Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/432e6104-f752-4c46-84da-fe718399e419.roa
File: 432e6104-f752-4c46-84da-fe718399e419.roa (raw, json)
Hash identifier: LnCWnfen7VBqJPal1oEQbp8pMW3us6IC7QDFrgp5aVw=
Subject key identifier: B2:FF:CB:BA:D2:F9:05:81:29:2C:9B:89:53:5F:65:55:D5:FF:C8:40
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 5BB356FEEDD30E72ACEE414FE51FBDAF1E9F2E82
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/432e6104-f752-4c46-84da-fe718399e419.roa
Signing time: Sat 20 May 2023 00:00:00 +0000
ROA not before: Sat 20 May 2023 00:00:00 +0000
ROA not after: Tue 23 May 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:b3:56:fe:ed:d3:0e:72:ac:ee:41:4f:e5:1f:bd:af:1e:9f:2e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 20 00:00:00 2023 GMT
Not After : May 23 23:59:59 2023 GMT
Subject: serialNumber=8ccc57bc202f5ea660489cfe2e9dee662a65d233bf2c9a9539796ba180d6da76, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7b:f6:2a:12:cc:bd:4e:10:45:40:8e:6c:5f:
2d:84:23:33:ae:d8:af:f9:e0:23:91:ad:4f:82:3f:
da:df:bc:e5:01:05:b6:1c:d8:ae:dd:22:29:79:03:
13:15:0d:fa:bf:d6:19:35:07:35:04:83:86:98:c3:
fa:95:12:0e:a7:4d:47:02:a1:50:42:bf:14:18:bf:
a0:c5:ed:c1:44:cd:af:6a:53:7e:d9:94:cc:9e:5e:
4a:09:47:b8:43:d9:bc:de:76:06:b1:ce:8b:0c:75:
0e:ec:b5:55:97:ad:fe:10:1d:bb:c1:00:e9:cd:5a:
3f:7d:4f:e6:a2:61:6b:c4:3d:f6:22:92:8f:6a:b3:
35:d8:f3:83:8a:7c:67:68:cc:8d:ab:7f:e0:61:4a:
89:1e:75:00:65:dd:24:14:b5:8e:19:6c:93:d7:48:
30:46:b9:c6:c3:85:dc:32:fa:fd:51:61:ac:ac:c0:
7a:24:51:97:db:81:d1:c3:63:d0:9a:20:eb:0a:ef:
54:28:6a:e6:04:0f:d2:f4:99:98:b9:68:62:54:1b:
a6:90:e9:03:f1:c4:ef:00:8d:70:4a:c6:26:12:35:
69:c3:17:87:5f:cd:d4:02:ea:0f:db:97:0e:cd:6b:
5d:4a:8e:d8:99:58:6a:d4:b3:65:d0:00:d3:00:11:
c5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FF:CB:BA:D2:F9:05:81:29:2C:9B:89:53:5F:65:55:D5:FF:C8:40
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/432e6104-f752-4c46-84da-fe718399e419.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b1:f5:70:dc:f8:73:2e:94:11:aa:5b:49:3c:92:dc:53:08:
d3:d5:25:1e:ed:12:40:9c:f4:6b:3e:bc:26:19:15:7b:b1:86:
0d:39:79:9a:c2:4a:3a:dd:8b:63:b5:19:57:6c:d5:ef:34:a0:
86:2e:dd:7a:55:20:b6:f8:e5:d1:29:eb:b8:a9:55:85:61:68:
de:71:75:71:7c:87:80:fe:bc:36:24:27:0e:d7:68:bc:5e:a8:
54:d4:0b:2c:5e:eb:39:80:6a:0b:61:f0:1f:19:36:dc:a8:f0:
f7:64:4d:00:e8:c0:c6:10:9b:1d:21:ef:3a:2a:ec:31:73:8d:
3d:3b:11:a1:f7:65:4f:10:fc:1a:b6:25:cf:59:07:93:31:1e:
60:df:ec:d4:97:70:2d:64:61:af:85:ac:8b:17:12:d4:a4:68:
b3:39:d5:ec:4d:82:78:72:5a:4d:66:bb:34:0a:cb:17:35:51:
58:88:8c:7b:33:69:57:3c:19:b7:dd:50:4d:81:94:e0:05:f5:
ec:b4:be:be:a0:04:b2:e1:64:ce:75:52:2e:e4:b6:41:e3:51:
cd:6b:31:dd:6c:3f:31:1f:6c:0b:2e:63:fa:1f:eb:3e:7a:f8:
61:9f:e3:c9:25:0c:ad:89:10:e6:52:a2:fc:15:bd:b3:84:82:
88:8c:95:48
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUW7NW/u3TDnKs7kFP5R+9rx6fLoIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTIwMDAwMDAwWhcNMjMwNTIzMjM1OTU5
WjCBpTFJMEcGA1UEBRNAOGNjYzU3YmMyMDJmNWVhNjYwNDg5Y2ZlMmU5ZGVlNjYy
YTY1ZDIzM2JmMmM5YTk1Mzk3OTZiYTE4MGQ2ZGE3NjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKh79ioSzL1OEEVAjmxfLYQjM67Yr/ngI5GtT4I/2t+85QEFthzY
rt0iKXkDExUN+r/WGTUHNQSDhpjD+pUSDqdNRwKhUEK/FBi/oMXtwUTNr2pTftmU
zJ5eSglHuEPZvN52BrHOiwx1Duy1VZet/hAdu8EA6c1aP31P5qJha8Q99iKSj2qz
Ndjzg4p8Z2jMjat/4GFKiR51AGXdJBS1jhlsk9dIMEa5xsOF3DL6/VFhrKzAeiRR
l9uB0cNj0Jog6wrvVChq5gQP0vSZmLloYlQbppDpA/HE7wCNcErGJhI1acMXh1/N
1ALqD9uXDs1rXUqO2JlYatSzZdAA0wARxVkCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSy/8u60vkFgSksm4lTX2VV1f/IQDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNDMyZTYxMDQtZjc1Mi00YzQ2LTg0ZGEtZmU3MTgzOTllNDE5LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAACx9XDc+HMulBGq
W0k8ktxTCNPVJR7tEkCc9Gs+vCYZFXuxhg05eZrCSjrdi2O1GVds1e80oIYu3XpV
ILb45dEp67ipVYVhaN5xdXF8h4D+vDYkJw7XaLxeqFTUCyxe6zmAagth8B8ZNtyo
8PdkTQDowMYQmx0h7zoq7DFzjT07EaH3ZU8Q/Bq2Jc9ZB5MxHmDf7NSXcC1kYa+F
rIsXEtSkaLM51exNgnhyWk1muzQKyxc1UViIjHszaVc8GbfdUE2BlOAF9ey0vr6g
BLLhZM51Ui7ktkHjUc1rMd1sPzEfbAsuY/of6z56+GGf48klDK2JEOZSovwVvbOE
goiMlUg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:35 2023 by rpki-client on console-fra.rpki-client.org