Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/331ae24f-6a0a-4ce1-977d-42e193339632.roa
File: 331ae24f-6a0a-4ce1-977d-42e193339632.roa (raw, json)
Hash identifier: VF/HEZ066Z7NmrtY1m0tMoENRyyRpPgRhy7Wob0ZAus=
Subject key identifier: FE:52:F1:47:7B:DD:9E:53:7F:3B:5B:F3:15:14:B5:D0:AA:1E:49:9B
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4A59C1FF28B30D038F88A17DC3D550DFD6B183CE
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/331ae24f-6a0a-4ce1-977d-42e193339632.roa
Signing time: Tue 02 May 2023 00:00:00 +0000
ROA not before: Tue 02 May 2023 00:00:00 +0000
ROA not after: Fri 05 May 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:59:c1:ff:28:b3:0d:03:8f:88:a1:7d:c3:d5:50:df:d6:b1:83:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 2 00:00:00 2023 GMT
Not After : May 5 23:59:59 2023 GMT
Subject: serialNumber=faf0d2422497db0c211186ce846551c94905ae8a672b9db31a5d973cbcc45f7d, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2f:bd:94:e3:07:d0:7d:57:ff:6e:59:04:dc:
6b:98:f5:b9:b3:f9:c6:ac:7f:91:8f:ef:a9:18:f9:
a9:54:be:2a:31:fd:28:30:db:4a:dd:41:22:d0:3f:
e5:ec:57:ec:bf:11:9f:f0:3b:b3:10:94:fb:6d:2d:
79:97:39:5a:30:67:0f:fd:07:47:fe:c0:f5:32:c8:
d1:59:c6:ab:fc:12:ae:1f:99:03:72:3b:c3:62:95:
31:51:55:66:19:0f:5c:77:b7:03:91:7f:ab:42:4c:
04:57:eb:a3:be:28:87:13:a3:d6:01:0e:a3:e2:9d:
41:e7:61:9a:40:17:00:05:2e:3e:b6:d2:56:01:c8:
96:76:08:13:aa:0c:27:e2:4a:2f:01:04:b0:f7:64:
dd:ea:5e:f0:03:60:b9:f9:43:1d:2a:49:d3:18:60:
40:c1:aa:44:b8:b8:ec:8f:74:4c:c8:5d:67:28:b4:
2f:57:cb:f9:4d:91:86:16:ca:1a:c3:4e:60:b5:25:
62:81:98:4b:11:37:68:3c:b6:6d:cc:11:f0:85:2b:
87:67:75:8f:6c:4c:6e:90:50:12:b1:27:77:52:99:
3e:1f:8e:5b:5e:de:4b:e5:46:3f:9d:d8:4f:fb:86:
b3:bf:20:0f:7f:5e:be:a6:03:1a:8c:cf:ac:86:62:
99:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:52:F1:47:7B:DD:9E:53:7F:3B:5B:F3:15:14:B5:D0:AA:1E:49:9B
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/331ae24f-6a0a-4ce1-977d-42e193339632.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:89:e4:08:69:ab:71:8c:28:a8:10:ed:e9:05:b2:89:94:8a:
8a:52:9d:70:d2:8b:1b:80:9b:04:ff:a6:01:4c:0c:ed:c5:d7:
68:5e:b1:c7:3c:ae:aa:ea:4f:08:b4:8b:db:e2:bc:da:d1:e8:
db:a4:28:e7:72:27:d0:2f:9d:5f:f2:c9:65:8e:4a:48:d2:ab:
5c:ad:26:43:b3:98:77:f1:89:a7:4d:d7:ac:3b:02:00:72:86:
f5:fe:dc:63:68:bd:7e:98:18:35:7b:b8:92:6c:7f:47:86:24:
e4:6b:08:5c:62:dc:f3:36:50:99:7c:bf:46:11:a1:60:65:74:
2b:94:92:83:d7:59:73:ab:a6:f2:37:b7:6a:42:76:9b:bc:dd:
f7:94:2e:82:bb:d1:72:2f:04:2b:a1:6f:07:43:4d:32:f5:2b:
f4:60:5e:15:a9:d3:32:ca:90:49:78:66:e9:49:c9:f2:08:fe:
43:23:5b:5d:dd:5c:06:81:e4:ab:e5:55:55:77:36:9f:62:ca:
e3:1d:51:57:07:0c:03:c5:47:75:cb:dc:32:44:81:da:aa:38:
03:56:95:b8:10:2c:e4:90:85:f9:8d:20:c9:e8:1f:f5:10:19:
e9:37:ce:3b:aa:0b:b6:86:51:86:7b:99:00:62:cb:b3:e0:c2:
a4:bf:5d:24
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUSlnB/yizDQOPiKF9w9VQ39axg84wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTAyMDAwMDAwWhcNMjMwNTA1MjM1OTU5
WjCBpTFJMEcGA1UEBRNAZmFmMGQyNDIyNDk3ZGIwYzIxMTE4NmNlODQ2NTUxYzk0
OTA1YWU4YTY3MmI5ZGIzMWE1ZDk3M2NiY2M0NWY3ZDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMQvvZTjB9B9V/9uWQTca5j1ubP5xqx/kY/vqRj5qVS+KjH9KDDb
St1BItA/5exX7L8Rn/A7sxCU+20teZc5WjBnD/0HR/7A9TLI0VnGq/wSrh+ZA3I7
w2KVMVFVZhkPXHe3A5F/q0JMBFfro74ohxOj1gEOo+KdQedhmkAXAAUuPrbSVgHI
lnYIE6oMJ+JKLwEEsPdk3epe8ANguflDHSpJ0xhgQMGqRLi47I90TMhdZyi0L1fL
+U2RhhbKGsNOYLUlYoGYSxE3aDy2bcwR8IUrh2d1j2xMbpBQErEnd1KZPh+OW17e
S+VGP53YT/uGs78gD39evqYDGozPrIZimV8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBT+UvFHe92eU387W/MVFLXQqh5JmzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvMzMxYWUyNGYtNmEwYS00Y2UxLTk3N2QtNDJlMTkzMzM5NjMyLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKOJ5Ahpq3GMKKgQ
7ekFsomUiopSnXDSixuAmwT/pgFMDO3F12hescc8rqrqTwi0i9vivNrR6NukKOdy
J9AvnV/yyWWOSkjSq1ytJkOzmHfxiadN16w7AgByhvX+3GNovX6YGDV7uJJsf0eG
JORrCFxi3PM2UJl8v0YRoWBldCuUkoPXWXOrpvI3t2pCdpu83feULoK70XIvBCuh
bwdDTTL1K/RgXhWp0zLKkEl4ZulJyfII/kMjW13dXAaB5KvlVVV3Np9iyuMdUVcH
DAPFR3XL3DJEgdqqOANWlbgQLOSQhfmNIMnoH/UQGek3zjuqC7aGUYZ7mQBiy7Pg
wqS/XSQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:34 2023 by rpki-client on console-fra.rpki-client.org