Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/253693bc-30bc-4886-8a83-38a91430b91d.roa
File: 253693bc-30bc-4886-8a83-38a91430b91d.roa (raw, json)
Hash identifier: NCqyK5287xcywu2SX53V64XtQu0wIR/5oRvWXKbiKoc=
Subject key identifier: 0A:3A:C6:C1:5F:71:17:C7:7D:8C:C6:5F:5F:55:38:07:00:70:4A:5E
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4208156974A312558E252832F7B8F87E64930426
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/253693bc-30bc-4886-8a83-38a91430b91d.roa
Signing time: Tue 30 Aug 2022 00:00:00 +0000
ROA not before: Tue 30 Aug 2022 00:00:00 +0000
ROA not after: Fri 02 Sep 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:08:15:69:74:a3:12:55:8e:25:28:32:f7:b8:f8:7e:64:93:04:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Aug 30 00:00:00 2022 GMT
Not After : Sep 2 23:59:59 2022 GMT
Subject: serialNumber=31f3d37d0cec60db0d3f340a2fbd2ea14ac589f22775e204a3f5ab73a75c1c37, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9b:42:08:e3:d2:0f:b2:7d:43:1b:9d:eb:5e:
6f:c2:43:b6:7b:19:15:63:30:59:f3:55:b1:fc:b2:
21:3b:42:18:eb:8e:99:ee:36:8f:e5:0f:08:f6:b5:
2a:f8:af:96:54:92:ef:5e:a2:59:53:5b:87:05:c1:
14:8f:9d:99:bb:f2:5e:4e:69:40:3e:fb:81:9f:ef:
21:c0:a8:3b:d1:bf:26:3f:cd:64:48:20:0a:16:09:
5f:c7:c7:79:ca:b0:b2:d3:35:70:d2:a1:ad:e1:5f:
39:e3:a3:95:0f:23:f1:f2:2f:a6:43:a3:6c:f9:0b:
fe:6d:a2:51:34:fb:4c:45:07:9a:86:1e:94:78:b1:
80:ef:d8:df:1d:fa:25:8e:91:05:30:e8:4a:18:41:
e9:fb:4d:dc:8c:32:a6:fb:ca:3f:90:21:cf:b8:9c:
96:e6:82:8d:c4:50:7c:f9:e2:06:c6:b7:10:9d:8e:
45:ea:35:73:6b:91:bf:10:8c:19:b4:46:e9:a9:30:
b1:c9:49:1c:90:53:df:02:68:bd:f1:16:1b:d0:db:
88:f4:c5:d1:72:ff:95:9d:e0:e4:7a:13:29:5a:93:
0e:47:fe:0d:19:26:9a:67:fd:77:3f:fe:e3:10:b9:
64:40:ae:3c:3b:84:df:fa:93:ab:e7:9b:58:e9:3b:
52:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3A:C6:C1:5F:71:17:C7:7D:8C:C6:5F:5F:55:38:07:00:70:4A:5E
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/253693bc-30bc-4886-8a83-38a91430b91d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:c3:62:de:82:92:5d:af:fe:87:89:45:a8:6c:40:fb:05:f8:
47:28:09:e7:98:8b:4d:61:07:2a:f5:28:35:22:0e:0d:b9:64:
37:c9:69:7a:10:a9:99:d2:19:eb:02:a3:f8:e6:13:2c:81:2f:
7a:2e:87:29:38:84:47:b3:06:00:41:49:8b:f5:02:fa:d5:5e:
de:6a:66:f9:8c:55:d1:ce:ad:6a:19:a9:59:e1:0f:e6:73:98:
f0:10:11:45:54:53:55:88:2c:1d:59:25:a2:e3:c7:e7:12:89:
75:ae:d5:16:0c:e0:44:4c:8b:e0:7e:4e:6f:62:1b:21:1e:06:
0b:d2:93:29:83:20:36:4c:f4:bf:3d:b5:cf:d6:50:0d:dd:d5:
cf:9b:86:cd:e2:b7:84:be:d4:9b:3e:43:aa:e4:88:2a:44:a4:
ed:98:13:3b:0d:8d:58:00:3e:8d:0d:18:28:f9:6d:fc:ec:69:
31:4f:c6:c3:bd:6a:b1:58:5d:b2:20:ef:60:6b:cd:b7:0a:96:
2b:32:0a:b0:9c:53:e6:c7:ef:0f:a1:f4:57:f0:cf:82:65:e6:
6b:d3:42:30:42:db:b1:7f:7e:7a:d1:0b:6c:44:bd:1b:e9:76:
53:ae:ff:28:00:5d:13:38:61:11:85:b1:37:be:f8:a6:0b:4e:
c9:78:66:48
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUQggVaXSjElWOJSgy97j4fmSTBCYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIwODMwMDAwMDAwWhcNMjIwOTAyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMzFmM2QzN2QwY2VjNjBkYjBkM2YzNDBhMmZiZDJlYTE0
YWM1ODlmMjI3NzVlMjA0YTNmNWFiNzNhNzVjMWMzNzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOCbQgjj0g+yfUMbneteb8JDtnsZFWMwWfNVsfyyITtCGOuOme42
j+UPCPa1KvivllSS716iWVNbhwXBFI+dmbvyXk5pQD77gZ/vIcCoO9G/Jj/NZEgg
ChYJX8fHecqwstM1cNKhreFfOeOjlQ8j8fIvpkOjbPkL/m2iUTT7TEUHmoYelHix
gO/Y3x36JY6RBTDoShhB6ftN3IwypvvKP5Ahz7icluaCjcRQfPniBsa3EJ2OReo1
c2uRvxCMGbRG6akwsclJHJBT3wJovfEWG9DbiPTF0XL/lZ3g5HoTKVqTDkf+DRkm
mmf9dz/+4xC5ZECuPDuE3/qTq+ebWOk7UgsCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQKOsbBX3EXx32Mxl9fVTgHAHBKXjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMjUzNjkzYmMtMzBiYy00ODg2LThhODMtMzhhOTE0MzBiOTFkLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAL/DYt6Ckl2v/oeJ
RahsQPsF+EcoCeeYi01hByr1KDUiDg25ZDfJaXoQqZnSGesCo/jmEyyBL3ouhyk4
hEezBgBBSYv1AvrVXt5qZvmMVdHOrWoZqVnhD+ZzmPAQEUVUU1WILB1ZJaLjx+cS
iXWu1RYM4ERMi+B+Tm9iGyEeBgvSkymDIDZM9L89tc/WUA3d1c+bhs3it4S+1Js+
Q6rkiCpEpO2YEzsNjVgAPo0NGCj5bfzsaTFPxsO9arFYXbIg72BrzbcKlisyCrCc
U+bH7w+h9Ffwz4Jl5mvTQjBC27F/fnrRC2xEvRvpdlOu/ygAXRM4YRGFsTe++KYL
Tsl4Zkg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:33 2023 by rpki-client on console-fra.rpki-client.org