Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1a5753a2-d222-4816-97f4-0292b1297bf5.roa
File: 1a5753a2-d222-4816-97f4-0292b1297bf5.roa (raw, json)
Hash identifier: g+jOf0kNXT7igC/CweUnp4GKamKTjtigD2kCaNUeqcc=
Subject key identifier: 13:90:55:18:CC:23:4C:DD:76:5B:23:C5:23:D5:B9:50:83:91:6B:1A
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 02AF56C5725406DF372FE0B2AAF1DA8B8774A6AD
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1a5753a2-d222-4816-97f4-0292b1297bf5.roa
Signing time: Thu 13 Apr 2023 00:00:00 +0000
ROA not before: Thu 13 Apr 2023 00:00:00 +0000
ROA not after: Sun 16 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:af:56:c5:72:54:06:df:37:2f:e0:b2:aa:f1:da:8b:87:74:a6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 13 00:00:00 2023 GMT
Not After : Apr 16 23:59:59 2023 GMT
Subject: serialNumber=5e720bc66e357adc73ff12415b90d20226d470ee3e663dda9f21a75fa7697dfe, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c7:d7:a6:af:38:e6:47:9a:8f:ba:e6:f3:cf:
62:af:f5:1e:4a:a0:66:0b:5f:56:66:7a:93:88:ea:
66:1f:61:c5:b0:75:96:19:e3:24:9a:62:3a:12:a1:
23:f9:05:c2:4b:14:e3:0c:4b:f0:78:40:26:11:7f:
d1:23:ee:9e:94:4c:ed:d2:ea:52:3d:01:7a:1c:f8:
a8:60:21:11:2d:33:a4:a9:9e:e5:af:1d:0e:8c:29:
c8:e8:f2:9d:8f:e0:6c:6a:c0:d9:c6:f0:25:25:d7:
cc:5a:cf:2f:53:51:d2:4a:3a:81:f3:0e:6d:23:f6:
6c:03:a5:0e:e0:2f:c3:a5:6d:65:ef:c1:03:8f:62:
86:6c:f2:a7:be:cd:fd:9b:4c:6c:d8:5f:2a:94:99:
a6:a2:50:24:41:34:c2:6e:71:06:c0:bd:1d:bf:1d:
6c:25:ac:b4:d2:87:f5:4c:8f:a6:24:a0:35:f4:0f:
ee:89:af:38:c8:08:76:4e:04:c9:85:2c:0a:ae:33:
08:4b:d8:b4:7f:99:87:65:de:31:58:2d:a0:a1:66:
6c:f3:e9:41:f6:a2:c1:ce:69:e7:70:01:e5:cd:42:
cc:9e:c3:d1:19:4a:b7:5c:d5:12:4b:44:31:6a:ee:
e2:9b:b6:5a:fe:f4:e8:c1:72:ba:b4:da:16:19:06:
46:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:90:55:18:CC:23:4C:DD:76:5B:23:C5:23:D5:B9:50:83:91:6B:1A
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1a5753a2-d222-4816-97f4-0292b1297bf5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
76:2c:20:b6:91:eb:3c:dd:8d:43:37:d1:27:ba:4e:8b:bc:05:
0a:e4:37:82:e6:56:9a:04:d9:8a:e6:17:ef:7f:92:6c:09:ee:
89:6f:f5:8f:1b:a8:e4:d9:78:f5:44:41:ad:3b:95:e0:a3:88:
25:bd:97:e0:4b:9f:18:fe:ec:16:d8:3e:ac:98:8f:82:ca:e5:
8f:c3:42:86:3e:63:d9:31:92:66:06:1c:51:7d:6f:0d:70:09:
e1:98:10:1c:c7:33:e3:ea:d7:d0:ea:81:52:05:ae:5d:82:ca:
6d:c3:4e:43:c7:ea:4b:8e:6e:95:3c:87:43:91:06:87:3f:01:
35:8f:ea:cf:04:0b:2e:be:da:07:5f:30:dd:b5:da:ec:13:23:
a0:41:69:5e:e4:82:e7:a5:df:0e:4e:0c:33:4b:d9:ea:ed:83:
3c:0e:af:57:fd:e8:0c:f0:f5:3d:63:65:14:c8:6e:60:85:2f:
fb:0e:ed:a8:8b:49:f9:b4:4a:9a:a3:7c:5f:3e:fe:fc:78:4c:
d5:42:ee:66:02:58:5e:77:21:95:6e:31:32:00:ab:2e:e8:03:
e2:1e:04:a3:83:a9:1e:5f:9d:89:fb:f5:1a:6b:89:da:8c:5b:
18:cc:07:32:af:04:10:78:06:de:06:0b:9d:67:e9:d3:24:ef:
a6:c9:f0:a6
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUAq9WxXJUBt83L+CyqvHai4d0pq0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDEzMDAwMDAwWhcNMjMwNDE2MjM1OTU5
WjCBpTFJMEcGA1UEBRNANWU3MjBiYzY2ZTM1N2FkYzczZmYxMjQxNWI5MGQyMDIy
NmQ0NzBlZTNlNjYzZGRhOWYyMWE3NWZhNzY5N2RmZTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOzH16avOOZHmo+65vPPYq/1HkqgZgtfVmZ6k4jqZh9hxbB1lhnj
JJpiOhKhI/kFwksU4wxL8HhAJhF/0SPunpRM7dLqUj0Behz4qGAhES0zpKme5a8d
DowpyOjynY/gbGrA2cbwJSXXzFrPL1NR0ko6gfMObSP2bAOlDuAvw6VtZe/BA49i
hmzyp77N/ZtMbNhfKpSZpqJQJEE0wm5xBsC9Hb8dbCWstNKH9UyPpiSgNfQP7omv
OMgIdk4EyYUsCq4zCEvYtH+Zh2XeMVgtoKFmbPPpQfaiwc5p53AB5c1CzJ7D0RlK
t1zVEktEMWru4pu2Wv706MFyurTaFhkGRusCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQTkFUYzCNM3XZbI8Uj1blQg5FrGjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMWE1NzUzYTItZDIyMi00ODE2LTk3ZjQtMDI5MmIxMjk3YmY1LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHYsILaR6zzdjUM3
0Se6Tou8BQrkN4LmVpoE2YrmF+9/kmwJ7olv9Y8bqOTZePVEQa07leCjiCW9l+BL
nxj+7BbYPqyYj4LK5Y/DQoY+Y9kxkmYGHFF9bw1wCeGYEBzHM+Pq19DqgVIFrl2C
ym3DTkPH6kuObpU8h0ORBoc/ATWP6s8ECy6+2gdfMN212uwTI6BBaV7kguel3w5O
DDNL2ertgzwOr1f96Azw9T1jZRTIbmCFL/sO7aiLSfm0SpqjfF8+/vx4TNVC7mYC
WF53IZVuMTIAqy7oA+IeBKODqR5fnYn79RpridqMWxjMBzKvBBB4Bt4GC51n6dMk
76bJ8KY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:32 2023 by rpki-client on console-fra.rpki-client.org