Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/5fb331b1-db65-4635-8065-2a8925a6aa6f.roa
File: 5fb331b1-db65-4635-8065-2a8925a6aa6f.roa (raw, json)
Hash identifier: J0uoe4194yLYc0kasA+B+AhvybEIMgeRdjPEiaIOLYw=
Subject key identifier: 68:55:2E:89:A7:D7:94:47:83:98:7E:89:B9:46:3B:41:D0:59:70:91
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 6E9CD4B6CA48E346BD5AD4555B244297415052E3
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/5fb331b1-db65-4635-8065-2a8925a6aa6f.roa
Signing time: Thu 29 Dec 2022 00:00:00 +0000
ROA not before: Thu 29 Dec 2022 00:00:00 +0000
ROA not after: Sun 01 Jan 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:9c:d4:b6:ca:48:e3:46:bd:5a:d4:55:5b:24:42:97:41:50:52:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Dec 29 00:00:00 2022 GMT
Not After : Jan 1 23:59:59 2023 GMT
Subject: serialNumber=93c5d0de95d67d6d8af1e2846328d18e865c0d3d81b8434ec681506e8e78c032, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7e:e9:a6:e8:55:ee:22:f3:45:54:22:b0:1a:
c6:1d:d7:3a:a8:96:f0:07:8f:88:3c:26:73:2e:ac:
36:b9:cf:11:72:60:8d:e8:b0:e1:d3:2e:97:90:e7:
17:e9:9d:23:30:e8:17:74:56:80:5b:91:18:e0:16:
35:87:b9:f5:3c:49:26:df:0e:a8:07:d5:9a:c5:1e:
ea:64:f4:16:97:f5:6d:75:db:6f:93:78:07:5f:29:
1d:4d:5b:f9:41:14:1f:10:40:a3:dc:ec:51:d0:2b:
1a:2a:a6:57:ed:21:a9:a3:62:82:40:7e:57:2e:f7:
ec:e6:ca:85:6d:3c:e7:f2:b0:8d:b2:8f:07:f6:ba:
27:bf:6c:8e:61:a5:32:26:10:37:98:0e:ea:0e:9d:
fe:06:ba:cc:38:df:77:76:0d:e0:ae:19:3a:47:12:
22:70:4b:91:a6:18:38:7e:1f:7d:1a:59:47:58:16:
aa:76:41:a1:9f:f5:85:17:40:82:d2:64:b3:f9:42:
a2:00:b2:d6:bf:69:e2:25:11:87:31:d8:d5:1a:e9:
27:fa:4c:a0:e4:07:e5:cf:4f:4d:cc:7d:63:65:23:
ba:49:d8:15:62:9d:c0:21:9b:0d:b5:ca:41:2c:31:
37:ba:d7:7e:a5:64:c8:be:36:63:1e:fe:87:13:3e:
7e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:55:2E:89:A7:D7:94:47:83:98:7E:89:B9:46:3B:41:D0:59:70:91
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/5fb331b1-db65-4635-8065-2a8925a6aa6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:d1:ee:84:79:85:01:cd:26:42:88:61:13:76:6d:73:8e:17:
a2:b3:19:b6:68:1e:c4:71:a0:75:c1:2d:20:53:55:b7:40:ef:
55:2a:5a:04:ae:9c:a0:52:44:dc:79:ec:89:b2:fa:8b:fb:d2:
b1:ad:6a:21:35:36:e9:e3:d0:0c:85:95:bd:43:2a:e2:2f:c6:
96:9d:ef:9c:f5:80:ea:e6:e6:11:8f:69:2d:bc:fb:61:4c:14:
9a:03:ac:c5:fd:7a:51:13:f4:48:01:0b:45:5f:3d:45:ba:ad:
66:03:4c:c7:bd:5f:a6:a4:0f:8b:66:ab:06:eb:c0:43:77:10:
a4:77:4d:e9:5f:b0:35:76:de:8a:27:4d:6e:a3:85:9a:c4:bc:
de:bc:3d:f9:64:20:72:8e:c9:ae:08:73:da:fa:fe:f8:7f:1a:
bd:34:d1:f8:09:6a:d5:a7:05:69:a2:07:25:5b:81:26:35:72:
4d:9a:9e:2d:5d:8b:e5:7e:2f:94:8f:f7:10:1c:f9:36:86:06:
06:c3:17:43:83:f5:19:3e:51:68:f0:45:8d:fa:a8:fb:23:00:
6b:f3:61:02:57:20:0a:66:fb:87:4f:55:74:ff:bf:e1:c3:ad:
dc:b3:a7:89:61:78:0d:fb:d9:9b:11:13:97:98:40:9b:d4:10:
2f:52:48:4b
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUbpzUtspI40a9WtRVWyRCl0FQUuMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIxMjI5MDAwMDAwWhcNMjMwMTAxMjM1OTU5
WjCBpTFJMEcGA1UEBRNAOTNjNWQwZGU5NWQ2N2Q2ZDhhZjFlMjg0NjMyOGQxOGU4
NjVjMGQzZDgxYjg0MzRlYzY4MTUwNmU4ZTc4YzAzMjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMt+6aboVe4i80VUIrAaxh3XOqiW8AePiDwmcy6sNrnPEXJgjeiw
4dMul5DnF+mdIzDoF3RWgFuRGOAWNYe59TxJJt8OqAfVmsUe6mT0Fpf1bXXbb5N4
B18pHU1b+UEUHxBAo9zsUdArGiqmV+0hqaNigkB+Vy737ObKhW085/KwjbKPB/a6
J79sjmGlMiYQN5gO6g6d/ga6zDjfd3YN4K4ZOkcSInBLkaYYOH4ffRpZR1gWqnZB
oZ/1hRdAgtJks/lCogCy1r9p4iURhzHY1RrpJ/pMoOQH5c9PTcx9Y2UjuknYFWKd
wCGbDbXKQSwxN7rXfqVkyL42Yx7+hxM+fnsCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRoVS6Jp9eUR4OYfom5RjtB0FlwkTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNWZiMzMxYjEtZGI2NS00NjM1LTgwNjUtMmE4OTI1YTZhYTZmLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAMvR7oR5hQHNJkKI
YRN2bXOOF6KzGbZoHsRxoHXBLSBTVbdA71UqWgSunKBSRNx57Imy+ov70rGtaiE1
Nunj0AyFlb1DKuIvxpad75z1gOrm5hGPaS28+2FMFJoDrMX9elET9EgBC0VfPUW6
rWYDTMe9X6akD4tmqwbrwEN3EKR3TelfsDV23oonTW6jhZrEvN68PflkIHKOya4I
c9r6/vh/Gr000fgJatWnBWmiByVbgSY1ck2ani1di+V+L5SP9xAc+TaGBgbDF0OD
9Rk+UWjwRY36qPsjAGvzYQJXIApm+4dPVXT/v+HDrdyzp4lheA372ZsRE5eYQJvU
EC9SSEs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:46 2023 by rpki-client on console-ams.rpki-client.org