Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/55653af7-a232-4e09-a81c-b813dbea4aeb.roa
File: 55653af7-a232-4e09-a81c-b813dbea4aeb.roa (raw, json)
Hash identifier: cEVxKq0KB8JXAb1P4+5ym74drdNJsX28SwWE+gUPCKA=
Subject key identifier: 48:B7:63:98:AE:87:DB:05:12:F8:C6:22:91:69:92:63:E5:82:DF:19
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 503CAE5DCFF4EB16738CEAA9227C1B3FF6DEEE52
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/55653af7-a232-4e09-a81c-b813dbea4aeb.roa
Signing time: Sun 16 Apr 2023 00:00:00 +0000
ROA not before: Sun 16 Apr 2023 00:00:00 +0000
ROA not after: Wed 19 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:3c:ae:5d:cf:f4:eb:16:73:8c:ea:a9:22:7c:1b:3f:f6:de:ee:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 16 00:00:00 2023 GMT
Not After : Apr 19 23:59:59 2023 GMT
Subject: serialNumber=5892c4d2e1c0ac215c13bcbd04ac8910ab4e4aa0399011f9283fbd9d1cadd0ff, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2d:40:0a:ac:e5:92:a2:83:85:6c:18:4d:bb:
cd:ab:2b:f7:49:a4:6e:22:d3:33:eb:ce:3a:f3:57:
4c:03:55:fd:65:eb:77:45:d1:62:14:74:96:b7:80:
f4:7f:13:2f:67:da:78:0c:ef:6f:6d:f6:f4:fb:b3:
92:cf:ea:5d:6e:f7:a7:d4:82:14:21:67:e1:05:5c:
e3:64:74:5a:12:d6:63:aa:66:a8:fe:31:1c:95:f6:
b6:d1:9b:e2:0d:71:74:3e:66:20:0f:67:38:96:60:
82:d1:87:35:ce:9d:5c:de:e7:05:c8:81:4a:58:7c:
c6:1f:8b:cd:15:e0:4a:36:ca:f5:00:d8:67:b9:fa:
52:fc:f5:04:92:73:fa:b0:2b:3a:69:0f:f5:cf:0e:
c5:51:9f:0b:34:c0:25:ca:05:ef:a3:d6:30:da:47:
01:68:86:63:31:35:5f:29:80:be:33:4c:86:c3:43:
67:06:49:81:d4:49:f5:ac:01:14:1d:af:25:d7:d9:
10:0b:0b:75:5b:89:16:c3:bb:b3:03:1e:bf:1e:01:
c6:85:70:87:6e:44:7e:d6:ba:08:57:34:44:ca:3d:
a9:38:b1:37:3a:1b:37:a0:54:b4:4e:5c:42:32:84:
60:29:54:f4:44:8d:54:45:c0:81:93:6a:dd:0c:e9:
4f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B7:63:98:AE:87:DB:05:12:F8:C6:22:91:69:92:63:E5:82:DF:19
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/55653af7-a232-4e09-a81c-b813dbea4aeb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
12:62:39:c7:fa:f7:05:88:7f:aa:ed:7c:0f:82:22:b3:fe:79:
bb:67:89:36:74:43:fd:c8:44:14:d1:cc:f7:9c:66:17:0f:cb:
a4:fe:78:40:eb:8b:33:3c:0a:c0:87:af:1e:62:21:ae:6e:b0:
5d:bf:cb:82:6f:5c:ee:37:05:77:a3:68:fc:24:90:25:eb:9c:
7b:65:ec:0f:38:b3:5b:cd:5d:ed:6f:c8:59:57:94:61:d5:dc:
01:aa:e5:8b:a9:ed:7b:ef:6f:dd:5f:ac:e2:a7:26:80:d6:3d:
fa:57:9e:25:61:26:23:36:04:3f:b5:96:97:53:40:8a:82:4b:
aa:71:a3:dc:5a:0f:85:6d:63:a9:ef:a6:7c:74:bc:92:f9:35:
2b:d9:40:04:bf:4e:1e:d6:44:d4:99:e9:e8:de:d6:05:4e:73:
c9:09:4a:04:33:2f:20:f7:78:0b:0f:5c:41:54:18:d3:15:9b:
22:5d:d7:21:49:88:18:15:fb:3b:77:cc:4b:f5:37:78:16:9d:
e8:3b:c7:46:44:3c:17:10:81:33:cb:7c:44:f1:46:26:74:38:
1d:97:86:bd:ae:d8:f1:4d:2c:50:f8:e5:53:09:8a:ae:57:97:
25:88:57:28:0f:28:df:cb:37:fe:08:e2:d2:35:2e:5c:4d:4d:
fb:e9:b5:07
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUUDyuXc/06xZzjOqpInwbP/be7lIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDE2MDAwMDAwWhcNMjMwNDE5MjM1OTU5
WjCBpTFJMEcGA1UEBRNANTg5MmM0ZDJlMWMwYWMyMTVjMTNiY2JkMDRhYzg5MTBh
YjRlNGFhMDM5OTAxMWY5MjgzZmJkOWQxY2FkZDBmZjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJAtQAqs5ZKig4VsGE27zasr90mkbiLTM+vOOvNXTANV/WXrd0XR
YhR0lreA9H8TL2faeAzvb2329Puzks/qXW73p9SCFCFn4QVc42R0WhLWY6pmqP4x
HJX2ttGb4g1xdD5mIA9nOJZggtGHNc6dXN7nBciBSlh8xh+LzRXgSjbK9QDYZ7n6
Uvz1BJJz+rArOmkP9c8OxVGfCzTAJcoF76PWMNpHAWiGYzE1XymAvjNMhsNDZwZJ
gdRJ9awBFB2vJdfZEAsLdVuJFsO7swMevx4BxoVwh25Efta6CFc0RMo9qTixNzob
N6BUtE5cQjKEYClU9ESNVEXAgZNq3QzpT0sCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRIt2OYrofbBRL4xiKRaZJj5YLfGTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNTU2NTNhZjctYTIzMi00ZTA5LWE4MWMtYjgxM2RiZWE0YWViLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABJiOcf69wWIf6rt
fA+CIrP+ebtniTZ0Q/3IRBTRzPecZhcPy6T+eEDrizM8CsCHrx5iIa5usF2/y4Jv
XO43BXejaPwkkCXrnHtl7A84s1vNXe1vyFlXlGHV3AGq5Yup7Xvvb91frOKnJoDW
PfpXniVhJiM2BD+1lpdTQIqCS6pxo9xaD4VtY6nvpnx0vJL5NSvZQAS/Th7WRNSZ
6eje1gVOc8kJSgQzLyD3eAsPXEFUGNMVmyJd1yFJiBgV+zt3zEv1N3gWneg7x0ZE
PBcQgTPLfETxRiZ0OB2Xhr2u2PFNLFD45VMJiq5XlyWIVygPKN/LN/4I4tI1LlxN
TfvptQc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:42 2023 by rpki-client on console-ams.rpki-client.org