Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/20aa72c7-64f8-4a24-974c-0aff7771f15b.roa
File: 20aa72c7-64f8-4a24-974c-0aff7771f15b.roa (raw, json)
Hash identifier: 2InVr5VSZDiveI8cTjTlUKzTY6a/q6y9pzRv70W2YFc=
Subject key identifier: 5F:66:46:5D:9A:82:10:FE:B3:3F:AF:2D:68:39:68:E8:E8:56:C1:18
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 30B763F9AF59C45F91BB5687894761515A3B8AE7
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/20aa72c7-64f8-4a24-974c-0aff7771f15b.roa
Signing time: Sat 31 Dec 2022 00:00:00 +0000
ROA not before: Sat 31 Dec 2022 00:00:00 +0000
ROA not after: Tue 03 Jan 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:b7:63:f9:af:59:c4:5f:91:bb:56:87:89:47:61:51:5a:3b:8a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Dec 31 00:00:00 2022 GMT
Not After : Jan 3 23:59:59 2023 GMT
Subject: serialNumber=4fb8756f5c6589a8d937c80f10f197d915a0f4b786c8af278950e3b04c7a9c67, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ea:16:bf:14:d1:d8:6e:3e:a3:98:98:c3:62:
2f:15:3d:ad:b0:a6:0a:03:ee:46:25:b4:ef:39:3d:
2f:25:ac:a2:e5:ea:89:78:69:16:a7:67:36:b8:51:
e4:0c:2c:8b:e5:8c:5f:00:13:1e:ad:46:58:1a:33:
3c:3f:01:77:7c:a5:93:d4:84:6e:ef:04:28:e1:73:
0e:b9:b9:27:eb:71:fb:cf:bc:42:40:79:f7:34:ba:
3d:4a:32:cd:6d:d4:91:9c:1b:20:1a:ad:71:53:c4:
5a:3b:55:0e:61:6b:5c:10:9e:c0:a1:4d:b7:07:cf:
47:89:4a:02:56:6a:ce:8e:3c:b4:35:01:4e:e1:78:
48:f6:cf:da:17:ce:cc:22:22:e5:55:a7:14:95:b7:
e3:7a:7c:e9:84:82:05:74:5f:50:e0:ad:0b:26:ef:
06:bb:5e:97:9c:3b:b0:de:eb:07:eb:53:f0:bb:35:
07:e9:a3:b8:e5:c0:ec:86:4a:c3:aa:b4:81:a0:a7:
72:c3:c1:54:63:59:78:b7:43:a6:87:d7:f6:2c:e9:
9b:7b:67:59:cc:5f:a0:53:b5:da:72:8b:1c:53:a3:
9c:08:7f:ae:1e:4b:eb:5d:10:cb:c0:f4:db:cb:8d:
2f:35:67:82:bb:ac:eb:b1:56:a1:5b:d7:31:35:5e:
09:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:66:46:5D:9A:82:10:FE:B3:3F:AF:2D:68:39:68:E8:E8:56:C1:18
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/20aa72c7-64f8-4a24-974c-0aff7771f15b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:7d:3f:41:fa:ae:1a:40:9e:bb:01:2a:6d:e8:55:c9:a4:07:
60:24:34:a5:55:3d:38:5d:b3:55:e5:db:0c:03:ca:9e:96:ee:
7e:f3:fc:05:7f:73:0f:b8:a7:0a:f6:af:72:73:8f:77:02:c6:
05:82:de:c9:6b:e2:36:27:1c:5f:bb:34:99:52:a6:31:cc:86:
8a:d6:6f:69:50:c9:3f:1b:f6:ba:c5:8a:eb:72:62:80:d5:44:
a6:15:4c:4e:9e:23:02:6f:1d:b3:c3:12:7f:df:2a:26:54:52:
ab:fe:97:ab:9d:a7:5a:65:0b:5e:d2:58:2a:68:98:81:0d:3e:
54:82:55:92:0a:7d:63:6e:e5:7d:fb:bb:c5:6c:84:ff:ce:e9:
d2:1c:a8:a1:e3:48:cb:9e:95:d2:da:d2:3e:04:dd:a2:a2:b1:
b9:d5:ae:bb:8d:66:73:12:63:b7:a4:96:bf:98:2b:fc:76:66:
d6:27:e6:68:71:c7:71:50:48:1c:11:fe:29:6a:b4:1a:00:ca:
52:be:4a:7e:55:c2:c8:ec:d6:b1:f3:df:81:b4:13:67:86:74:
a6:a2:8e:37:04:c3:0d:c6:2e:fd:37:de:f1:45:38:ae:66:1e:
a6:6c:a6:68:61:f1:6e:70:2e:5d:04:cb:0d:cd:01:d2:78:e2:
57:d3:96:dc
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUMLdj+a9ZxF+Ru1aHiUdhUVo7iucwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIxMjMxMDAwMDAwWhcNMjMwMTAzMjM1OTU5
WjCBpTFJMEcGA1UEBRNANGZiODc1NmY1YzY1ODlhOGQ5MzdjODBmMTBmMTk3ZDkx
NWEwZjRiNzg2YzhhZjI3ODk1MGUzYjA0YzdhOWM2NzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMjqFr8U0dhuPqOYmMNiLxU9rbCmCgPuRiW07zk9LyWsouXqiXhp
FqdnNrhR5Awsi+WMXwATHq1GWBozPD8Bd3ylk9SEbu8EKOFzDrm5J+tx+8+8QkB5
9zS6PUoyzW3UkZwbIBqtcVPEWjtVDmFrXBCewKFNtwfPR4lKAlZqzo48tDUBTuF4
SPbP2hfOzCIi5VWnFJW343p86YSCBXRfUOCtCybvBrtel5w7sN7rB+tT8Ls1B+mj
uOXA7IZKw6q0gaCncsPBVGNZeLdDpofX9izpm3tnWcxfoFO12nKLHFOjnAh/rh5L
610Qy8D028uNLzVngrus67FWoVvXMTVeCY0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRfZkZdmoIQ/rM/ry1oOWjo6FbBGDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMjBhYTcyYzctNjRmOC00YTI0LTk3NGMtMGFmZjc3NzFmMTViLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKR9P0H6rhpAnrsB
Km3oVcmkB2AkNKVVPThds1Xl2wwDyp6W7n7z/AV/cw+4pwr2r3Jzj3cCxgWC3slr
4jYnHF+7NJlSpjHMhorWb2lQyT8b9rrFiutyYoDVRKYVTE6eIwJvHbPDEn/fKiZU
Uqv+l6udp1plC17SWCpomIENPlSCVZIKfWNu5X37u8VshP/O6dIcqKHjSMueldLa
0j4E3aKisbnVrruNZnMSY7eklr+YK/x2ZtYn5mhxx3FQSBwR/ilqtBoAylK+Sn5V
wsjs1rHz34G0E2eGdKaijjcEww3GLv033vFFOK5mHqZspmhh8W5wLl0Eyw3NAdJ4
4lfTltw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:38 2023 by rpki-client on console-ams.rpki-client.org