Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/49a52380-a9b6-4eb4-88a6-068ce2c59304.roa
File: 49a52380-a9b6-4eb4-88a6-068ce2c59304.roa (raw, json)
Hash identifier: cQyQtpB4v5qdjWsREvClCGHRxxXFYvTyX4wkRTXaUM8=
Subject key identifier: 07:64:B4:75:49:12:AC:FB:DF:F5:2C:5B:C2:5D:BD:14:7F:49:FB:D9
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 0F139C0BEF39598846514C295EA912A782D249D2
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/49a52380-a9b6-4eb4-88a6-068ce2c59304.roa
Signing time: Tue 21 Feb 2023 00:00:00 +0000
ROA not before: Tue 21 Feb 2023 00:00:00 +0000
ROA not after: Fri 24 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:13:9c:0b:ef:39:59:88:46:51:4c:29:5e:a9:12:a7:82:d2:49:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 21 00:00:00 2023 GMT
Not After : Feb 24 23:59:59 2023 GMT
Subject: serialNumber=77434d8b09d2d46115c53f4747bbdf8910c0b4e801482fdf6ff3dc30540bd424, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:74:9b:a0:fc:50:eb:c3:22:35:25:99:ae:ea:
a1:79:0d:11:d8:59:df:73:99:db:56:ea:07:1e:47:
a9:9b:fe:e2:db:86:ae:80:8d:20:52:d0:7b:be:1c:
0f:7c:da:57:96:91:87:c7:45:e0:3a:f7:a2:6f:4a:
80:26:e8:22:49:86:88:3d:96:03:cd:b8:be:46:11:
e6:62:06:92:90:6f:51:1e:59:16:0e:66:ff:f3:10:
9d:71:89:67:73:63:81:cd:82:ff:77:43:b6:09:5d:
7c:15:a1:c0:8f:69:e7:67:9c:8e:41:58:2c:47:13:
ca:72:89:95:de:fa:74:94:ca:d6:9c:83:fc:a6:f2:
da:03:fa:fd:fe:7b:b9:c6:94:91:99:a7:da:90:18:
67:6e:32:95:16:86:00:ff:9e:6d:93:1d:81:3c:93:
a5:f8:08:0e:bc:a9:8a:d2:85:cf:31:18:2c:13:20:
78:e7:ac:8b:20:ca:ab:b4:78:ed:7a:6c:af:7f:2d:
0e:36:eb:3f:cf:bf:ea:ac:f5:65:9e:73:87:61:bd:
d8:6c:83:53:85:00:75:57:2c:80:ed:f0:21:dd:7f:
3d:25:4c:4f:c0:7b:47:5e:48:55:6c:24:84:ae:d1:
f4:9e:0a:46:70:7e:4c:91:81:e7:06:fc:ae:63:39:
c7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:64:B4:75:49:12:AC:FB:DF:F5:2C:5B:C2:5D:BD:14:7F:49:FB:D9
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/49a52380-a9b6-4eb4-88a6-068ce2c59304.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
46:be:02:c7:1c:9e:f7:86:cd:e2:29:6f:e3:57:78:f9:3e:8d:
3d:54:5a:df:41:6b:bc:c1:9f:2f:bd:a1:44:e2:1f:9f:5e:b9:
c8:80:1f:5a:51:dd:79:7a:d1:0e:a9:cc:d9:35:73:a6:b2:0a:
f4:29:76:a4:70:91:60:b8:10:c4:6e:fc:7b:91:8f:d5:e5:04:
7f:80:ad:77:db:db:47:ed:05:22:4f:1e:78:74:1c:a0:9e:ed:
1b:20:a1:4e:33:05:10:7b:cb:7a:21:ac:7f:b2:7b:6b:5c:8c:
a2:db:a9:f6:9a:66:db:01:56:d8:0d:6f:27:03:1e:f2:f7:b2:
f6:21:2f:f3:e4:3d:2b:9c:84:45:da:b7:7a:8b:e2:e0:67:65:
0a:48:98:cf:d5:8a:9d:6f:cb:72:66:9c:cd:88:f8:aa:7a:55:
7b:8a:95:b8:6c:dc:1e:06:72:02:b2:3a:6f:fd:2b:50:8f:db:
f8:b5:ea:59:2e:6f:18:21:c2:f4:ee:94:7a:1a:aa:d4:87:5f:
63:5f:8b:2b:37:2a:55:cb:59:95:a3:63:92:f0:a7:44:6f:ae:
be:45:6f:ac:d8:95:0e:70:8e:7d:fb:90:eb:7b:15:cd:fa:10:
f3:b5:1b:7b:7a:2c:da:4b:06:38:d6:92:fa:62:a6:19:94:58:
bd:1c:b1:e1
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUDxOcC+85WYhGUUwpXqkSp4LSSdIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjIxMDAwMDAwWhcNMjMwMjI0MjM1OTU5
WjCBpTFJMEcGA1UEBRNANzc0MzRkOGIwOWQyZDQ2MTE1YzUzZjQ3NDdiYmRmODkx
MGMwYjRlODAxNDgyZmRmNmZmM2RjMzA1NDBiZDQyNDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKx0m6D8UOvDIjUlma7qoXkNEdhZ33OZ21bqBx5HqZv+4tuGroCN
IFLQe74cD3zaV5aRh8dF4Dr3om9KgCboIkmGiD2WA824vkYR5mIGkpBvUR5ZFg5m
//MQnXGJZ3Njgc2C/3dDtgldfBWhwI9p52ecjkFYLEcTynKJld76dJTK1pyD/Kby
2gP6/f57ucaUkZmn2pAYZ24ylRaGAP+ebZMdgTyTpfgIDrypitKFzzEYLBMgeOes
iyDKq7R47Xpsr38tDjbrP8+/6qz1ZZ5zh2G92GyDU4UAdVcsgO3wId1/PSVMT8B7
R15IVWwkhK7R9J4KRnB+TJGB5wb8rmM5xzcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQHZLR1SRKs+9/1LFvCXb0Uf0n72TAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNDlhNTIzODAtYTliNi00ZWI0LTg4YTYtMDY4Y2UyYzU5MzA0LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEa+AsccnveGzeIp
b+NXePk+jT1UWt9Ba7zBny+9oUTiH59euciAH1pR3Xl60Q6pzNk1c6ayCvQpdqRw
kWC4EMRu/HuRj9XlBH+ArXfb20ftBSJPHnh0HKCe7RsgoU4zBRB7y3ohrH+ye2tc
jKLbqfaaZtsBVtgNbycDHvL3svYhL/PkPSuchEXat3qL4uBnZQpImM/Vip1vy3Jm
nM2I+Kp6VXuKlbhs3B4GcgKyOm/9K1CP2/i16lkubxghwvTulHoaqtSHX2Nfiys3
KlXLWZWjY5Lwp0Rvrr5Fb6zYlQ5wjn37kOt7Fc36EPO1G3t6LNpLBjjWkvpiphmU
WL0cseE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:36 2023 by rpki-client on console-fra.rpki-client.org