Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/32c59736-961d-42ea-a71d-3c745294c423.roa
File: 32c59736-961d-42ea-a71d-3c745294c423.roa (raw, json)
Hash identifier: wEKK29Ne/DNYHN/N6Aqx3meRjQXpbJXykwE/LeWyk8E=
Subject key identifier: 6D:23:9B:3A:B1:C1:AF:FA:7F:BB:56:EE:E0:F6:2E:03:76:12:E9:43
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 19A86FBD4E582383CA162490B532F95A736A932D
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/32c59736-961d-42ea-a71d-3c745294c423.roa
Signing time: Wed 24 Aug 2022 00:00:00 +0000
ROA not before: Wed 24 Aug 2022 00:00:00 +0000
ROA not after: Sat 27 Aug 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a8:6f:bd:4e:58:23:83:ca:16:24:90:b5:32:f9:5a:73:6a:93:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Aug 24 00:00:00 2022 GMT
Not After : Aug 27 23:59:59 2022 GMT
Subject: serialNumber=7496e6c23f305ea283c710d043c28e887368c42104a51fbcdaf6718fb4bb9bc9, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:25:4a:0c:81:fc:74:25:56:18:7e:6c:83:66:
4f:f9:28:6d:db:a5:0f:40:b2:c9:b5:28:58:1b:b1:
03:28:f5:66:88:39:0c:30:8d:5d:47:4d:26:d3:e8:
aa:86:96:a9:77:99:b5:7a:4a:0f:f6:54:27:26:2a:
98:6e:e4:1c:5c:e0:22:26:6f:0c:ee:78:b2:36:1c:
22:9a:d6:6d:4a:4e:41:85:50:1e:18:59:75:16:23:
0f:9d:71:f3:36:12:4f:bd:82:8d:15:e8:ce:2a:41:
24:34:8f:3f:89:1d:b1:4b:55:a5:d8:11:1d:ab:74:
4e:af:ca:0a:e1:59:10:a5:9e:90:e3:7c:d3:4b:ec:
e5:18:52:1c:cd:99:0f:6e:c0:5e:24:96:42:c6:e6:
2a:cc:f5:0e:2b:ea:75:8d:0c:a0:89:69:01:69:4a:
87:f1:a5:dd:73:25:d1:ef:86:86:10:fc:69:2f:50:
0b:da:00:59:ba:29:3a:a5:d8:13:25:04:ca:52:3b:
91:fc:58:cd:c8:16:53:d6:a8:28:06:0d:85:84:d3:
35:05:c6:91:d5:51:d6:0e:59:42:fd:e5:5b:20:54:
09:fd:c7:e1:6b:02:40:27:98:02:52:2b:84:32:60:
ca:d1:f0:d7:6f:2d:d3:54:0b:32:6f:fc:95:ac:41:
77:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:23:9B:3A:B1:C1:AF:FA:7F:BB:56:EE:E0:F6:2E:03:76:12:E9:43
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/32c59736-961d-42ea-a71d-3c745294c423.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:a3:66:20:85:37:06:1c:ef:3b:ab:b1:a5:15:0d:a8:fd:3f:
65:b4:9b:fc:ae:10:39:36:07:82:7e:34:38:1d:5e:c1:5f:25:
e6:e3:64:5f:b2:c9:dd:27:a4:a7:bd:e5:bb:6e:95:c3:d5:b1:
da:02:0c:e8:16:a2:1d:75:e8:d7:c1:70:2c:24:0e:9b:21:95:
94:85:8e:fb:a6:4a:8f:23:59:16:47:87:28:41:23:af:26:0f:
f2:0b:f7:37:09:86:db:dc:2a:6a:00:2a:bd:b0:4e:5e:c8:aa:
38:a6:d4:39:69:95:ed:aa:f5:c3:be:1f:f8:5a:95:66:1f:20:
2b:0d:41:62:4a:7a:0b:6c:67:92:11:93:ac:16:84:e9:cc:18:
43:8e:89:94:e1:66:c3:5e:10:38:75:df:f4:7e:db:06:72:d2:
92:6b:e2:bd:f6:4b:ce:03:ea:50:db:ac:d2:d0:7c:66:72:15:
13:21:43:8c:82:55:28:fa:30:0b:d2:5f:a4:07:88:aa:a4:ca:
e1:35:cc:17:64:bb:4f:78:29:1d:8e:99:0f:fe:13:cb:fa:2b:
49:2b:f2:e9:91:44:28:89:80:78:82:ac:32:25:c5:d4:37:65:
75:cb:a7:7c:2e:7b:54:dd:3d:2c:af:76:3f:88:34:ca:5f:ce:
41:19:ae:55
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUGahvvU5YI4PKFiSQtTL5WnNqky0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIwODI0MDAwMDAwWhcNMjIwODI3MjM1OTU5
WjCBpTFJMEcGA1UEBRNANzQ5NmU2YzIzZjMwNWVhMjgzYzcxMGQwNDNjMjhlODg3
MzY4YzQyMTA0YTUxZmJjZGFmNjcxOGZiNGJiOWJjOTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAI4lSgyB/HQlVhh+bINmT/kobdulD0CyybUoWBuxAyj1Zog5DDCN
XUdNJtPoqoaWqXeZtXpKD/ZUJyYqmG7kHFzgIiZvDO54sjYcIprWbUpOQYVQHhhZ
dRYjD51x8zYST72CjRXozipBJDSPP4kdsUtVpdgRHat0Tq/KCuFZEKWekON800vs
5RhSHM2ZD27AXiSWQsbmKsz1DivqdY0MoIlpAWlKh/Gl3XMl0e+GhhD8aS9QC9oA
WbopOqXYEyUEylI7kfxYzcgWU9aoKAYNhYTTNQXGkdVR1g5ZQv3lWyBUCf3H4WsC
QCeYAlIrhDJgytHw128t01QLMm/8laxBd00CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRtI5s6scGv+n+7Vu7g9i4DdhLpQzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMzJjNTk3MzYtOTYxZC00MmVhLWE3MWQtM2M3NDUyOTRjNDIzLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJujZiCFNwYc7zur
saUVDaj9P2W0m/yuEDk2B4J+NDgdXsFfJebjZF+yyd0npKe95btulcPVsdoCDOgW
oh116NfBcCwkDpshlZSFjvumSo8jWRZHhyhBI68mD/IL9zcJhtvcKmoAKr2wTl7I
qjim1Dlple2q9cO+H/halWYfICsNQWJKegtsZ5IRk6wWhOnMGEOOiZThZsNeEDh1
3/R+2wZy0pJr4r32S84D6lDbrNLQfGZyFRMhQ4yCVSj6MAvSX6QHiKqkyuE1zBdk
u094KR2OmQ/+E8v6K0kr8umRRCiJgHiCrDIlxdQ3ZXXLp3wue1TdPSyvdj+INMpf
zkEZrlU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:34 2023 by rpki-client on console-fra.rpki-client.org