Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/41c4c543-42ea-43e3-a707-f04362cda0dc.roa
File: 41c4c543-42ea-43e3-a707-f04362cda0dc.roa (raw, json)
Hash identifier: AtUFJia00gPqjBeEHZdfDFuMCdW+FjCMgo76bCd0HvM=
Subject key identifier: 89:0D:9D:50:6E:57:0B:A4:78:36:99:0C:1C:0E:60:CA:FE:E4:8A:6D
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 37F48C8938D82B876A5189509DE24FC24AB34B95
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/41c4c543-42ea-43e3-a707-f04362cda0dc.roa
Signing time: Mon 03 Apr 2023 00:00:00 +0000
ROA not before: Mon 03 Apr 2023 00:00:00 +0000
ROA not after: Thu 06 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:f4:8c:89:38:d8:2b:87:6a:51:89:50:9d:e2:4f:c2:4a:b3:4b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 3 00:00:00 2023 GMT
Not After : Apr 6 23:59:59 2023 GMT
Subject: serialNumber=0e9f0b496e7e8b1fb9ce2a73ee02a3085dee97610b7ded5ffa5bbca74cdde4f1, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:d2:df:4d:01:2e:30:34:14:1a:b8:33:e8:
b9:12:7b:c3:c3:6f:9f:02:09:dd:4b:d0:0e:10:17:
45:a4:2f:d8:01:80:2b:15:fd:8f:24:28:eb:91:b3:
31:56:ef:15:2c:0b:32:e5:90:aa:ad:b6:26:b7:44:
f6:d4:03:16:02:8f:a6:f8:45:a0:61:cc:28:08:8e:
8e:99:0d:ed:2a:c3:fb:16:98:c6:69:38:90:2f:ea:
3b:a3:8f:91:ce:e4:29:27:3f:50:de:0e:1e:7f:24:
b4:d9:a5:61:72:bc:d0:ec:14:19:1e:d9:9f:a8:be:
f3:3f:b7:81:e9:83:1d:3c:a0:ed:46:5b:8f:09:a7:
a7:04:d6:55:20:10:b6:a0:7b:38:99:ae:52:0b:bc:
48:5d:d0:7c:84:0e:bb:84:3d:29:7c:31:e7:c2:de:
49:d8:40:ab:f9:80:17:fb:9f:d7:65:9d:aa:59:9c:
27:8d:47:70:c4:3c:0f:cc:e4:4c:a6:26:05:04:06:
3c:d4:88:c8:56:5a:8d:87:6f:2b:f0:77:f4:74:b9:
37:65:87:aa:25:60:6c:3f:eb:eb:f2:68:d3:07:1f:
19:eb:ba:54:5a:cd:0d:72:99:9b:85:0d:a0:af:1d:
25:e4:16:97:ba:a3:ef:17:31:17:15:d8:79:84:1e:
70:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0D:9D:50:6E:57:0B:A4:78:36:99:0C:1C:0E:60:CA:FE:E4:8A:6D
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/41c4c543-42ea-43e3-a707-f04362cda0dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
96:d4:52:dc:66:23:d1:64:cb:d3:f1:32:ae:5e:58:ef:b5:04:
be:28:f9:d0:9f:22:45:cf:87:8f:3e:34:b3:67:bd:59:7c:a1:
94:be:4c:54:6a:65:84:ad:ed:6d:c8:0b:fe:48:4f:ef:fd:68:
4a:c8:b3:32:4b:8b:61:1b:b4:8b:3a:3c:2b:b4:4f:c9:c6:a7:
3c:99:5a:f4:67:0c:83:e2:5d:c1:bf:dc:0f:a2:65:5e:37:aa:
58:ed:b3:c1:51:7f:49:9a:e9:91:d3:18:d1:30:11:bf:5f:2f:
59:33:b4:b2:d4:34:4f:49:1a:e2:25:80:90:a5:02:d4:b1:4b:
5a:07:2d:b7:3b:ba:64:69:3d:2e:ed:7d:75:79:86:1a:15:05:
9e:08:0c:d8:9e:92:f5:04:fa:d5:c9:fb:f9:81:90:6c:fe:4a:
82:e2:41:e8:9b:79:84:b6:9b:b9:b3:54:c7:7f:c7:3c:04:99:
01:1e:de:3e:c8:f9:38:6a:96:8a:f6:e1:07:89:b5:9e:bd:69:
3f:e3:b6:0d:bd:b5:f4:8b:36:93:a0:ca:3f:a1:6d:63:a4:ae:
8a:07:62:37:26:03:c1:37:3c:52:d8:c7:82:48:7d:d5:3a:d7:
bc:ed:6c:67:67:57:5b:d2:df:23:0b:bf:f8:4a:6b:b8:44:f9:
7c:22:8b:45
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUN/SMiTjYK4dqUYlQneJPwkqzS5UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDAzMDAwMDAwWhcNMjMwNDA2MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMGU5ZjBiNDk2ZTdlOGIxZmI5Y2UyYTczZWUwMmEzMDg1
ZGVlOTc2MTBiN2RlZDVmZmE1YmJjYTc0Y2RkZTRmMTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKuV0t9NAS4wNBQauDPouRJ7w8NvnwIJ3UvQDhAXRaQv2AGAKxX9
jyQo65GzMVbvFSwLMuWQqq22JrdE9tQDFgKPpvhFoGHMKAiOjpkN7SrD+xaYxmk4
kC/qO6OPkc7kKSc/UN4OHn8ktNmlYXK80OwUGR7Zn6i+8z+3gemDHTyg7UZbjwmn
pwTWVSAQtqB7OJmuUgu8SF3QfIQOu4Q9KXwx58LeSdhAq/mAF/uf12WdqlmcJ41H
cMQ8D8zkTKYmBQQGPNSIyFZajYdvK/B39HS5N2WHqiVgbD/r6/Jo0wcfGeu6VFrN
DXKZm4UNoK8dJeQWl7qj7xcxFxXYeYQecDcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSJDZ1QblcLpHg2mQwcDmDK/uSKbTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNDFjNGM1NDMtNDJlYS00M2UzLWE3MDctZjA0MzYyY2RhMGRjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJbUUtxmI9Fky9Px
Mq5eWO+1BL4o+dCfIkXPh48+NLNnvVl8oZS+TFRqZYSt7W3IC/5IT+/9aErIszJL
i2EbtIs6PCu0T8nGpzyZWvRnDIPiXcG/3A+iZV43qljts8FRf0ma6ZHTGNEwEb9f
L1kztLLUNE9JGuIlgJClAtSxS1oHLbc7umRpPS7tfXV5hhoVBZ4IDNiekvUE+tXJ
+/mBkGz+SoLiQeibeYS2m7mzVMd/xzwEmQEe3j7I+Thqlor24QeJtZ69aT/jtg29
tfSLNpOgyj+hbWOkrooHYjcmA8E3PFLYx4JIfdU617ztbGdnV1vS3yMLv/hKa7hE
+Xwii0U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:35 2023 by rpki-client on console-fra.rpki-client.org