:3F:31:CD:13:7A
X509v3 Authority Key Identifier:
keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/621aa1ba-7f47-41bb-bde3-9ec6a731a085.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.248.103.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:53:67:c1:1b:0a:0e:78:e1:10:c4:e8:69:f1:8c:5f:68:a8:
23:5c:1d:a6:7d:53:1e:c4:ae:30:12:4e:a1:c3:61:a1:05:a4:
35:33:67:66:8b:4e:d9:b4:46:95:93:31:24:0d:b9:a3:ac:35:
5e:bf:33:c5:3d:28:55:1f:64:5f:61:db:ca:70:14:34:87:ea:
46:c5:e4:e2:e9:95:6d:a2:d3:a6:2c:43:62:31:7a:e2:9e:fd:
fa:07:53:77:68:8d:3b:99:04:5b:11:3d:b0:91:4b:a0:61:32:
99:d6:ee:9e:4f:f5:4a:19:2c:8f:c8:e3:34:8a:50:53:3c:92:
01:5e:e2:98:a9:75:67:1f:49:75:c3:ab:f4:1b:c3:d4:2b:f9:
ea:70:04:07:c0:97:ef:74:f4:c9:5e:65:9f:53:90:08:1f:dd:
9f:e7:e1:02:c8:27:9f:07:ff:7c:35:19:a3:d6:a1:50:07:10:
3e:a4:93:28:35:4f:66:cb:e2:89:f4:4a:e7:f6:47:fb:0d:bb:
d1:95:10:58:c8:cd:96:ea:ea:2d:31:99:d2:b6:ab:04:01:b9:
fb:df:3d:5e:f2:f2:23:57:b0:9d:d3:11:87:74:a3:84:28:54:
32:0b:e5:8a:3c:15:7b:49:20:63:da:37:6b:87:3c:68:eb:0f:
28:8a:ad:22
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTRSq3S66ZQaHDEc83kNhv+L5JpMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMzIyMDAxMDM5WhcNMjUwNDI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTY5OGEyNTExZjhkZDJlOWFmMzE5M2FkMjRkNWNiOGFm
MjA5OTZmNzk4NjA1ZDQ5ODQxZGJiNzg0ZmM5YzMyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXBTPUBJl3BHlEkMdOGNNs1YDMRqH5qXaiYKjGyBjr4lGK
3QQOh9BLOQY+ExQxX7ZZeqbuaGvhQqWfBOpXXIJVrSI418T2O9I6n3cuEYv8vzUE
NrBXtQamfLETyrcB5AZUBAKAD0qmjI31c8pMWITwzJbD0Cn+8ilflOJ5Vzj6jNiX
cMOhFUNNQKdpgguAuke58NLz01jp8QfPIViyILK+RFLKmkX24Mt7Bsd/7tsWnP/g
5d7lMP6mWmnsvFcFIG9Fe/yjIzYrSsADMmWfXTMz0FBlsEo1y3y+86yjJR8cp1+y
Thcq4juoQOmQo6Rqgg47thWycNvz+UtAFTWrU1pRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcWmFY797KcIO6WjkcSzZPzHNE3owHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzYyMWFhMWJhLTdmNDctNDFiYi1iZGUzLTllYzZhNzMxYTA4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAN+GcwDQYJKoZIhvcNAQELBQADggEBACpTZ8EbCg544RDE6GnxjF9oqCNc
HaZ9Ux7ErjASTqHDYaEFpDUzZ2aLTtm0RpWTMSQNuaOsNV6/M8U9KFUfZF9h28pw
FDSH6kbF5OLplW2i06YsQ2IxeuKe/foHU3dojTuZBFsRPbCRS6BhMpnW7p5P9UoZ
LI/I4zSKUFM8kgFe4pipdWcfSXXDq/Qbw9Qr+epwBAfAl+909MleZZ9TkAgf3Z/n
4QLIJ58H/3w1GaPWoVAHED6kkyg1T2bL4on0Suf2R/sNu9GVEFjIzZbq6i0xmdK2
qwQBufvfPV7y8iNXsJ3TEYd0o4QoVDIL5Yo8FXtJIGPaN2uHPGjrDyiKrSI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:32:42 2025 by rpki-client on console.sobornost.net