Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/23757d1d-5c73-4705-ba2e-3355a4477405.roa
File: 23757d1d-5c73-4705-ba2e-3355a4477405.roa (raw, json)
Hash identifier: d4proBXzU3lk9hQiQLN2JK4fGlYFToqbykF9koHV1K8=
Subject key identifier: 33:B1:45:38:21:D8:DD:C8:A3:90:70:75:F8:34:E0:50:35:A8:80:78
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 38B869B2FEDBCAF9DFA7D81F4F12254DACDB2ADD
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/23757d1d-5c73-4705-ba2e-3355a4477405.roa
Signing time: Sun 09 Apr 2023 00:00:00 +0000
ROA not before: Sun 09 Apr 2023 00:00:00 +0000
ROA not after: Wed 12 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:b8:69:b2:fe:db:ca:f9:df:a7:d8:1f:4f:12:25:4d:ac:db:2a:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 9 00:00:00 2023 GMT
Not After : Apr 12 23:59:59 2023 GMT
Subject: serialNumber=22ce9930e167235ac69a63d8416a385a325776970e882cff2772c4a5e5e1f619, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0f:45:67:50:53:a0:f3:4e:42:2f:75:83:0c:
2e:3f:35:c8:3d:87:58:d5:2b:4e:c3:b5:e1:9e:78:
91:e1:85:ef:34:44:41:28:75:28:f5:11:43:9c:4c:
fe:4d:c6:3e:f4:ab:4e:9c:56:d5:c4:3f:09:9a:53:
da:a6:15:3d:c7:d4:4a:bc:c7:44:4d:1d:f9:42:77:
ac:0d:28:d9:a3:56:58:5c:3e:f5:4c:a7:d2:e0:47:
1b:2a:ee:ae:4b:62:c9:70:17:5e:64:4d:46:da:4f:
f0:64:a5:23:de:f5:0d:b1:78:b0:c3:dc:f5:9c:9e:
c2:4e:1a:84:53:4d:97:8f:93:6f:57:23:79:ab:7f:
8c:b4:f0:ca:29:ef:fe:a0:a2:88:a5:0d:97:1c:bf:
1d:c0:c4:b8:b6:08:9a:fc:5e:e3:44:18:44:c7:e3:
dd:b4:33:fc:42:b6:bc:75:ed:45:e1:3d:67:cc:ab:
21:6a:79:35:26:94:50:9c:5b:77:dd:7b:69:ee:99:
a7:6b:7b:93:03:6f:e4:e4:5a:41:4c:d8:78:cb:d9:
b1:ce:a9:5e:78:32:be:c6:c3:5d:81:7c:66:0e:be:
70:e3:d7:80:aa:6c:ae:1d:50:b4:f7:4a:7f:fe:b2:
2f:e6:61:06:6f:bd:2d:59:1c:a4:ad:a6:bf:15:98:
ed:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B1:45:38:21:D8:DD:C8:A3:90:70:75:F8:34:E0:50:35:A8:80:78
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/23757d1d-5c73-4705-ba2e-3355a4477405.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
96:9d:08:a3:3f:9f:e8:40:51:d3:53:5c:67:43:0e:46:48:1a:
f6:85:49:c8:12:41:b5:f2:7d:fc:06:cb:ca:19:e2:98:8a:5b:
8e:2c:ff:de:8a:81:5c:8e:f0:6c:13:84:e5:4e:ea:4e:d1:82:
37:44:3b:8b:a6:66:ab:d8:cb:01:2d:96:63:6c:c1:0d:5d:fa:
de:93:2b:23:1b:ff:78:7a:0b:aa:11:1f:d3:ec:9f:f9:d2:7c:
cb:58:54:f0:68:85:6a:3c:09:29:de:93:bf:eb:d2:14:b7:aa:
bb:92:f1:75:09:2e:8a:17:ae:e5:92:2e:17:e8:57:5f:17:97:
6c:df:9d:92:30:16:06:7e:86:ad:17:55:3a:80:cc:40:61:c6:
05:01:c9:b4:d3:50:56:e0:f3:68:f4:fa:50:79:08:b0:95:c2:
37:17:29:8b:3e:33:60:03:bf:01:c5:36:d1:b3:0a:e2:01:8e:
24:26:ab:39:f4:53:fe:15:9e:f9:15:49:03:f9:78:23:f8:a0:
d6:f8:e3:d3:cc:4c:49:a1:0c:5a:10:b4:b2:3e:09:6f:f1:f8:
fc:cb:4a:8d:3b:73:e6:2a:6d:25:46:be:da:23:3a:4e:08:4a:
9c:87:46:a5:fb:41:ef:3a:15:77:3f:93:f2:af:21:d1:3b:36:
ba:d8:7a:b6
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUOLhpsv7byvnfp9gfTxIlTazbKt0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDA5MDAwMDAwWhcNMjMwNDEyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMjJjZTk5MzBlMTY3MjM1YWM2OWE2M2Q4NDE2YTM4NWEz
MjU3NzY5NzBlODgyY2ZmMjc3MmM0YTVlNWUxZjYxOTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMkPRWdQU6DzTkIvdYMMLj81yD2HWNUrTsO14Z54keGF7zREQSh1
KPURQ5xM/k3GPvSrTpxW1cQ/CZpT2qYVPcfUSrzHRE0d+UJ3rA0o2aNWWFw+9Uyn
0uBHGyrurktiyXAXXmRNRtpP8GSlI971DbF4sMPc9Zyewk4ahFNNl4+Tb1cjeat/
jLTwyinv/qCiiKUNlxy/HcDEuLYImvxe40QYRMfj3bQz/EK2vHXtReE9Z8yrIWp5
NSaUUJxbd917ae6Zp2t7kwNv5ORaQUzYeMvZsc6pXngyvsbDXYF8Zg6+cOPXgKps
rh1QtPdKf/6yL+ZhBm+9LVkcpK2mvxWY7RUCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQzsUU4IdjdyKOQcHX4NOBQNaiAeDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMjM3NTdkMWQtNWM3My00NzA1LWJhMmUtMzM1NWE0NDc3NDA1LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJadCKM/n+hAUdNT
XGdDDkZIGvaFScgSQbXyffwGy8oZ4piKW44s/96KgVyO8GwThOVO6k7RgjdEO4um
ZqvYywEtlmNswQ1d+t6TKyMb/3h6C6oRH9Psn/nSfMtYVPBohWo8CSnek7/r0hS3
qruS8XUJLooXruWSLhfoV18Xl2zfnZIwFgZ+hq0XVTqAzEBhxgUBybTTUFbg82j0
+lB5CLCVwjcXKYs+M2ADvwHFNtGzCuIBjiQmqzn0U/4VnvkVSQP5eCP4oNb449PM
TEmhDFoQtLI+CW/x+PzLSo07c+YqbSVGvtojOk4ISpyHRqX7Qe86FXc/k/KvIdE7
NrrYerY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:33 2023 by rpki-client on console-fra.rpki-client.org