Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/14261a85-c1e1-48a4-99e3-ec36b2767286.roa
File: 14261a85-c1e1-48a4-99e3-ec36b2767286.roa (raw, json)
Hash identifier: ApAOty3XFhUUnR3gxby05ZFFksB6LOVB2cRt7tQF0Yc=
Subject key identifier: CE:29:88:AE:01:C9:E1:16:1C:28:1B:08:8A:4A:1F:CE:9A:2F:A7:2C
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 5E7AC674B971A22812ADABB553CD3E418C1390D6
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/14261a85-c1e1-48a4-99e3-ec36b2767286.roa
Signing time: Sun 26 Mar 2023 00:00:00 +0000
ROA not before: Sun 26 Mar 2023 00:00:00 +0000
ROA not after: Wed 29 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:7a:c6:74:b9:71:a2:28:12:ad:ab:b5:53:cd:3e:41:8c:13:90:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 26 00:00:00 2023 GMT
Not After : Mar 29 23:59:59 2023 GMT
Subject: serialNumber=a6e232169f2250324b66e162688b7f8aa2ead7651b5be0fe0b814e655cc6e04f, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e5:cd:47:40:04:ef:16:7a:ed:84:56:c7:34:
c2:32:c1:0d:75:22:06:81:72:23:86:4e:ec:61:0b:
cd:c7:31:c6:79:41:c3:7d:28:ac:3a:a6:8d:7b:0f:
07:e5:5f:c2:27:3d:f7:44:51:3a:6c:1f:50:71:15:
e1:89:fa:27:b7:c4:4e:bd:3a:5c:4a:07:1a:54:69:
5c:f1:f1:f1:7f:2a:c7:09:cf:b2:20:cc:50:9c:7b:
7c:c6:a6:cb:dc:42:66:0c:69:9e:b1:41:c8:02:5c:
ea:f7:0a:72:7b:83:1e:59:d3:5f:5c:f0:8b:c7:a5:
49:15:b0:8f:e7:ff:8b:3c:2c:14:1b:7e:94:9a:6d:
54:bf:14:0d:13:0f:31:f5:63:4f:11:1d:09:50:c4:
94:45:c7:fb:f8:1a:7d:2f:70:70:5d:7c:f8:cf:57:
b6:8d:11:f1:e2:a0:5a:06:46:7b:7c:b4:13:b0:a4:
f6:a7:a5:d7:ce:80:7d:b1:2e:1a:c2:7d:21:50:56:
db:80:84:5f:df:63:e6:12:d0:f4:6f:36:20:49:3c:
3d:14:99:58:ad:e7:38:cc:2a:5f:d3:33:48:29:4c:
01:00:00:df:b0:ae:64:b2:68:9b:ea:5d:4d:d0:07:
b8:48:ce:7c:90:18:4c:c5:d7:c8:ca:70:88:f2:ca:
b7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:29:88:AE:01:C9:E1:16:1C:28:1B:08:8A:4A:1F:CE:9A:2F:A7:2C
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/14261a85-c1e1-48a4-99e3-ec36b2767286.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
05:35:68:af:ed:bb:80:57:27:ab:fc:96:41:93:89:24:ee:ed:
43:12:5c:9b:a8:a7:0a:34:82:7e:ab:65:6b:60:86:0e:3c:79:
73:ae:a4:15:8b:50:03:84:80:9f:d0:c6:c7:ca:de:b4:3c:98:
46:8d:c9:e8:2b:fe:f1:a6:a9:31:fb:0e:66:36:50:8a:65:ec:
77:9b:18:2a:90:05:70:36:52:e5:f4:85:1a:7f:9c:02:d2:c3:
a0:f9:b0:82:50:c0:08:bb:90:b4:36:cf:d3:f6:08:fa:b8:48:
23:45:a8:5e:a8:15:f1:0f:ff:f7:94:5d:f9:41:1f:4b:13:93:
a6:b3:1c:bd:92:2b:ea:17:4e:04:bc:47:7d:3b:70:f3:0a:72:
e5:4e:4b:a6:72:a2:65:91:03:e9:3a:33:c5:d7:0e:82:ca:b3:
e3:e4:95:ba:73:05:18:e5:a2:78:fd:70:74:11:55:c0:95:68:
c3:47:c4:15:0a:05:89:d1:e9:8b:1d:b3:36:f6:cf:f2:fc:af:
04:d5:22:39:d8:59:c0:37:3f:ab:ae:1d:b4:c1:03:5c:00:9c:
89:dc:bd:68:0b:d9:18:74:6c:67:b6:ef:ee:2f:db:7f:57:98:
9f:4b:2f:41:2f:02:8a:af:25:c6:69:20:d1:ca:06:a0:31:03:
35:38:2f:f3
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUXnrGdLlxoigSrau1U80+QYwTkNYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzI2MDAwMDAwWhcNMjMwMzI5MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYTZlMjMyMTY5ZjIyNTAzMjRiNjZlMTYyNjg4YjdmOGFh
MmVhZDc2NTFiNWJlMGZlMGI4MTRlNjU1Y2M2ZTA0ZjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAIrlzUdABO8Weu2EVsc0wjLBDXUiBoFyI4ZO7GELzccxxnlBw30o
rDqmjXsPB+Vfwic990RROmwfUHEV4Yn6J7fETr06XEoHGlRpXPHx8X8qxwnPsiDM
UJx7fMamy9xCZgxpnrFByAJc6vcKcnuDHlnTX1zwi8elSRWwj+f/izwsFBt+lJpt
VL8UDRMPMfVjTxEdCVDElEXH+/gafS9wcF18+M9Xto0R8eKgWgZGe3y0E7Ck9qel
186AfbEuGsJ9IVBW24CEX99j5hLQ9G82IEk8PRSZWK3nOMwqX9MzSClMAQAA37Cu
ZLJom+pdTdAHuEjOfJAYTMXXyMpwiPLKtx8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTOKYiuAcnhFhwoGwiKSh/Omi+nLDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMTQyNjFhODUtYzFlMS00OGE0LTk5ZTMtZWMzNmIyNzY3Mjg2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAU1aK/tu4BXJ6v8
lkGTiSTu7UMSXJuopwo0gn6rZWtghg48eXOupBWLUAOEgJ/QxsfK3rQ8mEaNyegr
/vGmqTH7DmY2UIpl7HebGCqQBXA2UuX0hRp/nALSw6D5sIJQwAi7kLQ2z9P2CPq4
SCNFqF6oFfEP//eUXflBH0sTk6azHL2SK+oXTgS8R307cPMKcuVOS6ZyomWRA+k6
M8XXDoLKs+PklbpzBRjlonj9cHQRVcCVaMNHxBUKBYnR6Ysdszb2z/L8rwTVIjnY
WcA3P6uuHbTBA1wAnIncvWgL2Rh0bGe27+4v239XmJ9LL0EvAoqvJcZpINHKBqAx
AzU4L/M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:37 2023 by rpki-client on console-ams.rpki-client.org