Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3be4b062-98fe-4903-b35a-1ef96900d22c.roa
File: 3be4b062-98fe-4903-b35a-1ef96900d22c.roa (raw, json)
Hash identifier: 2RVo8JzGCSBMWIy8h2hXZge8HaJESSpB9UEK6hNUMAk=
Subject key identifier: 78:17:22:E5:57:E6:98:AE:0B:41:D6:45:BA:84:87:32:6A:F7:F0:4B
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 42679A8FE355D3162AA3675E03D90DE48562F5E0
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3be4b062-98fe-4903-b35a-1ef96900d22c.roa
Signing time: Mon 29 May 2023 00:00:00 +0000
ROA not before: Mon 29 May 2023 00:00:00 +0000
ROA not after: Thu 01 Jun 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:67:9a:8f:e3:55:d3:16:2a:a3:67:5e:03:d9:0d:e4:85:62:f5:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 29 00:00:00 2023 GMT
Not After : Jun 1 23:59:59 2023 GMT
Subject: serialNumber=1708725685d83f87e2ee02c4874a884f68a9fecd3152fa8feb723884824b1a41, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e3:22:8a:1a:16:5a:ea:59:41:f0:03:bd:ca:
25:45:ba:4f:48:12:2a:23:9c:34:a6:91:65:dc:c2:
8a:25:3e:5f:2b:3b:46:44:09:47:e1:14:29:de:a4:
81:d7:d0:b1:b9:91:ef:bd:f5:5b:df:2d:23:7b:9d:
ab:13:8d:5c:34:16:ba:d5:53:67:90:fe:16:8f:6e:
b1:69:7f:77:b5:c2:22:63:d9:41:50:13:e4:d9:55:
7f:40:13:6d:68:a5:5e:45:b7:ab:14:43:20:b6:fd:
83:fb:4f:74:03:fe:e1:3b:43:b5:26:e4:9a:13:8d:
49:be:62:f8:6a:18:8f:69:ec:3f:71:cc:cf:80:d1:
48:7c:a3:4c:62:d2:a3:86:23:60:fe:ff:c0:74:1e:
54:a6:36:91:22:22:a7:d8:10:6c:61:8d:da:c9:66:
77:ec:92:16:d9:c5:fe:26:7c:e2:f4:b2:a9:38:2e:
76:e2:69:6e:09:35:dc:3d:27:7f:58:94:06:24:66:
db:38:e7:a3:dc:97:c0:ee:b3:b7:3e:c8:a6:5e:8f:
04:22:bb:80:7a:a7:41:f3:87:17:d3:de:de:e1:75:
ab:b9:db:d8:65:7c:fe:d7:66:a2:1b:42:e8:fd:37:
c9:01:ec:59:b1:f9:cc:c8:a5:2f:3d:80:f9:07:ce:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:17:22:E5:57:E6:98:AE:0B:41:D6:45:BA:84:87:32:6A:F7:F0:4B
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3be4b062-98fe-4903-b35a-1ef96900d22c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
71:11:75:ab:d1:cc:97:22:fa:05:13:1d:1c:a2:90:28:65:48:
ea:4e:dd:0e:a6:3a:9f:7f:a3:08:77:bb:9f:ac:2a:91:77:df:
67:46:fb:23:f2:02:ab:e0:67:2d:21:ca:3e:62:eb:df:7a:65:
30:f9:1f:04:90:33:50:9f:d6:44:3d:10:55:29:f2:b6:3f:a1:
cf:6c:08:b7:f5:53:7b:64:b5:ef:3b:72:53:d4:ce:4e:55:63:
a7:98:31:45:e1:3d:f0:d2:e9:04:07:38:ee:df:77:05:60:d7:
5c:fa:bb:9d:85:2a:53:2d:80:67:76:8f:09:9a:12:82:8c:f6:
11:58:49:c3:8d:1c:cb:cf:dd:4f:c4:8c:a0:00:e9:be:ca:cb:
40:1a:f4:c4:2b:ce:bf:10:8f:e0:bb:e1:66:88:84:23:91:cf:
67:1c:86:63:90:7a:90:26:0b:be:d7:a9:4b:d4:eb:a6:cc:f4:
72:6d:48:f1:94:82:0e:4d:8a:56:f8:c6:ec:96:14:42:6c:60:
3f:6c:01:00:25:d2:fd:57:2b:5b:d4:99:ee:e9:51:47:95:e1:
9b:71:3b:71:99:55:7b:2b:82:38:23:60:7e:84:f0:bc:de:53:
f4:4a:34:84:bf:1a:fd:48:14:8a:47:bb:e7:f0:8a:47:a2:b1:
17:87:5f:26
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUQmeaj+NV0xYqo2deA9kN5IVi9eAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTI5MDAwMDAwWhcNMjMwNjAxMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMTcwODcyNTY4NWQ4M2Y4N2UyZWUwMmM0ODc0YTg4NGY2
OGE5ZmVjZDMxNTJmYThmZWI3MjM4ODQ4MjRiMWE0MTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJfjIooaFlrqWUHwA73KJUW6T0gSKiOcNKaRZdzCiiU+Xys7RkQJ
R+EUKd6kgdfQsbmR7731W98tI3udqxONXDQWutVTZ5D+Fo9usWl/d7XCImPZQVAT
5NlVf0ATbWilXkW3qxRDILb9g/tPdAP+4TtDtSbkmhONSb5i+GoYj2nsP3HMz4DR
SHyjTGLSo4YjYP7/wHQeVKY2kSIip9gQbGGN2slmd+ySFtnF/iZ84vSyqTguduJp
bgk13D0nf1iUBiRm2zjno9yXwO6ztz7Ipl6PBCK7gHqnQfOHF9Pe3uF1q7nb2GV8
/tdmohtC6P03yQHsWbH5zMilLz2A+QfOB1sCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBR4FyLlV+aYrgtB1kW6hIcyavfwSzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvM2JlNGIwNjItOThmZS00OTAzLWIzNWEtMWVmOTY5MDBkMjJjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHERdavRzJci+gUT
HRyikChlSOpO3Q6mOp9/owh3u5+sKpF332dG+yPyAqvgZy0hyj5i6996ZTD5HwSQ
M1Cf1kQ9EFUp8rY/oc9sCLf1U3tkte87clPUzk5VY6eYMUXhPfDS6QQHOO7fdwVg
11z6u52FKlMtgGd2jwmaEoKM9hFYScONHMvP3U/EjKAA6b7Ky0Aa9MQrzr8Qj+C7
4WaIhCORz2cchmOQepAmC77XqUvU66bM9HJtSPGUgg5Nilb4xuyWFEJsYD9sAQAl
0v1XK1vUme7pUUeV4ZtxO3GZVXsrgjgjYH6E8LzeU/RKNIS/Gv1IFIpHu+fwikei
sReHXyY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:40 2023 by rpki-client on console-ams.rpki-client.org