Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1132e3ab-5e8f-4258-ba6a-e764a413accc.roa
File: 1132e3ab-5e8f-4258-ba6a-e764a413accc.roa (raw, json)
Hash identifier: owH6hkvS2JFsvfn7+Dkk4btAOsK4mnnw5cu0rboBef4=
Subject key identifier: 1C:E9:AE:63:8E:35:6F:72:2A:A4:69:77:66:22:D5:78:16:A4:CA:1D
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4D8159D321E44A4FBEE7BA38FB11AA548F766441
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1132e3ab-5e8f-4258-ba6a-e764a413accc.roa
Signing time: Wed 09 Nov 2022 00:00:00 +0000
ROA not before: Wed 09 Nov 2022 00:00:00 +0000
ROA not after: Sat 12 Nov 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:81:59:d3:21:e4:4a:4f:be:e7:ba:38:fb:11:aa:54:8f:76:64:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Nov 9 00:00:00 2022 GMT
Not After : Nov 12 23:59:59 2022 GMT
Subject: serialNumber=00410176411aba523515324b6c4962546f1bf4da419c2e31a5028391606af577, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d2:36:cb:18:03:28:0a:81:99:17:ee:b9:31:
91:1b:60:fe:95:44:e8:74:92:0b:7a:a1:70:73:a8:
8d:92:03:71:1b:01:83:b9:76:55:58:a7:7f:df:c1:
3e:49:5c:ea:14:c7:17:1a:55:94:ba:51:9f:41:89:
44:c4:e7:49:4a:da:95:1b:6f:8d:28:09:e2:67:3a:
78:58:3a:a1:9c:1a:1b:f3:81:19:99:e8:89:ad:79:
00:ef:67:4a:bd:e2:ee:74:3e:13:18:55:0d:37:c8:
66:85:94:7a:2b:d0:c4:d1:25:23:69:b0:b6:69:fa:
fb:24:85:34:8b:87:7d:3b:e7:97:b8:45:19:55:aa:
be:01:3f:77:96:e9:95:77:e0:24:0c:6b:0d:67:b3:
ab:c8:a3:b7:d7:49:08:bf:8c:de:b0:5a:75:a2:f1:
6c:91:d8:a4:11:c4:e9:3f:90:25:f1:6f:3b:bc:fa:
d7:4d:c7:84:f1:ad:23:bc:e6:23:a2:9c:0b:4e:fa:
25:8b:f1:bb:1f:6e:f4:13:3d:ed:66:01:a9:41:97:
a8:de:5e:e8:f4:90:89:9e:60:3e:81:12:b6:97:6e:
15:60:d5:f4:44:cd:e0:1e:5f:dc:67:61:9a:b1:58:
33:4d:29:17:a1:37:b6:31:74:b3:8e:90:3b:3d:cd:
78:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E9:AE:63:8E:35:6F:72:2A:A4:69:77:66:22:D5:78:16:A4:CA:1D
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1132e3ab-5e8f-4258-ba6a-e764a413accc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
20:40:e6:4f:28:d6:4e:48:bf:98:62:23:e5:65:f5:7c:a8:52:
11:eb:cc:0b:0a:2a:52:2e:2b:9c:6e:c4:60:a9:12:17:40:47:
dd:8b:a9:b8:29:cc:44:17:8f:06:bc:80:12:a3:1a:f4:e2:ea:
46:ff:c8:1f:d4:97:cb:73:34:ae:0d:1e:d4:da:ed:06:54:06:
d7:fa:be:32:3d:e6:3c:8e:cd:89:86:56:c0:3f:a8:48:4a:31:
af:c5:5b:cf:89:ef:f2:49:16:c8:ee:97:c4:e4:50:be:53:a7:
7e:34:0d:02:0c:00:18:91:0d:3d:f0:e9:e2:91:0d:83:ec:4d:
de:8b:c3:d8:75:2f:b5:ee:5d:53:90:af:6d:54:e7:c7:51:52:
02:c0:97:32:76:a1:e3:02:ba:18:77:4c:14:95:08:ea:78:c7:
2f:c2:12:b9:a5:8c:ae:65:2e:a1:2f:38:e8:f8:bf:38:17:8a:
e7:31:21:63:c1:31:5d:8a:85:c4:e8:fa:aa:d6:d7:bf:9f:a1:
28:19:ca:4f:e9:68:c0:06:b7:e2:71:83:69:14:f4:f6:c9:d9:
c0:01:5b:ad:70:1c:9c:47:9f:62:e3:0b:3c:7b:86:5e:e6:7c:
62:e4:02:7b:a6:2c:e7:5b:34:cc:86:a3:d6:9f:4d:df:f8:43:
f9:6f:ad:28
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUTYFZ0yHkSk++57o4+xGqVI92ZEEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIxMTA5MDAwMDAwWhcNMjIxMTEyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMDA0MTAxNzY0MTFhYmE1MjM1MTUzMjRiNmM0OTYyNTQ2
ZjFiZjRkYTQxOWMyZTMxYTUwMjgzOTE2MDZhZjU3NzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALzSNssYAygKgZkX7rkxkRtg/pVE6HSSC3qhcHOojZIDcRsBg7l2
VVinf9/BPklc6hTHFxpVlLpRn0GJRMTnSUralRtvjSgJ4mc6eFg6oZwaG/OBGZno
ia15AO9nSr3i7nQ+ExhVDTfIZoWUeivQxNElI2mwtmn6+ySFNIuHfTvnl7hFGVWq
vgE/d5bplXfgJAxrDWezq8ijt9dJCL+M3rBadaLxbJHYpBHE6T+QJfFvO7z6103H
hPGtI7zmI6KcC076JYvxux9u9BM97WYBqUGXqN5e6PSQiZ5gPoEStpduFWDV9ETN
4B5f3GdhmrFYM00pF6E3tjF0s46QOz3NeF8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQc6a5jjjVvciqkaXdmItV4FqTKHTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMTEzMmUzYWItNWU4Zi00MjU4LWJhNmEtZTc2NGE0MTNhY2NjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACBA5k8o1k5Iv5hi
I+Vl9XyoUhHrzAsKKlIuK5xuxGCpEhdAR92LqbgpzEQXjwa8gBKjGvTi6kb/yB/U
l8tzNK4NHtTa7QZUBtf6vjI95jyOzYmGVsA/qEhKMa/FW8+J7/JJFsjul8TkUL5T
p340DQIMABiRDT3w6eKRDYPsTd6Lw9h1L7XuXVOQr21U58dRUgLAlzJ2oeMCuhh3
TBSVCOp4xy/CErmljK5lLqEvOOj4vzgXiucxIWPBMV2KhcTo+qrW17+foSgZyk/p
aMAGt+Jxg2kU9PbJ2cABW61wHJxHn2LjCzx7hl7mfGLkAnumLOdbNMyGo9afTd/4
Q/lvrSg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:31 2023 by rpki-client on console-fra.rpki-client.org