Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/429b415c-50f9-4a0f-8d98-1581c9a3cd47.roa
File: 429b415c-50f9-4a0f-8d98-1581c9a3cd47.roa (raw, json)
Hash identifier: o2C6MNzMaDFppHafMJkWRrKhvX+KtHDXLCC+KS1ML+4=
Subject key identifier: 04:DC:70:FA:31:66:D7:86:C4:50:DF:F9:58:56:0D:78:CD:E9:4A:8A
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 0947AFECBE6350463141474545756DACD49C4A8F
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/429b415c-50f9-4a0f-8d98-1581c9a3cd47.roa
Signing time: Tue 06 Jun 2023 00:00:00 +0000
ROA not before: Tue 06 Jun 2023 00:00:00 +0000
ROA not after: Fri 09 Jun 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:47:af:ec:be:63:50:46:31:41:47:45:45:75:6d:ac:d4:9c:4a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Jun 6 00:00:00 2023 GMT
Not After : Jun 9 23:59:59 2023 GMT
Subject: serialNumber=62ef260144f061993bf82d9a22142ed5cb7777e53c54f9be5f68cb11cb5e279a, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:04:47:24:92:93:93:41:d7:34:bc:c0:b9:f4:
4c:99:4e:3d:27:d4:0d:79:a4:3a:a2:6b:ab:f7:19:
e8:58:f3:ef:69:d9:04:37:96:f7:e0:db:93:c7:8b:
fa:d7:03:a7:64:f2:8f:85:e2:0d:68:f1:df:86:9c:
f5:ed:f4:7d:29:4c:97:91:9a:af:47:1d:b1:e0:ad:
fa:14:d2:83:38:80:71:7d:21:ed:db:21:e6:f0:91:
84:a4:e3:c7:35:2b:29:43:b5:e1:e3:8a:8e:76:dc:
08:d1:cb:b9:44:82:08:ce:46:c6:7c:93:18:44:30:
a9:3f:7b:52:4a:12:51:a4:8f:44:86:4c:40:69:42:
0a:ba:02:5b:3d:67:54:5a:7a:10:3d:b7:34:2d:c9:
0c:a5:9f:69:d2:45:cb:00:ee:4c:ed:d5:b8:df:af:
48:d8:ab:d1:7a:21:89:45:ee:ad:e0:c7:e8:29:23:
b9:35:dc:bb:dd:76:f1:98:24:82:fd:cf:8a:38:16:
be:7a:e6:a4:f3:4e:2b:f1:2e:ea:93:2d:cf:3c:a0:
21:87:6a:85:da:cc:8d:47:02:a4:ca:72:0f:a7:67:
b1:af:69:93:6d:28:53:37:4a:4f:a0:4a:af:65:65:
5b:19:41:9a:99:8f:8f:04:86:a3:46:60:38:fe:a6:
f8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DC:70:FA:31:66:D7:86:C4:50:DF:F9:58:56:0D:78:CD:E9:4A:8A
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/429b415c-50f9-4a0f-8d98-1581c9a3cd47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
71:e8:c7:ec:0b:c7:c5:17:38:73:b0:17:8a:72:3e:92:09:d2:
45:58:11:9a:57:22:26:f2:58:85:b7:c0:dd:7e:d0:08:7f:f9:
21:a8:3b:eb:0e:38:cb:af:52:83:b5:7b:70:e8:4a:ca:0d:a7:
d5:03:65:cc:38:79:ed:fc:b6:60:0e:e6:12:a4:34:80:f7:80:
a6:c7:80:1b:ca:51:b7:93:ee:dd:80:f1:43:10:49:4d:9d:0e:
b1:ca:4d:73:84:0c:25:e6:42:8e:c1:f7:3b:5c:81:ee:53:66:
49:e6:ab:3c:63:d8:77:08:5c:27:36:19:03:fe:55:55:a9:65:
c1:8a:8a:60:bb:d5:9d:c6:a7:b8:a1:bc:47:d7:eb:08:7d:3e:
93:e7:45:29:5e:92:92:3e:a6:b6:fa:c5:14:c2:67:9b:5a:03:
bc:18:3d:b8:4f:65:43:66:6b:49:0c:83:1f:f7:07:9d:3a:fc:
fa:1e:eb:16:b5:64:dc:e1:88:5c:23:bb:f7:d8:1a:3b:db:92:
0e:17:21:8d:84:11:84:34:8a:e7:db:0f:bb:85:5a:5e:76:36:
f5:47:20:65:28:e5:9c:98:42:79:c3:91:eb:78:72:f8:cb:a3:
af:a8:37:77:1c:6b:cf:44:a7:fc:3a:a8:f0:73:86:be:2b:1f:
7c:c4:7b:22
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUCUev7L5jUEYxQUdFRXVtrNScSo8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNjA2MDAwMDAwWhcNMjMwNjA5MjM1OTU5
WjCBpTFJMEcGA1UEBRNANjJlZjI2MDE0NGYwNjE5OTNiZjgyZDlhMjIxNDJlZDVj
Yjc3NzdlNTNjNTRmOWJlNWY2OGNiMTFjYjVlMjc5YTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALYERySSk5NB1zS8wLn0TJlOPSfUDXmkOqJrq/cZ6Fjz72nZBDeW
9+Dbk8eL+tcDp2Tyj4XiDWjx34ac9e30fSlMl5Gar0cdseCt+hTSgziAcX0h7dsh
5vCRhKTjxzUrKUO14eOKjnbcCNHLuUSCCM5GxnyTGEQwqT97UkoSUaSPRIZMQGlC
CroCWz1nVFp6ED23NC3JDKWfadJFywDuTO3VuN+vSNir0XohiUXureDH6CkjuTXc
u9128Zgkgv3PijgWvnrmpPNOK/Eu6pMtzzygIYdqhdrMjUcCpMpyD6dnsa9pk20o
UzdKT6BKr2VlWxlBmpmPjwSGo0ZgOP6m+BMCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQE3HD6MWbXhsRQ3/lYVg14zelKijAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNDI5YjQxNWMtNTBmOS00YTBmLThkOTgtMTU4MWM5YTNjZDQ3LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHHox+wLx8UXOHOw
F4pyPpIJ0kVYEZpXIibyWIW3wN1+0Ah/+SGoO+sOOMuvUoO1e3DoSsoNp9UDZcw4
ee38tmAO5hKkNID3gKbHgBvKUbeT7t2A8UMQSU2dDrHKTXOEDCXmQo7B9ztcge5T
Zknmqzxj2HcIXCc2GQP+VVWpZcGKimC71Z3Gp7ihvEfX6wh9PpPnRSlekpI+prb6
xRTCZ5taA7wYPbhPZUNma0kMgx/3B506/Poe6xa1ZNzhiFwju/fYGjvbkg4XIY2E
EYQ0iufbD7uFWl52NvVHIGUo5ZyYQnnDket4cvjLo6+oN3cca89Ep/w6qPBzhr4r
H3zEeyI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:41 2023 by rpki-client on console-ams.rpki-client.org