Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4dc475cf-c9e3-445b-9b09-f82375ae85de.roa
File: 4dc475cf-c9e3-445b-9b09-f82375ae85de.roa (raw, json)
Hash identifier: m398fAZjPoRznLa7uJ8nMjextTr6k3KG9szxUdTE1rI=
Subject key identifier: A7:C3:6D:CD:C4:E7:81:83:50:18:EA:91:E8:ED:B3:31:72:22:03:BE
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 2D586CDA9F5DC6140BA78D94568006AC8352EAE4
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4dc475cf-c9e3-445b-9b09-f82375ae85de.roa
Signing time: Wed 07 Dec 2022 00:00:00 +0000
ROA not before: Wed 07 Dec 2022 00:00:00 +0000
ROA not after: Sat 10 Dec 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:58:6c:da:9f:5d:c6:14:0b:a7:8d:94:56:80:06:ac:83:52:ea:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Dec 7 00:00:00 2022 GMT
Not After : Dec 10 23:59:59 2022 GMT
Subject: serialNumber=d4afc6720ea0c76fed1b2deb0ac064f503454ffd0d77ff1a30640458510f3718, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:43:c2:13:3c:b6:ec:d8:b4:42:56:34:03:7e:
f3:36:81:fc:04:41:ef:04:c3:6e:d5:8d:dd:41:6f:
e2:85:1d:b9:97:3f:0b:5f:94:1f:d3:a9:08:06:cd:
c2:63:a2:00:ad:80:ad:ad:e5:35:eb:52:fb:51:bb:
f9:67:69:da:0a:4d:c7:7a:92:87:db:77:4e:22:ce:
b5:3b:b7:54:18:27:22:8f:42:a8:f5:b6:45:e7:23:
0c:16:53:25:ca:c6:cd:10:d5:0a:3a:78:4e:f8:36:
47:9b:38:e4:c1:76:58:09:25:42:3e:0f:37:b7:c7:
29:bb:f7:17:74:d4:7a:2e:5a:79:10:f8:46:74:ec:
f7:32:1b:d1:73:f9:13:fe:d6:38:42:a3:b3:06:56:
33:ef:43:d7:18:6d:bd:16:04:37:41:c4:d9:bb:eb:
5a:dc:7f:ec:3b:15:d5:ff:3b:4b:38:98:ac:3f:9e:
61:3e:4e:f0:38:7a:10:e7:3e:65:a8:aa:8d:23:26:
11:79:eb:e6:c9:8b:bf:af:96:66:7c:28:98:ea:f7:
40:5b:01:33:f8:11:1c:9c:07:66:fc:ab:5f:8a:a6:
ba:83:4a:35:92:b1:44:9b:d7:d4:da:5e:4a:29:e1:
87:3d:d9:4c:5c:56:93:60:83:ee:a2:23:35:a3:1e:
b7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C3:6D:CD:C4:E7:81:83:50:18:EA:91:E8:ED:B3:31:72:22:03:BE
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4dc475cf-c9e3-445b-9b09-f82375ae85de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:a8:0a:d7:4f:62:1f:ec:91:cc:83:5e:e3:49:b3:88:f3:de:
e3:93:6f:48:9e:e0:7f:d9:a9:63:a6:ca:61:b0:27:54:bf:c2:
fd:c5:57:c0:1c:a0:56:bb:6f:4e:08:56:4a:4c:d5:17:eb:ad:
1c:d3:61:c4:4d:97:fc:f8:9f:b2:3c:9e:ca:37:fe:05:f6:43:
42:f4:e4:b0:7d:af:d6:3f:40:27:4c:6b:f8:28:e4:d2:b0:6e:
b5:c2:37:22:1c:6e:81:25:bb:a7:67:59:67:d3:67:b6:10:9b:
b5:0f:8f:6d:d2:65:8d:2b:06:8e:2f:03:98:a6:24:8a:4f:80:
8f:4e:dd:f1:56:1d:02:77:b9:c5:95:ed:9a:5a:19:6c:c8:a3:
dc:30:9a:0f:3c:4a:4d:fb:0f:c6:b2:f1:90:33:0f:34:2d:84:
6e:2b:7a:91:97:ca:45:6d:f5:b9:b1:6c:e0:ab:4d:b7:8b:7d:
4b:36:a3:64:15:28:19:14:17:cc:14:53:ba:64:e3:71:22:83:
c0:24:24:9c:38:f4:10:e2:3a:8f:e4:3e:9d:34:e7:87:9b:26:
a8:e9:21:ea:1a:57:d4:84:c9:6d:3b:17:ab:71:82:3f:54:9e:
e0:b2:de:9e:cd:5f:bb:c1:a5:72:5a:b2:3e:da:bc:6b:c9:03:
52:1c:bb:e6
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIULVhs2p9dxhQLp42UVoAGrINS6uQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIxMjA3MDAwMDAwWhcNMjIxMjEwMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZDRhZmM2NzIwZWEwYzc2ZmVkMWIyZGViMGFjMDY0ZjUw
MzQ1NGZmZDBkNzdmZjFhMzA2NDA0NTg1MTBmMzcxODEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANxDwhM8tuzYtEJWNAN+8zaB/ARB7wTDbtWN3UFv4oUduZc/C1+U
H9OpCAbNwmOiAK2Ara3lNetS+1G7+Wdp2gpNx3qSh9t3TiLOtTu3VBgnIo9CqPW2
RecjDBZTJcrGzRDVCjp4Tvg2R5s45MF2WAklQj4PN7fHKbv3F3TUei5aeRD4RnTs
9zIb0XP5E/7WOEKjswZWM+9D1xhtvRYEN0HE2bvrWtx/7DsV1f87SziYrD+eYT5O
8Dh6EOc+ZaiqjSMmEXnr5smLv6+WZnwomOr3QFsBM/gRHJwHZvyrX4qmuoNKNZKx
RJvX1NpeSinhhz3ZTFxWk2CD7qIjNaMet98CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSnw23NxOeBg1AY6pHo7bMxciIDvjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNGRjNDc1Y2YtYzllMy00NDViLTliMDktZjgyMzc1YWU4NWRlLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAL2oCtdPYh/skcyD
XuNJs4jz3uOTb0ie4H/ZqWOmymGwJ1S/wv3FV8AcoFa7b04IVkpM1RfrrRzTYcRN
l/z4n7I8nso3/gX2Q0L05LB9r9Y/QCdMa/go5NKwbrXCNyIcboElu6dnWWfTZ7YQ
m7UPj23SZY0rBo4vA5imJIpPgI9O3fFWHQJ3ucWV7ZpaGWzIo9wwmg88Sk37D8ay
8ZAzDzQthG4repGXykVt9bmxbOCrTbeLfUs2o2QVKBkUF8wUU7pk43Eig8AkJJw4
9BDiOo/kPp0054ebJqjpIeoaV9SEyW07F6txgj9UnuCy3p7NX7vBpXJasj7avGvJ
A1Icu+Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:41 2023 by rpki-client on console-ams.rpki-client.org