Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/0aa61119-36f7-4a82-9f31-8f33d7832fdc.roa
File: 0aa61119-36f7-4a82-9f31-8f33d7832fdc.roa (raw, json)
Hash identifier: KjZD5W48uoSJF762lDARuRUcfVK2SqunMyksUbZ8PRc=
Subject key identifier: 9D:4D:66:56:81:A4:99:A0:66:B2:0C:B2:28:E2:58:B3:90:AE:A0:D2
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 2FC9C45F24E833929846DB3A0E26EE6B30AB60F3
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/0aa61119-36f7-4a82-9f31-8f33d7832fdc.roa
Signing time: Thu 27 Apr 2023 00:00:00 +0000
ROA not before: Thu 27 Apr 2023 00:00:00 +0000
ROA not after: Sun 30 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:c9:c4:5f:24:e8:33:92:98:46:db:3a:0e:26:ee:6b:30:ab:60:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 27 00:00:00 2023 GMT
Not After : Apr 30 23:59:59 2023 GMT
Subject: serialNumber=7176688077e7e0efc8a4d159c8c5d47a902588c06de16d41ca9be8236a891c98, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:01:a7:79:cd:be:e4:3d:7d:78:4e:1b:6c:
be:bb:70:33:3f:cc:c5:b9:0d:35:ef:21:59:79:3f:
26:6b:a2:93:fd:00:02:ca:ae:b1:f0:d3:b4:a7:61:
b4:7b:13:d2:03:74:ae:18:df:18:49:cb:0f:b4:4c:
03:49:40:45:fc:b7:cf:1d:64:11:90:e0:8d:aa:0b:
86:9c:67:a0:7a:1f:ed:e9:ee:95:1d:a3:2b:49:58:
a3:14:8f:d3:03:db:5b:f1:c2:f5:12:88:e6:c5:fa:
12:2f:fd:65:13:06:83:bb:49:e9:22:9a:96:ca:2b:
3f:1f:f4:47:71:01:c3:86:64:1c:29:a3:b3:4e:bd:
1c:a8:fa:66:d6:f9:1e:0c:a9:b0:e5:1b:be:a8:dc:
32:6d:87:35:37:79:9e:3c:e9:b9:69:df:1e:d3:5c:
cc:9b:31:fe:ab:be:3a:b8:ac:d2:22:84:bc:f8:7a:
81:4e:5d:80:8c:01:2b:c2:d8:eb:a3:b9:c7:23:95:
8b:44:c0:76:d2:09:c9:a8:ac:d8:7d:a5:91:a7:62:
94:89:14:3a:61:15:2f:32:ff:e6:c2:a2:f8:6d:c7:
3a:a8:0f:98:82:85:d4:e5:c0:ea:34:ee:7d:ad:d1:
f7:43:4a:2c:76:aa:55:6e:d3:2a:73:4e:b8:c7:a6:
a8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4D:66:56:81:A4:99:A0:66:B2:0C:B2:28:E2:58:B3:90:AE:A0:D2
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/0aa61119-36f7-4a82-9f31-8f33d7832fdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ee:54:1e:11:87:5c:53:3a:0d:a7:51:19:d4:bf:06:77:87:
c1:48:67:48:6d:5e:0d:d3:7f:ba:0f:5b:c9:4d:bc:38:65:ef:
95:7c:58:fb:72:8a:1c:70:34:ec:85:77:a3:6e:21:84:12:aa:
b3:26:a7:46:84:b1:3a:0e:49:ab:96:60:d6:db:19:e7:6c:f8:
41:94:2e:f3:fd:46:ac:14:84:95:89:4c:c8:c9:f4:2a:4f:db:
19:cc:b5:b2:1c:c3:43:6d:1a:d2:00:d8:6a:92:5a:01:b2:cb:
fd:c4:de:f4:9e:a6:f1:f2:90:5e:38:79:b9:4f:cf:b2:fc:e7:
17:ce:31:05:97:18:a7:8a:af:18:b7:a0:87:10:d0:38:b9:e8:
3e:62:85:cc:f6:67:81:e6:96:78:10:d7:56:45:26:ea:39:03:
3e:a5:4b:72:4a:52:1b:89:46:12:46:c2:44:1c:66:99:ab:57:
56:a7:b6:d3:51:a4:0a:df:6c:8d:f0:33:d5:63:05:49:d0:b5:
f7:e9:76:2f:73:a2:1c:0e:70:72:30:d5:1a:d4:a3:9a:72:8a:
96:5b:ed:4d:cd:a5:4f:e4:5d:c4:0f:ef:9c:c2:d3:30:0d:18:
cc:35:9c:56:c6:2d:1d:78:4d:57:3c:12:af:45:17:13:83:7b:
2a:9d:82:3a
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUL8nEXyToM5KYRts6DibuazCrYPMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDI3MDAwMDAwWhcNMjMwNDMwMjM1OTU5
WjCBpTFJMEcGA1UEBRNANzE3NjY4ODA3N2U3ZTBlZmM4YTRkMTU5YzhjNWQ0N2E5
MDI1ODhjMDZkZTE2ZDQxY2E5YmU4MjM2YTg5MWM5ODEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMAXAad5zb7kPX14ThtsvrtwMz/MxbkNNe8hWXk/Jmuik/0AAsqu
sfDTtKdhtHsT0gN0rhjfGEnLD7RMA0lARfy3zx1kEZDgjaoLhpxnoHof7enulR2j
K0lYoxSP0wPbW/HC9RKI5sX6Ei/9ZRMGg7tJ6SKalsorPx/0R3EBw4ZkHCmjs069
HKj6Ztb5HgypsOUbvqjcMm2HNTd5njzpuWnfHtNczJsx/qu+Oris0iKEvPh6gU5d
gIwBK8LY66O5xyOVi0TAdtIJyais2H2lkadilIkUOmEVLzL/5sKi+G3HOqgPmIKF
1OXA6jTufa3R90NKLHaqVW7TKnNOuMemqCECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSdTWZWgaSZoGayDLIo4lizkK6g0jAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMGFhNjExMTktMzZmNy00YTgyLTlmMzEtOGYzM2Q3ODMyZmRjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACPuVB4Rh1xTOg2n
URnUvwZ3h8FIZ0htXg3Tf7oPW8lNvDhl75V8WPtyihxwNOyFd6NuIYQSqrMmp0aE
sToOSauWYNbbGeds+EGULvP9RqwUhJWJTMjJ9CpP2xnMtbIcw0NtGtIA2GqSWgGy
y/3E3vSepvHykF44eblPz7L85xfOMQWXGKeKrxi3oIcQ0Di56D5ihcz2Z4HmlngQ
11ZFJuo5Az6lS3JKUhuJRhJGwkQcZpmrV1anttNRpArfbI3wM9VjBUnQtffpdi9z
ohwOcHIw1RrUo5pyipZb7U3NpU/kXcQP75zC0zANGMw1nFbGLR14TVc8Eq9FFxOD
eyqdgjo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:31 2023 by rpki-client on console-fra.rpki-client.org