Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4b395501-8e65-478d-a312-9896e9c67542.roa
File: 4b395501-8e65-478d-a312-9896e9c67542.roa (raw, json)
Hash identifier: 1GgcIoAd0xQh96+3rEe37grnfnfCLtPXEIVUjicqkCc=
Subject key identifier: C7:45:20:96:A3:C0:DC:F9:34:79:87:9E:C4:DA:B5:D8:10:BF:F6:25
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 24DF39321C3B57D8D46E53492EA5BBE2ADB7BD86
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4b395501-8e65-478d-a312-9896e9c67542.roa
Signing time: Thu 16 Feb 2023 00:00:00 +0000
ROA not before: Thu 16 Feb 2023 00:00:00 +0000
ROA not after: Sun 19 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:df:39:32:1c:3b:57:d8:d4:6e:53:49:2e:a5:bb:e2:ad:b7:bd:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 16 00:00:00 2023 GMT
Not After : Feb 19 23:59:59 2023 GMT
Subject: serialNumber=cbafa7ab116460cf214ef194b11c4127e8762bce61dd2d1f380329148fb5513c, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ea:94:80:07:cc:fc:e4:cf:9e:c4:bc:94:5a:
4e:62:a0:c7:44:cd:15:58:08:e5:a6:5b:52:13:6d:
69:38:12:f8:85:2d:b9:f3:73:10:b4:ad:24:c7:35:
b5:92:f3:a8:95:49:0c:aa:60:42:9e:63:fe:80:36:
8a:84:68:8e:6c:74:b7:f6:db:ea:f3:f7:b4:f1:fd:
56:45:91:c3:f8:d2:df:57:f5:da:63:15:90:7d:b2:
3f:47:45:15:4b:00:51:8a:2a:63:4a:2b:be:75:ea:
aa:44:c5:02:8e:05:53:14:d8:73:08:cb:59:9d:98:
9e:9c:f6:8a:f0:cd:0f:99:14:0e:02:05:92:6b:04:
88:76:d0:18:74:c8:bd:5b:3b:93:9f:2e:bf:6d:c0:
52:24:4e:b7:84:43:34:5c:f7:4a:1f:36:06:1d:4b:
96:b4:c5:2d:e6:33:af:2e:82:0a:51:c7:5e:25:22:
44:a5:99:55:e2:39:ea:6e:09:c9:e8:67:19:c0:b4:
6d:24:09:ad:bb:85:cd:74:f0:2c:5f:57:d7:b5:c2:
60:81:bb:7e:bb:3a:09:51:cb:f9:53:f5:4e:4a:2e:
4f:d5:b1:5a:d5:6b:77:55:ec:16:e1:9a:3a:7b:22:
be:3c:55:1a:3f:5b:78:74:95:b5:a6:12:18:fe:02:
78:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:45:20:96:A3:C0:DC:F9:34:79:87:9E:C4:DA:B5:D8:10:BF:F6:25
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4b395501-8e65-478d-a312-9896e9c67542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
42:52:f4:aa:d0:45:de:8a:86:57:11:b5:3c:5b:17:f6:26:17:
68:8d:9d:3f:66:82:62:52:b9:ee:57:e8:d4:7a:19:be:9a:8d:
53:b7:9b:f6:6e:46:7c:eb:94:1d:86:7f:c4:71:90:8c:c4:53:
f9:e7:12:d9:70:e8:12:0a:a7:6a:15:af:44:18:a7:74:ad:4e:
03:c8:b3:ef:db:54:c9:ab:6f:6f:7a:ab:e3:1e:9c:63:65:44:
08:24:9c:e2:50:40:fa:29:16:94:a0:11:6b:ba:b9:d6:27:4b:
42:fa:b0:5c:55:a9:2b:d2:84:08:09:af:15:6f:54:78:76:d7:
1a:49:52:e1:88:c3:4b:11:4f:11:f5:f4:e4:e2:a5:e7:65:8d:
cf:05:4f:6c:e5:a5:2f:c9:e6:bc:14:e0:4a:4d:55:8b:50:9d:
02:0f:66:58:b5:b8:2f:99:62:91:fc:ef:57:f5:e7:36:ed:e2:
38:37:7c:9d:12:24:01:ac:88:59:ec:9f:ed:a1:86:26:29:48:
7c:7a:ff:6b:a0:73:04:84:dd:f6:25:83:56:37:c8:05:71:78:
17:45:de:1f:57:36:fc:ac:b2:5f:39:2a:50:31:85:85:f9:94:
b4:14:9c:2e:82:dd:0e:fb:dd:7e:38:d9:c8:bf:67:15:f4:5c:
aa:0d:8d:f2
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUJN85Mhw7V9jUblNJLqW74q23vYYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjE2MDAwMDAwWhcNMjMwMjE5MjM1OTU5
WjCBpTFJMEcGA1UEBRNAY2JhZmE3YWIxMTY0NjBjZjIxNGVmMTk0YjExYzQxMjdl
ODc2MmJjZTYxZGQyZDFmMzgwMzI5MTQ4ZmI1NTEzYzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJTqlIAHzPzkz57EvJRaTmKgx0TNFVgI5aZbUhNtaTgS+IUtufNz
ELStJMc1tZLzqJVJDKpgQp5j/oA2ioRojmx0t/bb6vP3tPH9VkWRw/jS31f12mMV
kH2yP0dFFUsAUYoqY0orvnXqqkTFAo4FUxTYcwjLWZ2Ynpz2ivDND5kUDgIFkmsE
iHbQGHTIvVs7k58uv23AUiROt4RDNFz3Sh82Bh1LlrTFLeYzry6CClHHXiUiRKWZ
VeI56m4JyehnGcC0bSQJrbuFzXTwLF9X17XCYIG7frs6CVHL+VP1TkouT9WxWtVr
d1XsFuGaOnsivjxVGj9beHSVtaYSGP4CeM0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTHRSCWo8Dc+TR5h57E2rXYEL/2JTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNGIzOTU1MDEtOGU2NS00NzhkLWEzMTItOTg5NmU5YzY3NTQyLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEJS9KrQRd6KhlcR
tTxbF/YmF2iNnT9mgmJSue5X6NR6Gb6ajVO3m/ZuRnzrlB2Gf8RxkIzEU/nnEtlw
6BIKp2oVr0QYp3StTgPIs+/bVMmrb296q+MenGNlRAgknOJQQPopFpSgEWu6udYn
S0L6sFxVqSvShAgJrxVvVHh21xpJUuGIw0sRTxH19OTipedljc8FT2zlpS/J5rwU
4EpNVYtQnQIPZli1uC+ZYpH871f15zbt4jg3fJ0SJAGsiFnsn+2hhiYpSHx6/2ug
cwSE3fYlg1Y3yAVxeBdF3h9XNvyssl85KlAxhYX5lLQUnC6C3Q773X442ci/ZxX0
XKoNjfI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:41 2023 by rpki-client on console-ams.rpki-client.org