Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/43182371-52b7-48a7-92e7-9eedc009a215.roa
File: 43182371-52b7-48a7-92e7-9eedc009a215.roa (raw, json)
Hash identifier: PScfA542umESKz5Wf1K60uUcrAjhBkoxPhPw60UGmSc=
Subject key identifier: C4:91:AA:40:23:40:A8:3A:E7:61:1F:0C:73:3E:CC:4D:5B:28:AB:23
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 20DD653300A5903BA82BCD5FE2BBA85A8816D465
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/43182371-52b7-48a7-92e7-9eedc009a215.roa
Signing time: Sat 18 Mar 2023 00:00:00 +0000
ROA not before: Sat 18 Mar 2023 00:00:00 +0000
ROA not after: Tue 21 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:dd:65:33:00:a5:90:3b:a8:2b:cd:5f:e2:bb:a8:5a:88:16:d4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 18 00:00:00 2023 GMT
Not After : Mar 21 23:59:59 2023 GMT
Subject: serialNumber=adb6f0eaeea7aa09bd94250db608c6d1b7ff4a01e2d31afe3786584c3b00e84f, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:48:e9:a6:da:54:50:16:49:4f:69:5b:34:c8:
e7:fb:12:d3:2b:fc:32:d0:19:d2:10:b9:5e:51:5c:
c2:db:e3:a7:18:78:97:46:d0:c7:43:96:f2:a0:2d:
e9:a4:51:86:73:76:6e:f5:8b:9f:56:56:c0:f8:75:
b3:e6:f2:8b:35:c8:f6:4f:1c:81:4d:02:0f:d1:b8:
95:44:c0:da:ce:26:cb:53:8b:31:bc:0e:a4:2e:ff:
19:a5:1b:0e:8e:b1:64:81:ac:d8:4d:a0:39:30:53:
5b:e5:a6:b9:d9:69:97:36:13:14:2b:c2:97:83:77:
99:e1:2d:7b:78:f1:55:c4:03:5e:a7:df:9a:75:f5:
ab:ea:ae:5c:95:a6:f5:bf:fd:30:34:7f:2b:93:89:
3c:02:20:f8:de:a9:71:5b:75:e4:d5:91:4c:5f:ec:
96:45:cc:38:bf:f9:4a:07:82:6e:be:ed:a7:fc:9c:
45:e6:39:c2:67:f1:21:0f:19:55:23:c9:fc:04:5f:
31:4c:c1:40:38:bc:b2:04:48:af:61:7b:97:4c:42:
3b:81:36:0f:67:fc:02:d0:15:b8:6a:2b:38:8a:ab:
dd:68:9c:17:c0:98:60:b5:63:f6:7f:2e:ee:d5:b2:
ea:bd:0f:2a:5e:74:9f:97:f1:af:39:1e:83:1e:4c:
93:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:91:AA:40:23:40:A8:3A:E7:61:1F:0C:73:3E:CC:4D:5B:28:AB:23
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/43182371-52b7-48a7-92e7-9eedc009a215.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:44:05:28:5a:f1:42:1e:f2:8f:d6:9f:b3:67:e0:82:46:36:
b2:03:65:cd:28:37:b2:21:59:8e:78:95:12:7c:c9:7f:39:11:
23:31:47:fd:d4:b4:3a:27:43:7d:3f:bb:c8:7c:5c:ac:ce:21:
fb:01:7b:bf:f0:28:41:e3:d1:ba:c4:46:ff:34:7e:13:ca:58:
c7:01:3b:6a:81:dd:73:41:21:4b:05:35:9d:0f:44:aa:c1:85:
ac:af:dc:ed:28:0b:3f:7f:3b:37:fe:7e:c3:5e:8f:d4:3e:36:
91:62:3a:67:e9:ca:a8:1c:cb:f2:96:4f:8d:c6:38:92:d0:5b:
08:2a:cb:9f:a1:cb:fe:16:0a:54:d1:71:fc:17:80:24:ce:7c:
e2:fe:f5:b5:99:ee:54:6f:a7:16:b7:49:19:45:a3:62:1d:54:
d9:a6:b0:0b:c7:75:36:43:96:44:5b:b4:e6:33:31:cc:0e:2f:
8d:6c:6e:d4:48:a2:dc:18:5f:bc:6d:f5:52:63:82:6a:c7:b1:
78:f6:87:38:f6:14:88:eb:86:d6:9d:5d:05:9d:fe:65:98:64:
ec:e2:c7:1d:0c:6f:8d:3f:c2:6a:0c:20:4d:61:ae:33:bf:48:
28:55:b6:e9:6e:0a:54:60:54:b3:90:3f:2e:25:0d:7a:38:50:
d4:c2:60:96
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUIN1lMwClkDuoK81f4ruoWogW1GUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzE4MDAwMDAwWhcNMjMwMzIxMjM1OTU5
WjCBpTFJMEcGA1UEBRNAYWRiNmYwZWFlZWE3YWEwOWJkOTQyNTBkYjYwOGM2ZDFi
N2ZmNGEwMWUyZDMxYWZlMzc4NjU4NGMzYjAwZTg0ZjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK5I6abaVFAWSU9pWzTI5/sS0yv8MtAZ0hC5XlFcwtvjpxh4l0bQ
x0OW8qAt6aRRhnN2bvWLn1ZWwPh1s+byizXI9k8cgU0CD9G4lUTA2s4my1OLMbwO
pC7/GaUbDo6xZIGs2E2gOTBTW+WmudlplzYTFCvCl4N3meEte3jxVcQDXqffmnX1
q+quXJWm9b/9MDR/K5OJPAIg+N6pcVt15NWRTF/slkXMOL/5SgeCbr7tp/ycReY5
wmfxIQ8ZVSPJ/ARfMUzBQDi8sgRIr2F7l0xCO4E2D2f8AtAVuGorOIqr3WicF8CY
YLVj9n8u7tWy6r0PKl50n5fxrzkegx5MkycCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTEkapAI0CoOudhHwxzPsxNWyirIzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNDMxODIzNzEtNTJiNy00OGE3LTkyZTctOWVlZGMwMDlhMjE1LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAApEBSha8UIe8o/W
n7Nn4IJGNrIDZc0oN7IhWY54lRJ8yX85ESMxR/3UtDonQ30/u8h8XKzOIfsBe7/w
KEHj0brERv80fhPKWMcBO2qB3XNBIUsFNZ0PRKrBhayv3O0oCz9/Ozf+fsNej9Q+
NpFiOmfpyqgcy/KWT43GOJLQWwgqy5+hy/4WClTRcfwXgCTOfOL+9bWZ7lRvpxa3
SRlFo2IdVNmmsAvHdTZDlkRbtOYzMcwOL41sbtRIotwYX7xt9VJjgmrHsXj2hzj2
FIjrhtadXQWd/mWYZOzixx0Mb40/wmoMIE1hrjO/SChVtuluClRgVLOQPy4lDXo4
UNTCYJY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:35 2023 by rpki-client on console-fra.rpki-client.org