Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/663f8943-4b6b-479c-88e1-5f55a76e37fc.roa
File: 663f8943-4b6b-479c-88e1-5f55a76e37fc.roa (raw, json)
Hash identifier: 9CNyRTX4fhtery1yBPWYQ+Xu0PP0NQATGI8AS51G2j8=
Subject key identifier: 5C:67:F6:8E:48:4F:88:AF:D3:84:9C:73:E5:AA:B5:1B:C6:67:98:46
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 3C6660E5967909C9C52F5DF7130B35723CD2961D
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/663f8943-4b6b-479c-88e1-5f55a76e37fc.roa
Signing time: Mon 27 Feb 2023 00:00:00 +0000
ROA not before: Mon 27 Feb 2023 00:00:00 +0000
ROA not after: Thu 02 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:66:60:e5:96:79:09:c9:c5:2f:5d:f7:13:0b:35:72:3c:d2:96:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 27 00:00:00 2023 GMT
Not After : Mar 2 23:59:59 2023 GMT
Subject: serialNumber=8876ea073b1ea3a8407906f8477147486a9b39113951b32ce72543dfe3f7f1bd, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:22:79:1d:12:4e:d7:e1:84:f2:cf:1e:14:85:
90:45:6e:cb:30:f2:a5:c7:9b:17:c1:d8:ca:1c:a0:
3c:44:b3:01:b7:16:94:33:4e:e2:74:bd:eb:09:95:
83:be:37:ab:8e:39:b6:d3:21:35:2a:02:46:76:f8:
50:dc:77:b0:f8:3b:f5:7d:e8:86:2b:9c:2e:e5:b3:
13:e4:7e:6d:8e:fc:1a:14:80:e8:24:88:1e:93:43:
ae:bd:aa:e1:41:c3:ea:76:de:f5:17:f7:75:da:db:
a2:11:32:69:ba:dc:9f:59:26:9e:24:35:4a:8d:dd:
07:49:8c:0a:4c:5f:e5:32:5d:a0:33:e0:99:67:a9:
e1:19:93:e8:55:23:00:d0:54:03:da:4f:72:92:f4:
ef:61:b6:64:dd:ad:0b:4e:e6:83:ea:1a:61:7d:6d:
37:26:4a:b3:ca:c3:9f:11:1b:ac:69:10:a8:61:bd:
7d:de:91:25:71:01:45:46:97:0e:db:fd:c9:4a:0d:
5f:57:f2:d9:a5:b8:ac:19:8b:bc:56:8a:26:0a:11:
3a:98:c2:e7:c0:ea:b0:59:73:97:2a:a4:07:49:fd:
6d:94:fa:a4:40:a8:87:b9:16:fd:8a:18:bb:d5:e4:
0c:65:c3:04:0b:ce:fe:7b:59:81:58:89:c3:1d:d8:
53:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:67:F6:8E:48:4F:88:AF:D3:84:9C:73:E5:AA:B5:1B:C6:67:98:46
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/663f8943-4b6b-479c-88e1-5f55a76e37fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:65:cd:27:04:59:81:5e:10:79:d0:b5:2b:41:ee:fe:1e:ff:
92:7b:91:3a:16:ef:96:5c:92:c4:e1:8b:bf:e2:06:09:f5:65:
12:72:f2:23:1c:84:82:8b:9e:58:94:64:54:b9:53:82:d0:5b:
70:f0:eb:0a:2b:24:3b:99:06:b4:6f:51:5d:68:57:49:51:bf:
d3:4f:d1:fd:6b:5a:7a:74:bd:28:4e:33:78:8a:20:67:2c:1b:
d2:83:75:9c:a6:96:ed:f4:e4:43:7e:e4:dc:36:74:f6:1b:92:
d3:af:01:92:28:04:13:c6:f7:a2:e5:48:79:40:d7:f3:61:55:
4a:db:18:ca:3c:a7:d0:33:54:d6:08:9f:a9:f0:45:c8:6e:43:
6e:9f:69:81:fc:b8:08:ed:6f:e2:09:b4:43:24:2d:22:38:8a:
bd:b1:6f:f4:c6:f8:1d:9d:97:b3:5d:e3:d1:3e:35:2f:78:27:
d6:d8:ac:08:9e:f0:0b:7a:59:be:f9:15:c5:11:80:f1:13:e8:
a4:41:e4:2e:70:62:05:04:f9:b6:5e:12:b1:d6:5c:1f:62:c5:
48:2a:2a:28:c7:69:49:4b:a7:f8:01:09:eb:a2:dd:14:ba:3c:
20:e8:b2:ae:33:47:a5:4b:fe:d3:af:52:1f:66:be:f0:2b:b9:
4d:d1:40:85
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUPGZg5ZZ5CcnFL133Ews1cjzSlh0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjI3MDAwMDAwWhcNMjMwMzAyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAODg3NmVhMDczYjFlYTNhODQwNzkwNmY4NDc3MTQ3NDg2
YTliMzkxMTM5NTFiMzJjZTcyNTQzZGZlM2Y3ZjFiZDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJwieR0STtfhhPLPHhSFkEVuyzDypcebF8HYyhygPESzAbcWlDNO
4nS96wmVg743q445ttMhNSoCRnb4UNx3sPg79X3ohiucLuWzE+R+bY78GhSA6CSI
HpNDrr2q4UHD6nbe9Rf3ddrbohEyabrcn1kmniQ1So3dB0mMCkxf5TJdoDPgmWep
4RmT6FUjANBUA9pPcpL072G2ZN2tC07mg+oaYX1tNyZKs8rDnxEbrGkQqGG9fd6R
JXEBRUaXDtv9yUoNX1fy2aW4rBmLvFaKJgoROpjC58DqsFlzlyqkB0n9bZT6pECo
h7kW/YoYu9XkDGXDBAvO/ntZgViJwx3YU1kCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRcZ/aOSE+Ir9OEnHPlqrUbxmeYRjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNjYzZjg5NDMtNGI2Yi00NzljLTg4ZTEtNWY1NWE3NmUzN2ZjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAK5lzScEWYFeEHnQ
tStB7v4e/5J7kToW75ZcksThi7/iBgn1ZRJy8iMchIKLnliUZFS5U4LQW3Dw6wor
JDuZBrRvUV1oV0lRv9NP0f1rWnp0vShOM3iKIGcsG9KDdZymlu305EN+5Nw2dPYb
ktOvAZIoBBPG96LlSHlA1/NhVUrbGMo8p9AzVNYIn6nwRchuQ26faYH8uAjtb+IJ
tEMkLSI4ir2xb/TG+B2dl7Nd49E+NS94J9bYrAie8At6Wb75FcURgPET6KRB5C5w
YgUE+bZeErHWXB9ixUgqKijHaUlLp/gBCeui3RS6PCDosq4zR6VL/tOvUh9mvvAr
uU3RQIU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:38 2023 by rpki-client on console-fra.rpki-client.org