Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/528caef8-0ec0-4a91-b5a5-931ff6bff44f.roa
File: 528caef8-0ec0-4a91-b5a5-931ff6bff44f.roa (raw, json)
Hash identifier: XY1QQsSxeyVGDCQAjYkru/inRENx6RgzHVjLrcXtcNo=
Subject key identifier: BB:75:BF:1F:8C:DD:FF:0C:AB:7C:FB:9F:6D:24:B4:8D:C7:53:8F:23
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 63AFCACCD1BDF7EA2135C1ACF30443069FC8680A
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/528caef8-0ec0-4a91-b5a5-931ff6bff44f.roa
Signing time: Wed 22 Feb 2023 00:00:00 +0000
ROA not before: Wed 22 Feb 2023 00:00:00 +0000
ROA not after: Sat 25 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:af:ca:cc:d1:bd:f7:ea:21:35:c1:ac:f3:04:43:06:9f:c8:68:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 22 00:00:00 2023 GMT
Not After : Feb 25 23:59:59 2023 GMT
Subject: serialNumber=bac71dca932260281c02fc3f665060e1e1d531264ec883731e2adebbe03f81cf, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ae:0a:84:74:78:d4:bf:bf:e4:f5:46:97:18:
ad:bc:17:1b:29:b9:46:3a:8e:cc:1d:81:06:1c:ed:
10:45:5a:50:37:a4:20:80:6d:17:f0:4e:94:08:87:
a0:0a:2a:8a:15:84:0f:da:dd:ba:56:b8:41:0b:12:
e2:7d:b5:46:41:bf:44:81:53:f9:ea:a8:8b:1d:3a:
6d:e1:e7:a1:c0:79:f0:23:f0:96:66:ae:21:30:54:
49:4c:1b:8e:01:2c:2e:c7:31:1e:5a:b1:92:c7:5e:
cb:00:7a:13:24:5a:05:a9:65:19:47:ec:5d:3d:1c:
8c:9f:36:c9:d2:8b:1d:6b:66:a5:b9:4e:bb:9f:eb:
9e:d5:b0:92:72:01:67:b7:b8:14:f2:fe:3f:c4:cb:
65:65:b3:47:0e:43:16:cb:4e:e8:12:ac:f5:2b:89:
b8:18:a9:dc:a5:c9:56:29:36:21:34:c4:ce:0e:d7:
f2:f5:95:5b:19:95:11:d0:82:92:ce:4d:8e:c9:90:
81:c4:20:c4:8a:6e:bf:d1:15:53:d2:58:87:ff:64:
e9:6f:3f:74:1f:6d:78:4a:8d:97:ca:c0:9e:de:d7:
46:c4:01:0f:9c:24:86:11:83:3e:6e:ae:bb:16:24:
90:fa:9a:50:16:ce:96:63:6e:7b:43:8e:8a:06:76:
db:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:75:BF:1F:8C:DD:FF:0C:AB:7C:FB:9F:6D:24:B4:8D:C7:53:8F:23
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/528caef8-0ec0-4a91-b5a5-931ff6bff44f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
51:1c:67:0d:3c:34:f2:83:77:ba:f7:4f:f9:a8:99:36:8c:e5:
79:16:ee:d2:39:58:74:3c:ca:0a:a3:22:2a:0d:cc:1c:27:d5:
90:b3:ea:a3:01:96:4d:55:d6:23:05:6d:7e:b7:0b:af:fa:6e:
a9:7d:a7:b1:d6:be:8d:c9:a1:b1:d9:5e:83:f8:b1:1a:77:ed:
16:e2:a1:3f:d2:9d:ec:a5:ad:ca:44:df:9b:08:0a:a1:81:6d:
b6:93:e9:7e:83:79:b9:27:e9:a6:72:60:4d:c7:cb:f0:62:7e:
74:a2:af:f9:70:fb:99:f4:fb:d5:fa:be:fc:b8:c9:3d:80:e3:
17:a5:57:87:93:f4:f0:d5:e0:c9:56:92:05:37:98:7c:78:b8:
68:7e:56:8b:e2:26:8a:2b:b0:21:e4:f4:f1:53:fd:99:e1:20:
66:48:83:dd:db:83:27:a1:80:67:88:03:a4:65:88:59:48:3f:
ae:b3:74:d4:ff:91:94:dd:d3:8f:b2:0a:42:0a:39:cd:ec:3a:
f8:32:ff:74:c8:fd:e0:11:0a:68:be:a8:66:83:88:03:b9:70:
a5:af:ae:dc:36:37:9f:f9:f0:e1:f2:31:b2:4b:7b:b4:8a:23:
5f:54:52:5c:f5:f2:84:bf:9a:5d:4d:7f:52:e5:a3:21:e6:9f:
0a:6c:94:05
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUY6/KzNG99+ohNcGs8wRDBp/IaAowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjIyMDAwMDAwWhcNMjMwMjI1MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYmFjNzFkY2E5MzIyNjAyODFjMDJmYzNmNjY1MDYwZTFl
MWQ1MzEyNjRlYzg4MzczMWUyYWRlYmJlMDNmODFjZjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJuuCoR0eNS/v+T1RpcYrbwXGym5RjqOzB2BBhztEEVaUDekIIBt
F/BOlAiHoAoqihWED9rdula4QQsS4n21RkG/RIFT+eqoix06beHnocB58CPwlmau
ITBUSUwbjgEsLscxHlqxksdeywB6EyRaBallGUfsXT0cjJ82ydKLHWtmpblOu5/r
ntWwknIBZ7e4FPL+P8TLZWWzRw5DFstO6BKs9SuJuBip3KXJVik2ITTEzg7X8vWV
WxmVEdCCks5NjsmQgcQgxIpuv9EVU9JYh/9k6W8/dB9teEqNl8rAnt7XRsQBD5wk
hhGDPm6uuxYkkPqaUBbOlmNue0OOigZ2290CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBS7db8fjN3/DKt8+59tJLSNx1OPIzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNTI4Y2FlZjgtMGVjMC00YTkxLWI1YTUtOTMxZmY2YmZmNDRmLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFEcZw08NPKDd7r3
T/momTaM5XkW7tI5WHQ8ygqjIioNzBwn1ZCz6qMBlk1V1iMFbX63C6/6bql9p7HW
vo3JobHZXoP4sRp37RbioT/SneylrcpE35sICqGBbbaT6X6Debkn6aZyYE3Hy/Bi
fnSir/lw+5n0+9X6vvy4yT2A4xelV4eT9PDV4MlWkgU3mHx4uGh+VoviJoorsCHk
9PFT/ZnhIGZIg93bgyehgGeIA6RliFlIP66zdNT/kZTd04+yCkIKOc3sOvgy/3TI
/eARCmi+qGaDiAO5cKWvrtw2N5/58OHyMbJLe7SKI19UUlz18oS/ml1Nf1LloyHm
nwpslAU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:42 2023 by rpki-client on console-ams.rpki-client.org