Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/084e9298-285a-4bf9-82c7-46acc865635e.roa
File: 084e9298-285a-4bf9-82c7-46acc865635e.roa (raw, json)
Hash identifier: WSmM9Hp1pFUW2DJGgj/IrPoasHWVJFZnP1rWr7ZfPdw=
Subject key identifier: C2:54:14:8B:05:60:18:19:24:97:B2:68:EE:E3:E9:E5:D2:95:B3:6E
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 1AB757018C487376B9FBCFAC32B424A9397AEF43
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/084e9298-285a-4bf9-82c7-46acc865635e.roa
Signing time: Wed 26 Apr 2023 00:00:00 +0000
ROA not before: Wed 26 Apr 2023 00:00:00 +0000
ROA not after: Sat 29 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:b7:57:01:8c:48:73:76:b9:fb:cf:ac:32:b4:24:a9:39:7a:ef:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 26 00:00:00 2023 GMT
Not After : Apr 29 23:59:59 2023 GMT
Subject: serialNumber=e7a2d1fc3d6c30f3e716fe39637a4350f0d6103d812ef586eb35727dcf6ff632, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:6e:19:1d:12:d8:fa:bd:41:5b:46:a4:05:14:
2f:78:2e:71:41:19:8a:ab:82:9b:c2:83:03:81:c9:
6d:d9:d1:51:29:0d:5a:e6:61:c7:de:53:d2:80:b9:
45:02:70:5e:12:22:7d:9f:97:51:a5:6b:05:81:ae:
30:be:d7:da:9a:9a:9e:ed:94:27:c8:49:0a:f2:c5:
ce:21:8c:08:dd:25:2e:27:52:01:fd:6e:b4:27:9c:
5b:2d:06:06:c3:1a:bf:29:32:97:2c:ff:60:e6:62:
fe:0e:79:15:82:cb:7b:90:ea:8e:1d:94:8d:42:bb:
bd:30:61:ff:05:64:04:05:03:85:61:53:fb:e0:c2:
c0:6e:06:e6:09:f9:2d:06:25:f8:d4:59:aa:d3:be:
e9:63:cf:47:ac:79:01:4d:02:96:27:af:5e:48:1a:
22:83:05:8e:48:9e:64:5f:62:99:fa:8f:c6:92:5a:
75:82:7b:5c:93:3e:ce:7f:24:a5:8a:9d:84:20:f4:
15:d9:17:b8:14:13:d5:00:cf:3b:d6:58:bf:4b:9f:
3b:32:e2:b2:5c:05:a0:f0:cb:ae:ef:39:18:59:50:
5f:12:8f:52:21:4d:6b:c2:5a:e5:19:b9:3a:68:6f:
0e:2d:12:9f:99:bc:74:f2:f1:07:50:4c:c5:83:27:
a9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:54:14:8B:05:60:18:19:24:97:B2:68:EE:E3:E9:E5:D2:95:B3:6E
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/084e9298-285a-4bf9-82c7-46acc865635e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:01:05:82:c9:87:85:d7:17:e6:38:9a:73:f8:e1:f5:76:41:
2d:53:6c:5a:2c:20:44:6c:9c:4e:ef:c3:b3:52:2c:10:cb:34:
38:5b:c9:4a:75:f3:59:03:b9:4f:3c:17:4f:05:c7:43:6c:3b:
50:cb:b6:52:bc:4e:ec:64:9d:f1:d8:3c:ad:24:7b:e0:84:92:
62:aa:33:2f:bb:cc:6f:b2:88:90:ba:e7:83:88:ef:58:f2:66:
f7:82:f9:8e:fb:51:cd:f3:06:84:89:ec:dc:e0:cd:a6:dd:7e:
a0:2d:87:97:13:74:ad:8d:dc:2b:5e:fb:db:35:19:ca:d4:44:
24:ab:2a:0c:8a:b3:dd:24:47:6a:ed:5e:0d:35:49:4d:54:0b:
26:73:95:e7:73:2f:ae:37:f1:62:1d:30:f9:b8:d5:b5:7f:d4:
d6:57:b8:77:76:e8:07:9a:3e:dc:2b:0d:3c:de:7f:0e:0e:71:
a2:b2:42:a2:97:04:8d:1b:5a:c5:7f:bc:15:09:97:e8:0c:4b:
32:e1:dd:e1:9c:aa:21:62:f1:c5:8d:04:eb:91:32:f1:64:71:
67:1f:de:53:03:e1:5c:62:91:54:ca:33:42:df:da:02:68:46:
96:6f:46:ea:18:7c:9f:d1:df:f3:4e:d0:91:cf:07:73:9c:0c:
3b:f7:74:16
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUGrdXAYxIc3a5+8+sMrQkqTl670MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDI2MDAwMDAwWhcNMjMwNDI5MjM1OTU5
WjCBpTFJMEcGA1UEBRNAZTdhMmQxZmMzZDZjMzBmM2U3MTZmZTM5NjM3YTQzNTBm
MGQ2MTAzZDgxMmVmNTg2ZWIzNTcyN2RjZjZmZjYzMjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPduGR0S2Pq9QVtGpAUUL3gucUEZiquCm8KDA4HJbdnRUSkNWuZh
x95T0oC5RQJwXhIifZ+XUaVrBYGuML7X2pqanu2UJ8hJCvLFziGMCN0lLidSAf1u
tCecWy0GBsMavykylyz/YOZi/g55FYLLe5Dqjh2UjUK7vTBh/wVkBAUDhWFT++DC
wG4G5gn5LQYl+NRZqtO+6WPPR6x5AU0ClievXkgaIoMFjkieZF9imfqPxpJadYJ7
XJM+zn8kpYqdhCD0FdkXuBQT1QDPO9ZYv0ufOzLislwFoPDLru85GFlQXxKPUiFN
a8Ja5Rm5OmhvDi0Sn5m8dPLxB1BMxYMnqcECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTCVBSLBWAYGSSXsmju4+nl0pWzbjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMDg0ZTkyOTgtMjg1YS00YmY5LTgyYzctNDZhY2M4NjU2MzVlLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKIBBYLJh4XXF+Y4
mnP44fV2QS1TbFosIERsnE7vw7NSLBDLNDhbyUp181kDuU88F08Fx0NsO1DLtlK8
TuxknfHYPK0ke+CEkmKqMy+7zG+yiJC654OI71jyZveC+Y77Uc3zBoSJ7Nzgzabd
fqAth5cTdK2N3Cte+9s1GcrURCSrKgyKs90kR2rtXg01SU1UCyZzledzL6438WId
MPm41bV/1NZXuHd26AeaPtwrDTzefw4OcaKyQqKXBI0bWsV/vBUJl+gMSzLh3eGc
qiFi8cWNBOuRMvFkcWcf3lMD4VxikVTKM0Lf2gJoRpZvRuoYfJ/R3/NO0JHPB3Oc
DDv3dBY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:31 2023 by rpki-client on console-fra.rpki-client.org