Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/25c916b0-e98a-4725-af09-077c007977f4.roa
File: 25c916b0-e98a-4725-af09-077c007977f4.roa (raw, json)
Hash identifier: Km4J5DwkHjB+fSM4jhEjEv6y9bcaYvehBFryUeeVLaY=
Subject key identifier: 03:27:4D:24:17:6C:60:E1:B9:33:C4:45:62:32:EF:47:67:7B:CF:04
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 55D495E3C16C54F5400DD15002E849D7C4D34A6C
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/25c916b0-e98a-4725-af09-077c007977f4.roa
Signing time: Fri 03 Mar 2023 00:00:00 +0000
ROA not before: Fri 03 Mar 2023 00:00:00 +0000
ROA not after: Mon 06 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d4:95:e3:c1:6c:54:f5:40:0d:d1:50:02:e8:49:d7:c4:d3:4a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 3 00:00:00 2023 GMT
Not After : Mar 6 23:59:59 2023 GMT
Subject: serialNumber=7db2ba354591a76aeb86a87022ac9e2a5065a656dd044ed2a80278817af6d272, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:50:be:4b:bb:12:98:ec:34:d5:72:f2:d6:47:
68:7d:fa:70:d0:7f:49:8c:bd:0a:bb:42:2e:72:bc:
93:93:d3:ca:5c:39:b6:65:25:08:dd:aa:af:bc:80:
e0:52:e4:b7:e4:c2:8a:0e:68:a6:2f:25:ff:d8:35:
32:5e:e5:bb:b6:45:b5:1e:bc:cd:45:63:87:bf:e8:
03:12:59:da:63:08:83:87:4a:b2:09:41:e1:1b:f7:
6c:a6:a2:dc:85:c2:ed:f1:5f:27:4d:67:ac:43:26:
55:a1:dc:70:ea:6c:fe:c7:d6:72:25:d8:d9:de:5c:
77:db:21:5a:6a:6e:bc:33:eb:eb:a2:6a:08:fa:2b:
78:90:f9:e3:00:af:9d:e0:1d:14:39:39:ac:85:ee:
bb:fd:73:b7:07:be:86:f0:6a:4a:6f:af:70:68:b1:
58:a2:c6:46:9d:d7:8f:81:38:88:e1:ea:95:38:38:
ea:9f:1e:84:71:b3:1a:00:97:47:62:62:41:df:e6:
d4:0e:e9:46:41:1e:86:10:cb:70:10:89:c3:0c:25:
65:62:eb:e2:9a:2d:b3:d1:1a:15:0c:7b:86:94:99:
0e:3a:40:90:5f:12:3a:35:81:ad:ee:60:12:7a:b8:
08:0c:b0:37:b9:69:8f:59:e5:bd:d0:e1:3c:98:57:
0b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:27:4D:24:17:6C:60:E1:B9:33:C4:45:62:32:EF:47:67:7B:CF:04
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/25c916b0-e98a-4725-af09-077c007977f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:c0:f0:ae:59:4a:5e:7d:9a:46:77:42:c0:45:f0:d0:3c:e4:
29:3f:52:52:bb:6e:e7:1f:e2:1c:b4:be:89:ed:7f:23:8e:da:
bf:eb:9c:c5:0b:0f:a4:e9:95:b0:01:b6:f3:ea:84:00:79:0f:
3b:f5:f3:53:20:1b:c5:50:ed:b5:2b:f5:dc:37:2a:04:98:9a:
d4:1d:50:5d:41:d7:f8:12:69:d0:3b:12:46:bd:20:dd:64:ce:
14:68:83:31:d1:04:84:3f:e1:f3:a5:89:33:c8:91:ea:9a:25:
e7:4d:5a:a8:68:c4:76:a8:cd:8c:1d:3e:3a:36:2e:df:ff:64:
0a:bf:e6:f7:3d:69:71:ae:75:ad:ae:36:93:01:27:76:f3:50:
b6:93:63:b2:28:0b:9c:56:61:e1:fd:ab:e4:5c:90:8b:40:f3:
64:50:f6:ca:29:cd:c1:8b:d3:8c:53:fe:36:fa:76:32:31:4e:
91:f0:f5:d0:54:82:11:f7:d4:bc:2a:d1:e3:3c:42:73:eb:cb:
fd:76:de:f3:66:de:d1:8a:8e:98:bf:ef:90:af:60:85:67:b7:
a1:d1:97:bb:e4:be:70:9a:7b:8c:a4:60:74:e9:d6:24:83:59:
10:22:eb:d6:a3:d9:c3:b1:e3:a1:bc:05:77:5e:13:7e:cd:cb:
38:21:eb:81
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUVdSV48FsVPVADdFQAuhJ18TTSmwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzAzMDAwMDAwWhcNMjMwMzA2MjM1OTU5
WjCBpTFJMEcGA1UEBRNAN2RiMmJhMzU0NTkxYTc2YWViODZhODcwMjJhYzllMmE1
MDY1YTY1NmRkMDQ0ZWQyYTgwMjc4ODE3YWY2ZDI3MjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKBQvku7EpjsNNVy8tZHaH36cNB/SYy9CrtCLnK8k5PTylw5tmUl
CN2qr7yA4FLkt+TCig5opi8l/9g1Ml7lu7ZFtR68zUVjh7/oAxJZ2mMIg4dKsglB
4Rv3bKai3IXC7fFfJ01nrEMmVaHccOps/sfWciXY2d5cd9shWmpuvDPr66JqCPor
eJD54wCvneAdFDk5rIXuu/1ztwe+hvBqSm+vcGixWKLGRp3Xj4E4iOHqlTg46p8e
hHGzGgCXR2JiQd/m1A7pRkEehhDLcBCJwwwlZWLr4pots9EaFQx7hpSZDjpAkF8S
OjWBre5gEnq4CAywN7lpj1nlvdDhPJhXC5ECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQDJ00kF2xg4bkzxEViMu9HZ3vPBDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMjVjOTE2YjAtZTk4YS00NzI1LWFmMDktMDc3YzAwNzk3N2Y0LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKLA8K5ZSl59mkZ3
QsBF8NA85Ck/UlK7bucf4hy0vontfyOO2r/rnMULD6TplbABtvPqhAB5Dzv181Mg
G8VQ7bUr9dw3KgSYmtQdUF1B1/gSadA7Eka9IN1kzhRogzHRBIQ/4fOliTPIkeqa
JedNWqhoxHaozYwdPjo2Lt//ZAq/5vc9aXGuda2uNpMBJ3bzULaTY7IoC5xWYeH9
q+RckItA82RQ9sopzcGL04xT/jb6djIxTpHw9dBUghH31Lwq0eM8QnPry/123vNm
3tGKjpi/75CvYIVnt6HRl7vkvnCae4ykYHTp1iSDWRAi69aj2cOx46G8BXdeE37N
yzgh64E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:33 2023 by rpki-client on console-fra.rpki-client.org