Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/01b3a8b9-3e07-4575-adfa-12bb462f49de.roa
File: 01b3a8b9-3e07-4575-adfa-12bb462f49de.roa (raw, json)
Hash identifier: LR+PiYBJxGNyo5ttc2LUDmHpeVZaIZbI32sEi7mfyUU=
Subject key identifier: DC:4C:D3:54:F6:38:B8:47:7D:EB:B5:4C:92:05:43:32:3F:35:C6:35
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 262377F0908132DB5BFEA6BB6651F8777FC14FEF
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/01b3a8b9-3e07-4575-adfa-12bb462f49de.roa
Signing time: Thu 24 Nov 2022 00:00:00 +0000
ROA not before: Thu 24 Nov 2022 00:00:00 +0000
ROA not after: Sun 27 Nov 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:23:77:f0:90:81:32:db:5b:fe:a6:bb:66:51:f8:77:7f:c1:4f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Nov 24 00:00:00 2022 GMT
Not After : Nov 27 23:59:59 2022 GMT
Subject: serialNumber=3807277cc2b05ec88363d6bbd091764a483ba6c26d64c2adffda3e3832be0dc4, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:41:20:67:08:47:87:3e:76:28:81:af:b0:6c:
1a:1a:3a:cf:e4:e2:c0:9f:7e:46:fd:d4:11:23:fc:
55:6a:61:3f:e8:da:fd:0f:5c:4d:4c:97:72:4a:23:
a4:68:c0:3a:98:76:fe:f7:9c:fc:93:30:46:09:8f:
6d:65:f8:d3:e5:e0:29:a6:3b:ee:3b:01:b3:66:bf:
fe:36:04:b2:ab:bf:27:38:13:8e:c5:49:3c:ed:7b:
a8:5c:d3:f8:d4:34:4a:fb:e0:b3:1b:45:a1:dd:15:
c0:22:42:bf:10:57:0b:e0:4b:58:75:e8:b8:06:39:
90:d8:0b:20:1e:0e:8c:a4:45:ca:59:cc:a5:f9:8e:
02:c0:4b:17:5f:19:63:f1:03:68:6b:48:c5:6d:02:
a7:de:e0:9c:e1:d4:4b:e5:ec:eb:ab:ff:55:e0:b7:
5b:97:f2:15:c8:06:38:19:7d:9a:63:bf:95:36:6a:
91:6f:91:e4:c2:a8:ac:e4:19:4f:01:65:f2:a4:5e:
0e:cc:70:29:b2:dc:82:46:3f:01:27:67:6e:38:dd:
da:db:78:fb:72:15:8e:40:cd:a6:f8:18:f2:b8:47:
b7:f0:6e:59:37:7a:d1:c7:a4:0b:db:da:64:eb:7e:
82:09:cb:09:60:1b:2a:a0:18:43:a3:b1:38:6a:e2:
0c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:4C:D3:54:F6:38:B8:47:7D:EB:B5:4C:92:05:43:32:3F:35:C6:35
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/01b3a8b9-3e07-4575-adfa-12bb462f49de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
52:fd:32:5b:63:c4:ce:b8:8f:13:d2:87:fc:3d:56:ab:8e:6f:
66:84:36:fd:71:15:99:06:ac:f4:c9:7b:a2:23:fd:9d:40:6c:
ab:ca:7c:df:35:74:de:45:e1:b2:d0:44:c7:f9:21:f1:2d:f5:
83:b0:d3:8d:1d:f3:09:f1:2c:e5:b9:b5:74:20:de:9f:8e:87:
9d:27:b9:aa:d0:23:b5:5b:45:04:db:af:6f:c3:81:30:a4:6d:
f3:23:a5:f9:e2:ef:85:31:03:ce:e2:7a:46:02:5e:35:4c:1e:
30:5e:0c:4d:64:09:78:23:35:72:24:b7:0d:e0:13:c2:99:ca:
4b:17:a2:b4:88:38:48:5e:82:46:db:4e:02:ea:1e:68:fc:70:
5d:37:44:88:06:5b:c0:d8:6a:19:e1:3c:39:c6:dd:82:26:c6:
81:b9:f7:90:9c:3f:f0:d4:dc:4a:c1:64:d7:3f:45:d9:9c:bb:
bb:76:a6:81:52:d3:ee:5d:9b:c2:cb:d0:2a:6a:0e:3a:76:ba:
dd:dc:bc:c9:f9:4e:1e:5f:79:4f:96:0a:bd:2a:9a:13:c9:16:
34:4a:8b:f3:75:24:b9:42:b1:6b:81:de:27:3c:c6:82:1c:c3:
05:1e:2b:72:56:37:7b:4a:c0:04:28:c0:d4:0f:01:4c:78:4e:
40:75:58:93
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUJiN38JCBMttb/qa7ZlH4d3/BT+8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIxMTI0MDAwMDAwWhcNMjIxMTI3MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMzgwNzI3N2NjMmIwNWVjODgzNjNkNmJiZDA5MTc2NGE0
ODNiYTZjMjZkNjRjMmFkZmZkYTNlMzgzMmJlMGRjNDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJ9BIGcIR4c+diiBr7BsGho6z+TiwJ9+Rv3UESP8VWphP+ja/Q9c
TUyXckojpGjAOph2/vec/JMwRgmPbWX40+XgKaY77jsBs2a//jYEsqu/JzgTjsVJ
PO17qFzT+NQ0SvvgsxtFod0VwCJCvxBXC+BLWHXouAY5kNgLIB4OjKRFylnMpfmO
AsBLF18ZY/EDaGtIxW0Cp97gnOHUS+Xs66v/VeC3W5fyFcgGOBl9mmO/lTZqkW+R
5MKorOQZTwFl8qReDsxwKbLcgkY/ASdnbjjd2tt4+3IVjkDNpvgY8rhHt/BuWTd6
0cekC9vaZOt+ggnLCWAbKqAYQ6OxOGriDM8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTcTNNU9ji4R33rtUySBUMyPzXGNTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMDFiM2E4YjktM2UwNy00NTc1LWFkZmEtMTJiYjQ2MmY0OWRlLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFL9MltjxM64jxPS
h/w9VquOb2aENv1xFZkGrPTJe6Ij/Z1AbKvKfN81dN5F4bLQRMf5IfEt9YOw040d
8wnxLOW5tXQg3p+Oh50nuarQI7VbRQTbr2/DgTCkbfMjpfni74UxA87iekYCXjVM
HjBeDE1kCXgjNXIktw3gE8KZyksXorSIOEhegkbbTgLqHmj8cF03RIgGW8DYahnh
PDnG3YImxoG595CcP/DU3ErBZNc/Rdmcu7t2poFS0+5dm8LL0CpqDjp2ut3cvMn5
Th5feU+WCr0qmhPJFjRKi/N1JLlCsWuB3ic8xoIcwwUeK3JWN3tKwAQowNQPAUx4
TkB1WJM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:31 2023 by rpki-client on console-fra.rpki-client.org