Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/01392832-99d8-4f40-a789-c47cc16da502.roa
File: 01392832-99d8-4f40-a789-c47cc16da502.roa (raw, json)
Hash identifier: 6ibXB8VQCUcJMMLexwHqBkd0RcNWrt+fXemwQhSiHt0=
Subject key identifier: 99:90:B3:78:CB:52:E8:29:BA:2B:4C:97:BD:6B:48:F5:DF:A3:BC:85
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 3D8625E1EB9812382F7F879B28E876776B9158BF
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/01392832-99d8-4f40-a789-c47cc16da502.roa
Signing time: Mon 30 Jan 2023 00:00:00 +0000
ROA not before: Mon 30 Jan 2023 00:00:00 +0000
ROA not after: Thu 02 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:86:25:e1:eb:98:12:38:2f:7f:87:9b:28:e8:76:77:6b:91:58:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Jan 30 00:00:00 2023 GMT
Not After : Feb 2 23:59:59 2023 GMT
Subject: serialNumber=5d84c5765aa3db22c88d954fbdae9fbbdcf576db096df5e1c12d3319fd64bdda, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:91:b2:13:a3:c1:89:b2:b8:3e:3b:d0:38:d2:
a6:21:dc:93:f3:97:0f:42:00:a5:d0:d3:0c:54:0f:
14:61:39:5d:5c:7b:6f:cf:a4:e4:cc:55:a0:9d:e4:
e0:90:2e:49:ad:30:1e:f2:89:47:0a:65:56:6a:8a:
95:ec:15:4c:09:18:7c:16:7d:52:b5:06:09:4d:a2:
4c:d0:76:03:18:23:39:3d:31:ba:e5:40:d8:7d:f1:
a4:83:fb:06:df:ed:a8:41:b5:55:fc:45:21:33:26:
6b:b5:58:2b:c1:ef:d2:39:7a:5a:e7:e7:d2:54:46:
39:76:d0:21:d2:7d:37:d6:ec:2c:a0:d5:9d:c4:f3:
66:25:60:f9:75:8c:8c:b0:50:20:fe:38:b8:14:4f:
93:9e:46:38:b1:d6:c7:38:74:e0:cf:67:56:0f:9a:
5c:13:94:8a:07:04:2b:74:13:06:cb:3c:f9:e4:29:
53:32:0a:f5:e2:8c:49:d0:f7:38:c3:c4:01:59:04:
3d:6f:ba:ec:90:b3:ca:03:1d:86:8c:88:9b:fc:ed:
e2:50:05:ae:10:1e:c1:7f:56:2d:db:ab:73:f1:85:
99:ac:db:e3:85:97:8e:9f:f7:b4:79:dc:ae:8f:21:
f7:85:77:75:dd:8c:85:96:17:6f:17:d0:9d:1f:fa:
a2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:90:B3:78:CB:52:E8:29:BA:2B:4C:97:BD:6B:48:F5:DF:A3:BC:85
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/01392832-99d8-4f40-a789-c47cc16da502.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
25:09:d6:7a:21:d7:d0:a6:e2:64:ab:89:c7:39:91:9d:14:35:
c4:a9:76:b0:04:1c:b1:7d:04:49:be:5e:ea:94:de:31:4f:51:
4f:5f:99:da:e2:36:a3:7e:a2:88:84:41:aa:af:fc:22:b0:52:
f7:85:ff:0e:dc:48:ff:d7:86:54:bc:de:83:ca:8b:da:46:a9:
1c:2b:88:91:96:a5:b2:40:f3:ed:32:95:fa:df:be:92:3c:fe:
e5:e8:34:40:c5:8a:8b:d2:5c:68:e2:75:5d:e0:f3:8a:d0:c5:
b2:8b:cc:e3:84:2a:b8:c6:ea:5e:a0:f0:5e:76:37:3c:ba:98:
b7:06:53:95:ca:c4:e4:b6:05:af:0c:b6:27:cd:04:ea:c9:ec:
3e:27:88:10:e7:db:07:0f:e9:b6:20:df:97:b1:40:c4:e4:ed:
4a:89:8e:d9:4e:d1:bc:2a:f3:d2:5d:53:3d:ba:4e:b4:ba:a8:
51:bb:e5:7d:01:29:6d:d1:ef:84:59:29:58:67:61:70:60:3c:
e0:d2:73:87:d9:7e:d2:77:bf:8e:c4:a5:20:e9:1f:8e:3d:0e:
4f:3f:7c:d2:83:10:80:33:4a:62:18:dd:e9:77:99:21:5a:ee:
70:13:7a:f7:fb:6b:70:21:b5:09:42:7f:3f:47:e0:d8:48:9c:
fb:0e:77:ae
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUPYYl4euYEjgvf4ebKOh2d2uRWL8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMTMwMDAwMDAwWhcNMjMwMjAyMjM1OTU5
WjCBpTFJMEcGA1UEBRNANWQ4NGM1NzY1YWEzZGIyMmM4OGQ5NTRmYmRhZTlmYmJk
Y2Y1NzZkYjA5NmRmNWUxYzEyZDMzMTlmZDY0YmRkYTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMmRshOjwYmyuD470DjSpiHck/OXD0IApdDTDFQPFGE5XVx7b8+k
5MxVoJ3k4JAuSa0wHvKJRwplVmqKlewVTAkYfBZ9UrUGCU2iTNB2AxgjOT0xuuVA
2H3xpIP7Bt/tqEG1VfxFITMma7VYK8Hv0jl6Wufn0lRGOXbQIdJ9N9bsLKDVncTz
ZiVg+XWMjLBQIP44uBRPk55GOLHWxzh04M9nVg+aXBOUigcEK3QTBss8+eQpUzIK
9eKMSdD3OMPEAVkEPW+67JCzygMdhoyIm/zt4lAFrhAewX9WLdurc/GFmazb44WX
jp/3tHncro8h94V3dd2MhZYXbxfQnR/6oh0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSZkLN4y1LoKborTJe9a0j136O8hTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMDEzOTI4MzItOTlkOC00ZjQwLWE3ODktYzQ3Y2MxNmRhNTAyLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACUJ1noh19Cm4mSr
icc5kZ0UNcSpdrAEHLF9BEm+XuqU3jFPUU9fmdriNqN+ooiEQaqv/CKwUveF/w7c
SP/XhlS83oPKi9pGqRwriJGWpbJA8+0ylfrfvpI8/uXoNEDFiovSXGjidV3g84rQ
xbKLzOOEKrjG6l6g8F52Nzy6mLcGU5XKxOS2Ba8MtifNBOrJ7D4niBDn2wcP6bYg
35exQMTk7UqJjtlO0bwq89JdUz26TrS6qFG75X0BKW3R74RZKVhnYXBgPODSc4fZ
ftJ3v47EpSDpH449Dk8/fNKDEIAzSmIY3el3mSFa7nATevf7a3AhtQlCfz9H4NhI
nPsOd64=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:36 2023 by rpki-client on console-ams.rpki-client.org