Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/25d101a6-25d8-4b31-9677-4903d5a7621c.roa
File: 25d101a6-25d8-4b31-9677-4903d5a7621c.roa (raw, json)
Hash identifier: bjG/iDY5mSZ+7Z5Xo/TbqxmtgKvQ8uG+5FAAKZ/tC0c=
Subject key identifier: C5:90:8B:51:4B:5B:65:0A:3E:AF:3C:0C:31:EB:DF:4B:1E:3C:EE:99
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 054379934EC636215CF833455C291815307B9443
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/25d101a6-25d8-4b31-9677-4903d5a7621c.roa
Signing time: Thu 30 Mar 2023 00:00:00 +0000
ROA not before: Thu 30 Mar 2023 00:00:00 +0000
ROA not after: Sun 02 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:43:79:93:4e:c6:36:21:5c:f8:33:45:5c:29:18:15:30:7b:94:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 30 00:00:00 2023 GMT
Not After : Apr 2 23:59:59 2023 GMT
Subject: serialNumber=6ea365c533f9d482773ba535c57cc3d08d39213e7e8f24aef90d5d8eea95cd9d, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:af:ee:d2:65:82:3b:cc:25:13:de:5c:af:f6:
4c:93:98:cd:73:aa:df:00:85:ea:76:5d:b3:4d:53:
a0:48:43:e4:ff:a2:a0:44:4c:1c:c7:fd:e5:f2:b8:
26:77:85:a8:52:2d:f3:e1:dd:c9:1d:0d:98:36:c9:
26:54:e3:1d:2d:14:fe:13:ae:03:3e:59:dc:82:11:
02:52:60:e2:c4:50:1f:ee:5b:85:60:5e:54:1d:26:
6c:b7:94:ba:c3:43:6b:b8:a3:b5:71:5d:64:1c:93:
0b:f6:dd:94:d7:fd:84:8a:ef:8c:d0:ab:44:42:9d:
35:9c:fb:3f:74:b0:a6:87:f0:e8:5e:52:d5:5b:8f:
af:2f:d5:bc:9d:97:d9:f7:0e:88:5b:13:1f:e0:3c:
d4:3d:92:37:dc:8e:17:7d:bc:f2:cb:87:ec:23:2c:
f4:03:98:fb:c3:ec:3a:bc:51:7c:ea:0f:95:97:ca:
1e:a7:1b:36:15:e5:bf:2b:c5:7c:45:bf:46:2f:a9:
fe:69:8c:82:c0:fd:45:63:cb:1f:42:97:63:e2:d9:
2b:a2:39:85:38:d2:ef:7b:80:70:67:34:f7:95:ab:
ab:fc:89:e3:5b:e5:5b:a2:5b:6c:24:7f:7e:4a:6d:
c0:f1:10:ce:9a:1e:c8:0d:19:af:36:e9:4b:51:19:
40:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:90:8B:51:4B:5B:65:0A:3E:AF:3C:0C:31:EB:DF:4B:1E:3C:EE:99
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/25d101a6-25d8-4b31-9677-4903d5a7621c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
25:63:4d:89:cb:cc:e6:e0:cf:52:62:26:f4:3a:12:55:2d:9f:
92:3a:2d:eb:87:f4:7f:a7:7c:45:20:57:78:af:05:e0:6b:b1:
c1:db:77:9d:d0:da:e2:fc:e0:62:0e:0b:3a:bf:8e:f4:34:c3:
08:f3:cd:93:95:fd:b1:61:31:74:6a:d6:0a:da:20:00:ee:4c:
6b:6d:b1:e3:70:f0:93:95:58:09:69:ec:40:f3:b9:91:1e:0d:
89:8c:00:44:6d:59:65:da:c7:0b:00:f7:a4:31:b5:dd:59:45:
fe:2b:80:07:df:61:e1:fc:c8:44:70:de:d1:3f:89:20:27:75:
d0:3e:34:1d:2d:58:fa:4b:f2:9a:97:2d:51:18:00:82:00:fe:
9a:49:0c:97:ad:2d:fd:dc:05:be:80:9a:8c:fe:39:f2:f6:92:
7f:a6:dc:12:65:51:89:ed:94:47:d9:e3:f8:08:76:88:58:f9:
81:18:2c:1d:19:68:d2:38:5e:f5:41:b2:48:96:73:de:f2:1e:
8e:0c:82:7f:3c:a5:c6:71:7e:0c:27:03:22:d7:42:0f:bf:f4:
22:ae:ed:a7:58:01:ca:c1:aa:35:02:e3:c3:b5:52:b0:5d:e8:
d3:f8:d6:df:d9:32:f9:0c:9f:1d:96:61:48:ea:35:04:9c:d4:
b4:0d:8c:2b
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUBUN5k07GNiFc+DNFXCkYFTB7lEMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzMwMDAwMDAwWhcNMjMwNDAyMjM1OTU5
WjCBpTFJMEcGA1UEBRNANmVhMzY1YzUzM2Y5ZDQ4Mjc3M2JhNTM1YzU3Y2MzZDA4
ZDM5MjEzZTdlOGYyNGFlZjkwZDVkOGVlYTk1Y2Q5ZDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOCv7tJlgjvMJRPeXK/2TJOYzXOq3wCF6nZds01ToEhD5P+ioERM
HMf95fK4JneFqFIt8+HdyR0NmDbJJlTjHS0U/hOuAz5Z3IIRAlJg4sRQH+5bhWBe
VB0mbLeUusNDa7ijtXFdZByTC/bdlNf9hIrvjNCrREKdNZz7P3Swpofw6F5S1VuP
ry/VvJ2X2fcOiFsTH+A81D2SN9yOF3288suH7CMs9AOY+8PsOrxRfOoPlZfKHqcb
NhXlvyvFfEW/Ri+p/mmMgsD9RWPLH0KXY+LZK6I5hTjS73uAcGc095Wrq/yJ41vl
W6JbbCR/fkptwPEQzpoeyA0ZrzbpS1EZQAcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTFkItRS1tlCj6vPAwx699LHjzumTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMjVkMTAxYTYtMjVkOC00YjMxLTk2NzctNDkwM2Q1YTc2MjFjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACVjTYnLzObgz1Ji
JvQ6ElUtn5I6LeuH9H+nfEUgV3ivBeBrscHbd53Q2uL84GIOCzq/jvQ0wwjzzZOV
/bFhMXRq1graIADuTGttseNw8JOVWAlp7EDzuZEeDYmMAERtWWXaxwsA96Qxtd1Z
Rf4rgAffYeH8yERw3tE/iSAnddA+NB0tWPpL8pqXLVEYAIIA/ppJDJetLf3cBb6A
moz+OfL2kn+m3BJlUYntlEfZ4/gIdohY+YEYLB0ZaNI4XvVBskiWc97yHo4Mgn88
pcZxfgwnAyLXQg+/9CKu7adYAcrBqjUC48O1UrBd6NP41t/ZMvkMnx2WYUjqNQSc
1LQNjCs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:39 2023 by rpki-client on console-ams.rpki-client.org