Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/5852753e-2886-4496-a862-5c3290c3c106.roa
File: 5852753e-2886-4496-a862-5c3290c3c106.roa (raw, json)
Hash identifier: OsvyQYxfxZJ/afEVhqaAR1DRrh/OnUqo479EolLVb28=
Subject key identifier: D8:95:01:EA:25:66:DC:FB:B4:B0:6C:1C:CE:71:D5:25:93:95:C4:B3
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 532431BBDE41A2F76587649CFB3D8108C04B7715
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/5852753e-2886-4496-a862-5c3290c3c106.roa
Signing time: Tue 28 Feb 2023 00:00:00 +0000
ROA not before: Tue 28 Feb 2023 00:00:00 +0000
ROA not after: Fri 03 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:24:31:bb:de:41:a2:f7:65:87:64:9c:fb:3d:81:08:c0:4b:77:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 28 00:00:00 2023 GMT
Not After : Mar 3 23:59:59 2023 GMT
Subject: serialNumber=b0e32e2e0d3b861a4771ef09ae892078d08a0cb3bf27d9a2e12b5dfa4d8a6c1b, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bc:71:b6:b4:73:c6:45:40:db:32:42:50:3e:
0e:a9:8b:2b:39:e4:12:73:d7:1d:7d:1c:44:1b:92:
03:70:2b:e3:d6:94:84:7d:22:25:d1:1c:9d:ca:7a:
1c:67:3b:ac:2f:98:e4:0e:8f:44:6f:ef:de:0a:39:
3e:c5:ec:24:4e:24:7e:c2:63:e8:59:62:bc:44:a7:
aa:ea:7c:3c:02:44:3f:79:97:63:fa:97:f1:1a:d9:
3f:7f:c1:c4:45:6c:78:24:86:67:8f:31:6c:b2:7d:
7c:93:dc:39:04:ae:75:e6:31:2f:23:0a:34:c9:62:
ba:8f:b7:8b:ba:83:60:52:67:31:f3:c9:af:50:81:
13:61:1a:69:50:16:58:8a:af:5a:54:0f:5b:7e:f5:
62:24:85:05:b4:19:b0:e8:fb:26:58:95:a7:4b:37:
01:26:74:b2:d7:6b:cd:37:f2:9e:15:3e:fc:bd:d0:
ec:c1:8e:f0:ec:08:21:3d:73:96:16:fc:3e:8c:0a:
3e:cc:4d:6a:fc:4c:e8:da:c5:3c:6c:50:19:57:1c:
19:de:6c:3b:a8:5e:fe:9e:e5:43:65:96:51:57:4f:
ad:d0:58:6a:eb:4e:fd:fe:59:9d:5e:48:f4:8a:77:
5d:17:3a:79:fc:f5:fa:8f:e4:6d:bf:24:75:e9:33:
52:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:95:01:EA:25:66:DC:FB:B4:B0:6C:1C:CE:71:D5:25:93:95:C4:B3
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/5852753e-2886-4496-a862-5c3290c3c106.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:21:42:78:0c:3e:e4:53:18:43:d4:f1:d4:b1:d0:e1:40:66:
b6:2a:b8:9d:f9:78:f7:90:d5:82:11:f2:0c:df:58:52:d4:52:
94:2f:aa:37:a2:35:08:cd:f6:0d:6f:b6:27:5c:89:8b:17:6a:
97:39:c2:81:70:48:24:be:26:0b:27:98:cb:72:e3:1d:17:7a:
9b:ff:10:99:95:26:fd:11:04:49:76:ee:aa:27:03:4c:c4:47:
80:68:78:8d:17:99:51:1d:17:c6:04:87:c6:db:3a:bc:41:b6:
cd:35:a7:0d:e8:67:d2:7f:f5:7b:3d:cd:24:56:a9:db:c9:b7:
06:d9:99:47:1a:93:0f:e1:46:85:10:a0:4c:4a:12:08:58:4f:
37:f8:0c:39:b2:67:b3:3a:9a:35:66:3a:99:62:1a:cf:1c:fb:
3e:c0:84:fc:3f:74:55:1a:18:5b:ae:b3:0f:52:2d:76:84:ee:
10:b2:e8:d6:92:14:be:23:9a:42:ca:df:63:ce:f7:ab:24:6d:
9e:60:21:8d:95:e2:45:b7:84:9d:1a:c0:36:1d:62:8d:aa:0c:
3b:6d:f7:36:99:bc:b1:03:5d:9b:a0:53:34:69:3e:3e:af:f4:
7c:c0:ff:37:21:59:4b:da:38:96:e6:de:c6:18:8b:b3:a3:f5:
79:1a:7b:ca
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUUyQxu95Bovdlh2Sc+z2BCMBLdxUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjI4MDAwMDAwWhcNMjMwMzAzMjM1OTU5
WjCBpTFJMEcGA1UEBRNAYjBlMzJlMmUwZDNiODYxYTQ3NzFlZjA5YWU4OTIwNzhk
MDhhMGNiM2JmMjdkOWEyZTEyYjVkZmE0ZDhhNmMxYjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJW8cba0c8ZFQNsyQlA+DqmLKznkEnPXHX0cRBuSA3Ar49aUhH0i
JdEcncp6HGc7rC+Y5A6PRG/v3go5PsXsJE4kfsJj6FlivESnqup8PAJEP3mXY/qX
8RrZP3/BxEVseCSGZ48xbLJ9fJPcOQSudeYxLyMKNMliuo+3i7qDYFJnMfPJr1CB
E2EaaVAWWIqvWlQPW371YiSFBbQZsOj7JliVp0s3ASZ0stdrzTfynhU+/L3Q7MGO
8OwIIT1zlhb8PowKPsxNavxM6NrFPGxQGVccGd5sO6he/p7lQ2WWUVdPrdBYautO
/f5ZnV5I9Ip3XRc6efz1+o/kbb8kdekzUsECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTYlQHqJWbc+7SwbBzOcdUlk5XEszAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNTg1Mjc1M2UtMjg4Ni00NDk2LWE4NjItNWMzMjkwYzNjMTA2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAF4hQngMPuRTGEPU
8dSx0OFAZrYquJ35ePeQ1YIR8gzfWFLUUpQvqjeiNQjN9g1vtidciYsXapc5woFw
SCS+JgsnmMty4x0Xepv/EJmVJv0RBEl27qonA0zER4BoeI0XmVEdF8YEh8bbOrxB
ts01pw3oZ9J/9Xs9zSRWqdvJtwbZmUcakw/hRoUQoExKEghYTzf4DDmyZ7M6mjVm
OpliGs8c+z7AhPw/dFUaGFuusw9SLXaE7hCy6NaSFL4jmkLK32PO96skbZ5gIY2V
4kW3hJ0awDYdYo2qDDtt9zaZvLEDXZugUzRpPj6v9HzA/zchWUvaOJbm3sYYi7Oj
9Xkae8o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:37 2023 by rpki-client on console-fra.rpki-client.org