Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/153f2951-c746-4dca-a801-49a3d237caa2.roa
File: 153f2951-c746-4dca-a801-49a3d237caa2.roa (raw, json)
Hash identifier: axu1/bJaxhkMSMJzDeMSNGlCaz7oKQpMKJZrtUc1Q/M=
Subject key identifier: 89:9C:1A:94:47:F2:02:F5:1F:5A:92:03:33:AA:8B:4B:0C:B6:8A:50
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 255F2F930FAFAEB475013F5E0A918CF58F9E48F6
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/153f2951-c746-4dca-a801-49a3d237caa2.roa
Signing time: Wed 19 Apr 2023 00:00:00 +0000
ROA not before: Wed 19 Apr 2023 00:00:00 +0000
ROA not after: Sat 22 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:5f:2f:93:0f:af:ae:b4:75:01:3f:5e:0a:91:8c:f5:8f:9e:48:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 19 00:00:00 2023 GMT
Not After : Apr 22 23:59:59 2023 GMT
Subject: serialNumber=dd6e4c278f727c7fc5aad13f308753670ade3ea4b72c93f62ef7b35c9dd13107, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1f:1b:2c:8c:0b:ee:a0:04:30:b5:14:6e:67:
5f:a9:4f:e9:6b:84:2b:fd:89:72:b3:15:6d:49:9d:
d6:72:d9:e2:97:64:e6:79:12:d4:bd:6f:e6:c9:1d:
37:f3:6b:7a:ca:47:8b:e8:a8:cb:6e:9f:21:bd:4a:
1e:0a:77:c4:f5:5e:01:ea:3f:42:c6:a6:c7:49:09:
78:27:b3:80:01:75:7f:fd:a5:7a:ff:7e:ea:72:b9:
22:f0:7d:e0:03:47:a0:37:32:ec:39:68:3d:5b:51:
90:1d:9f:1f:25:60:1b:54:f7:01:0c:f5:a0:bc:88:
20:60:78:b2:bf:f2:98:b0:2d:c5:30:8b:29:89:40:
18:67:6b:15:bb:0d:74:c4:f7:35:76:3f:30:0b:0d:
89:26:0d:55:3e:70:ef:93:ac:a3:d1:74:c4:a8:c8:
5e:56:78:4b:c2:f5:6b:69:92:9d:81:20:d8:7d:92:
3d:48:0e:f7:36:ac:bb:02:af:d9:30:38:07:ee:43:
c0:1d:59:45:2c:64:0a:3e:82:40:e7:4f:9c:79:76:
3c:21:b4:e6:73:93:43:94:84:6a:79:a8:5f:bb:b9:
2d:ef:e8:7d:3d:5e:b1:b5:7c:18:5b:e4:ff:b0:0a:
82:5b:e3:3d:79:28:03:30:06:9b:d9:c7:da:f5:3d:
71:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9C:1A:94:47:F2:02:F5:1F:5A:92:03:33:AA:8B:4B:0C:B6:8A:50
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/153f2951-c746-4dca-a801-49a3d237caa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:8f:7d:c1:e0:0d:c7:21:41:6d:e5:4f:62:f8:db:0d:8f:39:
a4:1b:37:fc:42:27:bd:39:cd:bc:01:53:9f:de:6f:de:c1:a3:
a3:12:57:44:47:8b:42:0b:e3:8d:dc:ff:bd:8d:9a:0a:19:9a:
a7:61:e9:cd:96:bf:aa:4b:bb:e5:f5:99:11:f8:2a:c8:39:52:
6c:3e:4b:df:18:89:7d:2b:3a:d2:4d:d9:f8:c6:54:be:4a:9c:
78:8b:9e:dc:71:42:2b:25:2f:43:ff:74:ff:81:ba:0b:8e:e5:
16:ef:e5:f4:bf:4f:c8:77:99:f7:e5:9f:d7:e6:b1:ff:43:bc:
11:95:18:d6:17:77:c7:4b:fa:ac:77:62:82:50:23:91:0d:e7:
02:a8:6e:87:18:9e:76:af:31:e2:26:17:38:fe:ff:1f:06:84:
0c:7e:c9:74:03:59:3b:30:61:d6:28:f8:19:4a:9d:81:37:36:
8a:3c:0a:95:01:bb:81:6d:59:a9:1a:66:87:bb:cb:47:95:14:
14:c2:34:34:5a:bc:ef:b3:31:df:ce:26:6b:c1:d4:09:6e:b5:
9e:a7:62:67:d7:65:ad:14:63:c2:5e:32:8e:27:31:25:6c:35:
cb:aa:be:a7:a6:52:69:e5:70:79:88:ec:ff:ac:12:a0:1f:2d:
82:05:13:ed
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUJV8vkw+vrrR1AT9eCpGM9Y+eSPYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDE5MDAwMDAwWhcNMjMwNDIyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZGQ2ZTRjMjc4ZjcyN2M3ZmM1YWFkMTNmMzA4NzUzNjcw
YWRlM2VhNGI3MmM5M2Y2MmVmN2IzNWM5ZGQxMzEwNzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJYfGyyMC+6gBDC1FG5nX6lP6WuEK/2JcrMVbUmd1nLZ4pdk5nkS
1L1v5skdN/NrespHi+ioy26fIb1KHgp3xPVeAeo/Qsamx0kJeCezgAF1f/2lev9+
6nK5IvB94ANHoDcy7DloPVtRkB2fHyVgG1T3AQz1oLyIIGB4sr/ymLAtxTCLKYlA
GGdrFbsNdMT3NXY/MAsNiSYNVT5w75Oso9F0xKjIXlZ4S8L1a2mSnYEg2H2SPUgO
9zasuwKv2TA4B+5DwB1ZRSxkCj6CQOdPnHl2PCG05nOTQ5SEanmoX7u5Le/ofT1e
sbV8GFvk/7AKglvjPXkoAzAGm9nH2vU9cdMCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSJnBqUR/IC9R9akgMzqotLDLaKUDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMTUzZjI5NTEtYzc0Ni00ZGNhLWE4MDEtNDlhM2QyMzdjYWEyLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAMaPfcHgDcchQW3l
T2L42w2POaQbN/xCJ705zbwBU5/eb97Bo6MSV0RHi0IL443c/72NmgoZmqdh6c2W
v6pLu+X1mRH4Ksg5Umw+S98YiX0rOtJN2fjGVL5KnHiLntxxQislL0P/dP+BuguO
5Rbv5fS/T8h3mffln9fmsf9DvBGVGNYXd8dL+qx3YoJQI5EN5wKobocYnnavMeIm
Fzj+/x8GhAx+yXQDWTswYdYo+BlKnYE3Noo8CpUBu4FtWakaZoe7y0eVFBTCNDRa
vO+zMd/OJmvB1AlutZ6nYmfXZa0UY8JeMo4nMSVsNcuqvqemUmnlcHmI7P+sEqAf
LYIFE+0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:37 2023 by rpki-client on console-ams.rpki-client.org