Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/659922df-5173-46a0-b50b-81649fa4908a.roa
File: 659922df-5173-46a0-b50b-81649fa4908a.roa (raw, json)
Hash identifier: R0JLqY709VEGSUTqhhnPmp43JmbUXX7ntfFUzBkv11Q=
Subject key identifier: 1D:B9:D2:18:A1:E8:63:86:78:4E:9A:BE:C0:B1:9D:9A:27:F1:D0:88
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4BC3168D48F9D923406D998FD8554CCEEC431A36
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/659922df-5173-46a0-b50b-81649fa4908a.roa
Signing time: Tue 30 May 2023 00:00:00 +0000
ROA not before: Tue 30 May 2023 00:00:00 +0000
ROA not after: Fri 02 Jun 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c3:16:8d:48:f9:d9:23:40:6d:99:8f:d8:55:4c:ce:ec:43:1a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 30 00:00:00 2023 GMT
Not After : Jun 2 23:59:59 2023 GMT
Subject: serialNumber=e7819d40b78f69fd76e2652275d7c6b7a68dd521df7f1f54d3c389e51aefc0a8, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:32:1a:7b:40:50:97:fd:8c:8b:9a:c0:bf:
d0:07:17:62:50:75:ef:b9:68:b3:b0:c7:88:29:94:
f2:af:f6:c8:c3:95:20:e6:14:3b:cd:da:3f:b6:38:
9b:93:32:5a:2a:cb:a8:2a:40:21:bb:0f:35:79:2e:
cc:f2:b9:40:75:62:8f:27:30:b4:20:55:4c:47:28:
1e:fe:37:57:65:88:72:30:db:55:73:1c:59:61:d7:
bf:16:5b:f6:d9:11:ea:cd:31:bc:f1:01:44:69:66:
6e:e8:9e:e7:e3:20:59:39:51:b5:b1:66:29:f8:6d:
d9:c0:c4:3b:ea:41:c5:1c:c2:15:42:0d:d3:41:52:
75:eb:76:e4:46:06:dc:80:fa:9a:95:91:54:19:22:
27:b7:8f:f6:39:12:3b:4f:28:6e:28:71:cd:37:99:
2c:dc:f5:ea:b1:b7:51:b7:ce:dd:a9:d0:31:96:f1:
b4:70:51:2f:49:ba:ab:4b:ad:c2:ec:f6:cb:ce:0f:
87:48:6a:d8:81:55:88:f3:35:98:0a:70:74:75:e4:
7e:ee:75:53:51:e9:7a:b4:37:c8:0c:c4:6a:e8:4e:
ad:5f:5e:a6:f9:cc:89:72:42:bb:0c:fa:d7:8e:40:
e8:6c:9e:b8:48:9a:eb:4d:2a:9b:d2:3f:99:68:03:
45:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B9:D2:18:A1:E8:63:86:78:4E:9A:BE:C0:B1:9D:9A:27:F1:D0:88
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/659922df-5173-46a0-b50b-81649fa4908a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:7c:58:6f:ce:fd:03:01:34:4c:67:7c:a6:88:48:fd:7d:f8:
ce:8a:1a:a9:ab:f8:b0:a0:7c:5f:12:e2:b9:87:7c:b8:1c:22:
c8:6f:b2:af:b7:8d:ff:17:80:f1:15:9e:bd:be:75:0c:fd:b1:
f9:6b:c7:a2:7b:74:31:0d:a8:8f:b9:e6:81:2c:0c:ec:14:2a:
0b:67:61:ef:d0:54:18:f0:0f:dd:e3:3b:e0:b3:ef:4a:35:ef:
fd:c7:61:21:7b:a0:c4:dd:1c:1e:42:ef:c9:32:2d:61:b9:62:
eb:60:b7:0f:91:78:4b:43:d2:da:d2:3f:41:30:fd:68:ee:58:
c4:ea:e7:12:6a:16:2f:93:05:21:9e:c0:b1:b9:60:d1:6a:8e:
9a:5c:f6:0f:fc:ad:bf:49:6b:20:78:5a:c4:3f:bc:f7:01:4b:
c9:09:1b:41:69:d3:d4:a9:60:ea:4d:d8:cf:d6:58:f8:c6:c7:
5c:ce:68:b6:4d:08:8d:b7:e7:23:58:01:d9:bf:ce:49:d2:de:
5e:2f:5d:af:a2:ce:d6:f2:6a:b3:f0:a4:77:50:6e:14:2d:33:
39:3b:16:19:74:92:e5:30:fc:8e:5f:94:1d:7f:53:89:2a:7e:
0d:06:9a:bb:b8:e5:b6:5b:93:10:22:13:fc:4a:79:73:17:15:
fe:98:e3:3e
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUS8MWjUj52SNAbZmP2FVMzuxDGjYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTMwMDAwMDAwWhcNMjMwNjAyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZTc4MTlkNDBiNzhmNjlmZDc2ZTI2NTIyNzVkN2M2Yjdh
NjhkZDUyMWRmN2YxZjU0ZDNjMzg5ZTUxYWVmYzBhODEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALROMhp7QFCX/YyLmsC/0AcXYlB177los7DHiCmU8q/2yMOVIOYU
O83aP7Y4m5MyWirLqCpAIbsPNXkuzPK5QHVijycwtCBVTEcoHv43V2WIcjDbVXMc
WWHXvxZb9tkR6s0xvPEBRGlmbuie5+MgWTlRtbFmKfht2cDEO+pBxRzCFUIN00FS
det25EYG3ID6mpWRVBkiJ7eP9jkSO08obihxzTeZLNz16rG3UbfO3anQMZbxtHBR
L0m6q0utwuz2y84Ph0hq2IFViPM1mApwdHXkfu51U1HperQ3yAzEauhOrV9epvnM
iXJCuwz6145A6GyeuEia600qm9I/mWgDRVcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQdudIYoehjhnhOmr7AsZ2aJ/HQiDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNjU5OTIyZGYtNTE3My00NmEwLWI1MGItODE2NDlmYTQ5MDhhLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALt8WG/O/QMBNExn
fKaISP19+M6KGqmr+LCgfF8S4rmHfLgcIshvsq+3jf8XgPEVnr2+dQz9sflrx6J7
dDENqI+55oEsDOwUKgtnYe/QVBjwD93jO+Cz70o17/3HYSF7oMTdHB5C78kyLWG5
Yutgtw+ReEtD0trSP0Ew/WjuWMTq5xJqFi+TBSGewLG5YNFqjppc9g/8rb9JayB4
WsQ/vPcBS8kJG0Fp09SpYOpN2M/WWPjGx1zOaLZNCI235yNYAdm/zknS3l4vXa+i
ztbyarPwpHdQbhQtMzk7Fhl0kuUw/I5flB1/U4kqfg0Gmru45bZbkxAiE/xKeXMX
Ff6Y4z4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:38 2023 by rpki-client on console-fra.rpki-client.org