Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1c7941ed-1499-48ce-898f-b58969b713aa.roa
File: 1c7941ed-1499-48ce-898f-b58969b713aa.roa (raw, json)
Hash identifier: QI8Eeh9J//YbB2F2BNtx/aSlXAokiPrfzSSz3Xp5dRU=
Subject key identifier: EB:69:AA:AF:A2:5E:37:9C:C8:E3:26:09:A1:30:57:4C:52:D1:F2:38
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 254DCE278F51D4995C9F7AE42A1E460497168A3C
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1c7941ed-1499-48ce-898f-b58969b713aa.roa
Signing time: Sun 26 Mar 2023 00:00:00 +0000
ROA not before: Sun 26 Mar 2023 00:00:00 +0000
ROA not after: Wed 29 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:4d:ce:27:8f:51:d4:99:5c:9f:7a:e4:2a:1e:46:04:97:16:8a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 26 00:00:00 2023 GMT
Not After : Mar 29 23:59:59 2023 GMT
Subject: serialNumber=b228a6823de3080a362d5689ff8b0a777cfdd8a4de59ee2606d2fd23cf4d4ceb, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:08:52:32:f6:67:2e:ec:b0:25:be:0d:e7:1a:
5e:ab:c3:87:f2:77:76:a7:82:b9:b9:dc:1b:17:47:
c3:e0:03:18:44:10:17:8a:55:64:70:b2:93:62:fa:
22:89:0a:fe:05:cc:49:fa:1e:93:af:5e:ae:73:0c:
c4:eb:07:97:ce:83:1a:34:d3:31:b2:05:01:be:13:
ec:3a:20:fe:c7:c6:1d:e7:f4:97:86:86:e2:aa:54:
15:7b:f7:83:32:c0:6e:46:7f:f9:1f:0d:87:72:82:
fb:9a:14:1f:e7:f2:f8:01:e9:4d:0e:dd:56:37:bc:
7e:54:f7:3b:d6:46:b8:05:36:3d:65:b0:3f:ca:a5:
d7:69:f3:69:fe:14:23:f0:dd:f5:b9:d9:e1:e8:75:
20:28:a8:47:2e:18:56:13:4b:17:15:2f:0e:c8:42:
21:46:49:46:b1:22:14:6d:6b:44:6b:d1:fe:54:d8:
9f:23:b7:e9:9b:99:b9:92:4c:7e:a7:02:1d:49:75:
36:fb:ed:4b:36:ad:a9:6e:40:03:ee:29:81:64:fc:
74:9f:88:7e:08:96:26:f8:b0:0d:cc:b4:84:7c:c6:
d9:37:f9:6c:09:ae:3c:91:59:5b:cf:a6:f4:05:e4:
2c:5d:f9:5d:5d:64:57:63:d6:6b:f4:59:bd:53:07:
16:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:69:AA:AF:A2:5E:37:9C:C8:E3:26:09:A1:30:57:4C:52:D1:F2:38
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/1c7941ed-1499-48ce-898f-b58969b713aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
36:6a:3e:4a:b3:fb:9e:d6:d0:01:bc:54:83:e1:ed:01:e0:04:
79:c2:f4:d5:2f:12:4f:f6:92:c6:fe:a9:0f:64:94:fe:d0:e1:
db:0e:25:8a:b6:11:73:b8:ed:74:19:b7:22:86:da:3f:8d:12:
99:a1:e8:ea:55:fe:7a:ea:29:e0:0a:b1:25:b3:d3:59:73:38:
b4:1b:51:b3:88:cd:70:00:05:fc:00:f4:61:56:d8:b2:ce:af:
a9:b5:a4:bc:61:ed:dc:5d:db:8d:6d:be:f2:6c:23:d0:71:fe:
6d:04:de:4b:7e:e5:90:fb:81:57:4c:eb:e5:bf:e3:00:2b:e0:
bf:90:d9:50:bb:a8:ad:e2:03:d4:20:0a:89:1f:56:76:e3:4d:
fe:04:6b:84:c9:e8:31:fd:6a:4b:de:43:7c:dc:dc:25:88:44:
ea:8f:2f:3a:45:8e:65:d7:7a:69:46:09:20:a1:c7:fa:86:8c:
5e:5b:91:30:92:9d:5a:ad:2a:cb:95:fd:f8:37:d4:16:73:9a:
58:e7:3a:85:08:ec:1b:9a:3b:43:99:d4:f4:13:f2:6c:9b:f2:
70:9c:1a:cc:ae:f8:53:47:7e:45:5e:94:28:0c:e6:19:e6:3b:
d1:e6:70:72:f5:5a:80:8c:4a:37:de:25:5a:f8:b2:b3:30:14:
84:16:70:28
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUJU3OJ49R1Jlcn3rkKh5GBJcWijwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzI2MDAwMDAwWhcNMjMwMzI5MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYjIyOGE2ODIzZGUzMDgwYTM2MmQ1Njg5ZmY4YjBhNzc3
Y2ZkZDhhNGRlNTllZTI2MDZkMmZkMjNjZjRkNGNlYjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALAIUjL2Zy7ssCW+DecaXqvDh/J3dqeCubncGxdHw+ADGEQQF4pV
ZHCyk2L6IokK/gXMSfoek69ernMMxOsHl86DGjTTMbIFAb4T7Dog/sfGHef0l4aG
4qpUFXv3gzLAbkZ/+R8Nh3KC+5oUH+fy+AHpTQ7dVje8flT3O9ZGuAU2PWWwP8ql
12nzaf4UI/Dd9bnZ4eh1ICioRy4YVhNLFxUvDshCIUZJRrEiFG1rRGvR/lTYnyO3
6ZuZuZJMfqcCHUl1NvvtSzatqW5AA+4pgWT8dJ+IfgiWJviwDcy0hHzG2Tf5bAmu
PJFZW8+m9AXkLF35XV1kV2PWa/RZvVMHFs0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTraaqvol43nMjjJgmhMFdMUtHyODAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMWM3OTQxZWQtMTQ5OS00OGNlLTg5OGYtYjU4OTY5YjcxM2FhLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADZqPkqz+57W0AG8
VIPh7QHgBHnC9NUvEk/2ksb+qQ9klP7Q4dsOJYq2EXO47XQZtyKG2j+NEpmh6OpV
/nrqKeAKsSWz01lzOLQbUbOIzXAABfwA9GFW2LLOr6m1pLxh7dxd241tvvJsI9Bx
/m0E3kt+5ZD7gVdM6+W/4wAr4L+Q2VC7qK3iA9QgCokfVnbjTf4Ea4TJ6DH9akve
Q3zc3CWIROqPLzpFjmXXemlGCSChx/qGjF5bkTCSnVqtKsuV/fg31BZzmljnOoUI
7BuaO0OZ1PQT8myb8nCcGsyu+FNHfkVelCgM5hnmO9HmcHL1WoCMSjfeJVr4srMw
FIQWcCg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:32 2023 by rpki-client on console-fra.rpki-client.org