Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/6573f3a9-b519-43a0-b41e-cd78b7140f64.roa
File: 6573f3a9-b519-43a0-b41e-cd78b7140f64.roa (raw, json)
Hash identifier: FCSpk9wN+qe6aVBjDDtgzqxygAZo8d+WQFehPXFCAKw=
Subject key identifier: F4:C2:1C:40:2F:1C:D5:10:44:AA:0C:66:70:49:F5:93:BB:46:45:72
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 7321128362B6BC8432DBAB1DD901E64BE0E25923
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/6573f3a9-b519-43a0-b41e-cd78b7140f64.roa
Signing time: Mon 26 Sep 2022 00:00:00 +0000
ROA not before: Mon 26 Sep 2022 00:00:00 +0000
ROA not after: Thu 29 Sep 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:21:12:83:62:b6:bc:84:32:db:ab:1d:d9:01:e6:4b:e0:e2:59:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Sep 26 00:00:00 2022 GMT
Not After : Sep 29 23:59:59 2022 GMT
Subject: serialNumber=b11ebf4d04b20bf9825b476e6ebdbc9dbd99e54781789134b57aa8e5c471452e, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:94:00:da:67:1c:d2:3f:6e:83:eb:89:24:87:
a6:ac:4a:f8:da:89:5d:22:39:97:89:4b:69:4b:bc:
6e:0e:69:21:81:a6:70:9d:68:26:a0:31:19:bf:2f:
6f:a8:12:71:62:99:cb:77:b5:9f:40:d7:26:38:f2:
31:02:95:94:d6:f7:94:1f:f7:7a:85:ae:50:4b:52:
97:ee:12:dd:4f:9c:1f:e8:38:f0:3a:2e:f0:f9:8e:
da:54:5b:d1:01:64:b6:4a:b8:26:73:81:00:b4:66:
1e:24:f2:c7:76:0c:d2:bb:ec:b7:62:fb:77:8d:d1:
d3:41:fa:a2:48:83:cb:7b:78:14:67:36:72:80:6d:
1d:86:45:cf:c7:63:1a:82:6e:5a:e5:85:f9:b8:91:
7f:a8:80:3f:6d:da:45:e9:7a:ac:50:29:fe:ac:27:
64:79:42:c5:5b:fd:26:cd:71:87:30:ca:18:7b:75:
94:c0:50:e1:6f:61:7d:20:d6:55:8c:82:2e:4a:80:
35:97:76:6a:3d:b7:82:17:86:50:7b:d9:72:9c:e4:
fb:35:f4:cc:93:9e:0f:14:3d:1e:56:43:79:1b:61:
e4:14:50:39:e0:20:a8:4d:45:eb:4a:f1:2c:03:24:
67:70:33:85:a0:3c:9d:00:79:1a:07:3b:24:39:84:
42:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C2:1C:40:2F:1C:D5:10:44:AA:0C:66:70:49:F5:93:BB:46:45:72
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/6573f3a9-b519-43a0-b41e-cd78b7140f64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
68:6c:c7:f1:58:6b:64:14:a8:c4:99:c2:64:f9:3d:03:71:b4:
6d:c6:84:39:6a:52:75:e1:9c:18:a1:c4:d3:7a:a7:c9:c3:44:
c8:ac:81:0b:8f:35:28:e4:37:8e:20:61:4a:c0:b2:f8:f5:63:
00:4c:5a:fd:91:0b:b9:52:a2:bc:a9:0f:ac:de:83:99:3b:a5:
d5:d0:54:eb:e8:27:4c:13:3d:9e:10:45:e7:04:3e:30:b7:43:
f6:c6:1a:e8:04:85:f1:f1:b0:93:57:f4:65:77:81:67:5a:b7:
47:51:7e:67:57:51:2d:1b:ee:90:e8:46:cd:26:99:c0:e3:5e:
20:0c:36:6f:2c:c3:79:90:2c:b3:e4:ce:14:16:77:2d:c9:b2:
9c:7b:b8:ed:4d:aa:8e:7c:77:6c:04:31:0f:6a:10:a2:11:b4:
92:d7:c8:a8:cc:3f:62:ac:78:99:53:ba:10:44:4b:c5:70:b3:
6e:47:f8:24:12:99:d6:47:ad:64:3d:70:a6:31:3d:16:de:7e:
e0:e8:59:73:15:53:82:5f:68:fa:f2:3f:f0:03:34:ed:4c:36:
f1:65:a0:7b:85:c4:4a:1f:05:6a:56:ab:61:24:a7:89:12:c7:
68:19:e8:24:7e:c7:3a:85:65:15:73:cb:fe:9c:d2:0b:d7:ca:
bc:63:d4:20
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUcyESg2K2vIQy26sd2QHmS+DiWSMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIwOTI2MDAwMDAwWhcNMjIwOTI5MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYjExZWJmNGQwNGIyMGJmOTgyNWI0NzZlNmViZGJjOWRi
ZDk5ZTU0NzgxNzg5MTM0YjU3YWE4ZTVjNDcxNDUyZTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALGUANpnHNI/boPriSSHpqxK+NqJXSI5l4lLaUu8bg5pIYGmcJ1o
JqAxGb8vb6gScWKZy3e1n0DXJjjyMQKVlNb3lB/3eoWuUEtSl+4S3U+cH+g48Dou
8PmO2lRb0QFktkq4JnOBALRmHiTyx3YM0rvst2L7d43R00H6okiDy3t4FGc2coBt
HYZFz8djGoJuWuWF+biRf6iAP23aRel6rFAp/qwnZHlCxVv9Js1xhzDKGHt1lMBQ
4W9hfSDWVYyCLkqANZd2aj23gheGUHvZcpzk+zX0zJOeDxQ9HlZDeRth5BRQOeAg
qE1F60rxLAMkZ3AzhaA8nQB5Ggc7JDmEQhMCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBT0whxALxzVEESqDGZwSfWTu0ZFcjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNjU3M2YzYTktYjUxOS00M2EwLWI0MWUtY2Q3OGI3MTQwZjY0LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGhsx/FYa2QUqMSZ
wmT5PQNxtG3GhDlqUnXhnBihxNN6p8nDRMisgQuPNSjkN44gYUrAsvj1YwBMWv2R
C7lSorypD6zeg5k7pdXQVOvoJ0wTPZ4QRecEPjC3Q/bGGugEhfHxsJNX9GV3gWda
t0dRfmdXUS0b7pDoRs0mmcDjXiAMNm8sw3mQLLPkzhQWdy3Jspx7uO1Nqo58d2wE
MQ9qEKIRtJLXyKjMP2KseJlTuhBES8Vws25H+CQSmdZHrWQ9cKYxPRbefuDoWXMV
U4JfaPryP/ADNO1MNvFloHuFxEofBWpWq2Ekp4kSx2gZ6CR+xzqFZRVzy/6c0gvX
yrxj1CA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:46 2023 by rpki-client on console-ams.rpki-client.org