Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3fa7b188-2c71-438f-a012-04e15dbed886.roa
File: 3fa7b188-2c71-438f-a012-04e15dbed886.roa (raw, json)
Hash identifier: dPi9iSk852q9bTv26LK4mazFipFCjEu49lyLKmk12Oo=
Subject key identifier: BA:C4:0B:0E:DA:67:AB:8E:1D:C9:7E:4D:33:9A:6C:BC:D4:1A:52:C9
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 57134B9F380F1B42CC250581132B441109ABC65A
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3fa7b188-2c71-438f-a012-04e15dbed886.roa
Signing time: Tue 16 May 2023 00:00:00 +0000
ROA not before: Tue 16 May 2023 00:00:00 +0000
ROA not after: Fri 19 May 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:13:4b:9f:38:0f:1b:42:cc:25:05:81:13:2b:44:11:09:ab:c6:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 16 00:00:00 2023 GMT
Not After : May 19 23:59:59 2023 GMT
Subject: serialNumber=5752a7e0a156d317952f129e1ea4fe33ffb7bcd6f811105267b8065246882724, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:62:66:7b:d3:15:90:81:17:a7:4b:7c:77:
0f:4f:74:a3:3f:8e:a0:04:40:c5:13:5c:fe:24:ae:
45:01:1e:86:77:32:82:e5:0d:9b:fa:84:0d:05:5c:
69:f6:e8:bc:c7:a2:be:09:5e:d8:b7:cb:b9:50:29:
da:d2:8a:82:60:d5:ea:24:9c:de:53:b2:06:c1:35:
34:52:aa:19:5d:98:58:d5:6a:57:06:ee:39:57:e3:
22:50:e4:dd:b3:34:22:1c:20:c5:25:3e:7a:5d:36:
38:87:40:36:14:e3:5b:9b:c8:45:82:39:45:73:e2:
89:f0:20:41:22:82:1e:ab:88:0e:5a:f2:18:31:39:
48:b5:d2:05:3a:aa:f3:9f:df:c9:60:1d:de:c2:fb:
af:11:62:fe:38:eb:b1:94:98:54:c4:24:c3:0e:42:
9b:2a:50:e6:00:f3:ee:dc:7e:85:6d:ab:d0:68:e0:
bc:ae:a9:97:f9:2b:f4:a0:2f:60:63:9f:ce:6f:14:
74:68:86:0f:2f:a1:f7:11:22:58:51:63:3a:a1:1b:
af:26:1a:56:4e:83:0d:41:51:7a:f3:91:5a:d6:0f:
f3:d9:11:1b:a4:66:90:86:13:26:e7:0d:08:24:a8:
4a:bf:0b:7e:2e:0f:cb:f1:7a:32:00:b3:45:24:78:
29:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C4:0B:0E:DA:67:AB:8E:1D:C9:7E:4D:33:9A:6C:BC:D4:1A:52:C9
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/3fa7b188-2c71-438f-a012-04e15dbed886.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d0:96:a1:0c:a5:d8:22:88:0a:c8:a6:5c:01:b6:18:13:8a:
32:20:4e:be:ce:95:70:a7:ec:dc:e5:f0:f8:00:e8:59:47:a8:
47:c7:27:b4:da:5f:f2:75:e6:c1:91:12:fa:98:5f:af:20:79:
88:91:1a:90:23:05:3b:6c:9f:f1:59:5e:d9:11:4b:74:e6:07:
3c:1e:cc:a8:8d:e7:ce:d3:5a:d9:de:ce:80:1d:76:d6:ae:54:
90:c2:6b:ae:55:7c:6f:24:52:19:17:00:fe:d2:d9:15:e5:67:
84:e3:ad:cd:1b:00:3d:3d:99:5a:68:b2:36:4c:8b:7a:cb:75:
46:cf:60:07:cf:bf:cf:43:ea:d2:52:67:55:89:38:15:17:4a:
30:fb:37:76:c2:0a:e8:01:b7:8a:3c:32:8c:17:d6:07:b7:a1:
27:bd:d9:ae:fb:99:80:d4:79:39:4e:eb:76:74:55:c1:52:e7:
84:0f:65:fd:39:9e:85:cb:bf:39:c1:df:4a:f0:5d:64:6d:96:
00:8f:4c:0d:a6:10:12:7f:78:35:16:9a:8d:81:d3:f1:c3:19:
33:5c:b2:13:8b:d5:48:38:d6:0a:f2:18:0b:6a:5f:d3:b3:bb:
db:e6:c1:25:e8:0d:f9:f1:02:7b:30:6b:df:6c:6e:85:14:a4:
a3:46:0f:18
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUVxNLnzgPG0LMJQWBEytEEQmrxlowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTE2MDAwMDAwWhcNMjMwNTE5MjM1OTU5
WjCBpTFJMEcGA1UEBRNANTc1MmE3ZTBhMTU2ZDMxNzk1MmYxMjllMWVhNGZlMzNm
ZmI3YmNkNmY4MTExMDUyNjdiODA2NTI0Njg4MjcyNDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJ8lYmZ70xWQgRenS3x3D090oz+OoARAxRNc/iSuRQEehncyguUN
m/qEDQVcafbovMeivgle2LfLuVAp2tKKgmDV6iSc3lOyBsE1NFKqGV2YWNVqVwbu
OVfjIlDk3bM0IhwgxSU+el02OIdANhTjW5vIRYI5RXPiifAgQSKCHquIDlryGDE5
SLXSBTqq85/fyWAd3sL7rxFi/jjrsZSYVMQkww5CmypQ5gDz7tx+hW2r0GjgvK6p
l/kr9KAvYGOfzm8UdGiGDy+h9xEiWFFjOqEbryYaVk6DDUFRevORWtYP89kRG6Rm
kIYTJucNCCSoSr8Lfi4Py/F6MgCzRSR4KcsCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBS6xAsO2merjh3Jfk0zmmy81BpSyTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvM2ZhN2IxODgtMmM3MS00MzhmLWEwMTItMDRlMTVkYmVkODg2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADDQlqEMpdgiiArI
plwBthgTijIgTr7OlXCn7Nzl8PgA6FlHqEfHJ7TaX/J15sGREvqYX68geYiRGpAj
BTtsn/FZXtkRS3TmBzwezKiN587TWtnezoAddtauVJDCa65VfG8kUhkXAP7S2RXl
Z4Tjrc0bAD09mVposjZMi3rLdUbPYAfPv89D6tJSZ1WJOBUXSjD7N3bCCugBt4o8
MowX1ge3oSe92a77mYDUeTlO63Z0VcFS54QPZf05noXLvznB30rwXWRtlgCPTA2m
EBJ/eDUWmo2B0/HDGTNcshOL1Ug41gryGAtqX9Ozu9vmwSXoDfnxAnswa99sboUU
pKNGDxg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:35 2023 by rpki-client on console-fra.rpki-client.org