Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/10c69035-514b-422c-b54f-49a29c5fcc63.roa
File: 10c69035-514b-422c-b54f-49a29c5fcc63.roa (raw, json)
Hash identifier: B/TOyGFvFSPh135uFALU5iAiJoPciO+X79fGpU+TJOA=
Subject key identifier: 82:EA:81:06:17:92:B6:8F:F6:09:0E:E6:1E:03:A9:ED:9A:63:64:24
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 420C16E08A8242815A104BF6BBCC0F583D2C8AD7
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/10c69035-514b-422c-b54f-49a29c5fcc63.roa
Signing time: Mon 29 May 2023 00:00:00 +0000
ROA not before: Mon 29 May 2023 00:00:00 +0000
ROA not after: Thu 01 Jun 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:0c:16:e0:8a:82:42:81:5a:10:4b:f6:bb:cc:0f:58:3d:2c:8a:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 29 00:00:00 2023 GMT
Not After : Jun 1 23:59:59 2023 GMT
Subject: serialNumber=5da91e6879339858fee5ca02af1497606b9516d418c5f420fc355cc21c88d5a6, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:23:29:7f:79:8c:d7:3d:f8:45:4f:92:c9:1a:
40:19:03:95:07:25:22:23:1a:02:e0:55:22:d4:12:
98:3f:4b:59:33:14:20:6c:e0:8c:81:ef:6b:a1:fd:
3f:31:95:91:97:e5:90:20:ea:3b:5b:25:28:5b:e3:
6c:6f:40:62:33:70:00:7c:98:b5:1d:a8:3d:76:9c:
50:3f:90:18:1a:49:a6:f5:95:6b:fc:57:a6:5a:61:
1e:68:bb:81:ba:38:57:ff:a1:52:41:15:17:79:e8:
8c:5c:28:79:cf:ce:e3:74:5f:ea:a9:77:03:04:a2:
61:7c:ae:56:08:b4:e5:23:93:2c:fd:94:f9:67:d2:
c3:d6:76:df:ef:35:30:ee:0a:6b:4c:71:13:49:f0:
bf:23:d7:ae:4d:9d:79:75:d9:4e:46:77:53:c6:95:
fa:87:f3:06:14:ff:eb:ee:26:96:f8:31:d3:41:53:
85:39:e0:c7:e7:60:a1:ab:9f:a9:17:30:c4:20:59:
e5:9b:36:44:91:d0:f2:cf:07:94:9a:b1:1f:ba:33:
7a:a3:26:6e:3e:d8:da:57:13:da:3e:51:86:1b:2d:
bf:58:06:54:71:93:d3:47:5a:53:b7:e4:d3:66:35:
42:5f:1b:dc:99:20:d1:93:68:f6:50:d8:6d:79:54:
94:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:EA:81:06:17:92:B6:8F:F6:09:0E:E6:1E:03:A9:ED:9A:63:64:24
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/10c69035-514b-422c-b54f-49a29c5fcc63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
11:92:31:24:85:8d:ca:2a:dc:cc:11:80:5c:c9:14:ae:a4:fe:
19:14:49:28:f1:98:c4:68:af:ad:ff:fd:c4:b4:f2:d0:a8:f4:
6f:69:dd:53:56:00:f9:c3:47:5e:e5:73:a9:46:65:71:95:ad:
4b:06:d0:9d:3c:ce:ed:75:e3:f0:61:3a:10:d0:dc:f0:75:df:
8c:2e:54:7d:33:f5:93:dd:c0:34:a1:a2:45:85:24:49:9b:1c:
58:bc:cd:5f:66:09:2c:41:b2:6b:af:ce:c2:73:44:38:dd:ea:
94:b2:71:c3:3a:de:97:9b:2f:74:bc:73:76:42:39:7c:03:b8:
a2:2e:b4:d5:ee:07:44:7c:0e:73:32:5e:fe:e5:fa:82:79:84:
27:00:7b:f8:0e:0d:1d:7a:28:d1:af:2c:45:31:7e:69:62:6c:
d0:13:ee:78:96:28:f2:2a:57:6a:33:c3:ae:4b:bd:7b:d6:e5:
52:86:af:31:85:86:ca:2c:56:ed:f7:84:7a:6a:70:1f:90:99:
47:cd:bb:b0:0f:4d:b1:66:7e:b3:fc:f5:84:c5:7b:93:93:a7:
b6:52:0b:ac:57:6c:44:59:c0:a7:a1:cc:54:7a:2c:2e:9d:4a:
fa:f5:93:53:71:d1:01:27:d8:62:63:62:b7:e2:ea:e3:8b:3b:
bf:1e:1c:09
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUQgwW4IqCQoFaEEv2u8wPWD0sitcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTI5MDAwMDAwWhcNMjMwNjAxMjM1OTU5
WjCBpTFJMEcGA1UEBRNANWRhOTFlNjg3OTMzOTg1OGZlZTVjYTAyYWYxNDk3NjA2
Yjk1MTZkNDE4YzVmNDIwZmMzNTVjYzIxYzg4ZDVhNjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJMjKX95jNc9+EVPkskaQBkDlQclIiMaAuBVItQSmD9LWTMUIGzg
jIHva6H9PzGVkZflkCDqO1slKFvjbG9AYjNwAHyYtR2oPXacUD+QGBpJpvWVa/xX
plphHmi7gbo4V/+hUkEVF3nojFwoec/O43Rf6ql3AwSiYXyuVgi05SOTLP2U+WfS
w9Z23+81MO4Ka0xxE0nwvyPXrk2deXXZTkZ3U8aV+ofzBhT/6+4mlvgx00FThTng
x+dgoaufqRcwxCBZ5Zs2RJHQ8s8HlJqxH7ozeqMmbj7Y2lcT2j5Rhhstv1gGVHGT
00daU7fk02Y1Ql8b3Jkg0ZNo9lDYbXlUlB8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSC6oEGF5K2j/YJDuYeA6ntmmNkJDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMTBjNjkwMzUtNTE0Yi00MjJjLWI1NGYtNDlhMjljNWZjYzYzLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABGSMSSFjcoq3MwR
gFzJFK6k/hkUSSjxmMRor63//cS08tCo9G9p3VNWAPnDR17lc6lGZXGVrUsG0J08
zu114/BhOhDQ3PB134wuVH0z9ZPdwDShokWFJEmbHFi8zV9mCSxBsmuvzsJzRDjd
6pSyccM63pebL3S8c3ZCOXwDuKIutNXuB0R8DnMyXv7l+oJ5hCcAe/gODR16KNGv
LEUxfmlibNAT7niWKPIqV2ozw65LvXvW5VKGrzGFhsosVu33hHpqcB+QmUfNu7AP
TbFmfrP89YTFe5OTp7ZSC6xXbERZwKehzFR6LC6dSvr1k1Nx0QEn2GJjYrfi6uOL
O78eHAk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:31 2023 by rpki-client on console-fra.rpki-client.org