Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3c47fdab-1328-43b5-a141-4b6d2d054125.roa
File: 3c47fdab-1328-43b5-a141-4b6d2d054125.roa (raw, json)
Hash identifier: rg0Cpat9HAtPZvi8w/Mzieopp5FuWw5yoie3V863eeM=
Subject key identifier: 6C:29:C9:69:68:D6:77:F8:CB:B7:7C:40:56:78:99:27:EA:42:50:3C
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 6A51E09E284DFBDD57C2094398143F26A5C5D39B
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3c47fdab-1328-43b5-a141-4b6d2d054125.roa
Signing time: Tue 25 Apr 2023 00:00:00 +0000
ROA not before: Tue 25 Apr 2023 00:00:00 +0000
ROA not after: Fri 28 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:51:e0:9e:28:4d:fb:dd:57:c2:09:43:98:14:3f:26:a5:c5:d3:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 25 00:00:00 2023 GMT
Not After : Apr 28 23:59:59 2023 GMT
Subject: serialNumber=a143dcc755f5a8dd62ae36c91d18cf243779a457cc8c0072d0d9680f6b90af8a, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:79:46:3c:35:41:10:e1:77:1d:d5:61:6b:b0:
fe:63:12:fc:dc:ed:17:15:65:20:55:86:b3:b6:41:
58:74:84:eb:f5:9c:f0:e7:15:1f:02:b6:8a:b8:0a:
6d:d9:4e:73:c7:0e:ae:f5:fd:3d:d7:1e:c2:01:fa:
b2:9d:09:55:3b:df:f7:5c:43:2f:4d:ed:bc:5e:35:
fe:f9:6d:5b:a6:44:15:98:e7:0a:fd:10:46:d5:f7:
10:cf:20:e1:fd:94:a9:ff:33:97:13:40:aa:71:75:
22:07:d1:e9:9f:82:25:af:c7:1c:13:50:09:d6:34:
30:c1:ff:7c:69:41:ea:4c:0e:03:d9:f6:ac:0e:2f:
ca:aa:c7:ed:e5:aa:9b:28:eb:a6:f1:81:f1:a2:07:
48:80:bf:82:35:1d:51:08:d4:44:0b:38:d3:be:ec:
0f:ba:15:62:89:17:f6:46:14:f2:68:84:ea:65:47:
a3:c2:53:41:55:35:00:87:d2:27:82:55:bf:17:a8:
7a:a7:f1:73:20:e5:6a:a3:3e:a4:e0:2c:c3:99:ce:
67:de:c4:b8:10:4b:a6:76:09:53:e3:8f:b4:bc:ff:
b6:ed:d4:fa:78:07:8a:5b:9a:67:25:6c:50:f7:15:
a0:e5:06:de:e6:4a:bf:55:da:e1:a6:e5:33:da:4f:
f7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:29:C9:69:68:D6:77:F8:CB:B7:7C:40:56:78:99:27:EA:42:50:3C
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3c47fdab-1328-43b5-a141-4b6d2d054125.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:36:63:f0:e9:31:79:a4:04:72:28:87:cd:11:8c:95:0f:38:
9e:0e:6c:fc:05:d6:b4:9e:d6:a2:38:09:76:7f:bf:17:7c:f3:
74:0c:6c:17:08:47:46:26:c3:61:18:04:94:47:c7:1a:54:b3:
d1:93:b8:27:54:b9:a0:71:1e:46:4e:0d:4b:50:68:6d:d1:52:
5c:bd:fa:84:9d:d2:da:64:31:0d:91:e0:9c:04:0f:52:2e:1c:
06:d6:c2:12:f1:0a:4f:32:3b:e4:7e:04:bd:aa:81:6d:1a:8e:
33:68:2f:a9:02:eb:cb:c7:33:10:26:37:75:f7:a7:05:49:1a:
c8:6f:20:7f:4c:eb:19:d5:3d:43:b1:06:27:7d:d1:a8:1c:f5:
5d:05:b9:03:d6:44:f2:d8:cd:f9:c6:f4:c9:a8:f8:7d:9d:33:
6b:cc:ee:88:57:ae:50:78:1b:c3:3c:a0:05:ca:a4:38:0e:02:
e1:3f:c2:0f:fd:6c:2a:73:f2:5d:96:de:1c:8d:ea:81:d6:65:
93:74:19:0b:c5:7e:1e:2c:70:cc:c9:eb:ae:0a:85:68:4f:49:
2f:ab:f5:af:46:48:12:b1:14:e5:e1:5c:90:65:f1:d5:a0:45:
53:a0:1a:2d:87:1e:bb:4e:9b:ad:bb:62:15:4e:1a:6d:7a:36:
1f:1a:fb:b3
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUalHgnihN+91XwglDmBQ/JqXF05swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDI1MDAwMDAwWhcNMjMwNDI4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYTE0M2RjYzc1NWY1YThkZDYyYWUzNmM5MWQxOGNmMjQz
Nzc5YTQ1N2NjOGMwMDcyZDBkOTY4MGY2YjkwYWY4YTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMh5Rjw1QRDhdx3VYWuw/mMS/NztFxVlIFWGs7ZBWHSE6/Wc8OcV
HwK2irgKbdlOc8cOrvX9PdcewgH6sp0JVTvf91xDL03tvF41/vltW6ZEFZjnCv0Q
RtX3EM8g4f2Uqf8zlxNAqnF1IgfR6Z+CJa/HHBNQCdY0MMH/fGlB6kwOA9n2rA4v
yqrH7eWqmyjrpvGB8aIHSIC/gjUdUQjURAs4077sD7oVYokX9kYU8miE6mVHo8JT
QVU1AIfSJ4JVvxeoeqfxcyDlaqM+pOAsw5nOZ97EuBBLpnYJU+OPtLz/tu3U+ngH
iluaZyVsUPcVoOUG3uZKv1Xa4ablM9pP9x8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRsKclpaNZ3+Mu3fEBWeJkn6kJQPDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvM2M0N2ZkYWItMTMyOC00M2I1LWExNDEtNGI2ZDJkMDU0MTI1LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA42Y/DpMXmkBHIo
h80RjJUPOJ4ObPwF1rSe1qI4CXZ/vxd883QMbBcIR0Ymw2EYBJRHxxpUs9GTuCdU
uaBxHkZODUtQaG3RUly9+oSd0tpkMQ2R4JwED1IuHAbWwhLxCk8yO+R+BL2qgW0a
jjNoL6kC68vHMxAmN3X3pwVJGshvIH9M6xnVPUOxBid90agc9V0FuQPWRPLYzfnG
9Mmo+H2dM2vM7ohXrlB4G8M8oAXKpDgOAuE/wg/9bCpz8l2W3hyN6oHWZZN0GQvF
fh4scMzJ664KhWhPSS+r9a9GSBKxFOXhXJBl8dWgRVOgGi2HHrtOm627YhVOGm16
Nh8a+7M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:35 2023 by rpki-client on console-fra.rpki-client.org