Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/669c57e2-ac21-4413-a647-0938f63f56b0.roa
File: 669c57e2-ac21-4413-a647-0938f63f56b0.roa (raw, json)
Hash identifier: pTFTti9Uo65nxo9h9E88UWg2xCq9Z9oeTr1TSkUw/s4=
Subject key identifier: DF:97:47:04:94:B7:5E:18:BB:C9:71:AB:48:4E:9E:FC:75:53:36:08
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 47617040DD8A84C2F8991C36E304502CAB455728
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/669c57e2-ac21-4413-a647-0938f63f56b0.roa
Signing time: Fri 06 Jan 2023 00:00:00 +0000
ROA not before: Fri 06 Jan 2023 00:00:00 +0000
ROA not after: Mon 09 Jan 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:61:70:40:dd:8a:84:c2:f8:99:1c:36:e3:04:50:2c:ab:45:57:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Jan 6 00:00:00 2023 GMT
Not After : Jan 9 23:59:59 2023 GMT
Subject: serialNumber=6badad24b02ae1c3f69bdee86ef3b0230b4130742c963936e3d2815c78b457bb, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:44:1f:53:d1:05:54:23:9f:de:0c:e7:89:01:
65:c1:14:45:c9:8e:a8:1d:ed:54:a0:3f:40:e6:f7:
42:ab:9d:ef:63:65:d2:e7:1e:03:4a:a1:ea:f6:e6:
f9:d5:bc:0b:ab:8c:3d:4d:25:d9:b5:fd:17:04:47:
9c:ae:dd:9b:f8:0d:d5:e5:ba:8c:47:ec:e4:80:8a:
87:92:66:a3:9d:f6:bd:30:9d:f8:53:ba:f7:22:bf:
eb:da:71:12:18:35:25:5a:1b:7d:71:9a:e5:a6:51:
cc:72:09:b9:59:06:5c:6d:76:3d:3e:cf:90:84:aa:
25:59:2c:df:2a:66:66:d9:20:e0:dc:e4:12:bd:5a:
f6:36:62:51:7c:36:74:6a:c3:2e:d1:79:1c:45:1d:
a4:4f:02:73:15:e1:60:da:fa:2f:fd:01:95:3a:3d:
13:19:c3:9d:da:d1:35:be:bc:b7:38:67:6d:94:a7:
43:ea:01:9d:f9:01:ca:35:89:25:ba:44:b3:a9:90:
81:9c:73:93:f6:df:ba:93:7f:aa:10:63:9b:f7:91:
69:49:ea:ae:f5:46:3a:75:d0:35:50:1c:64:8b:9a:
82:33:b4:b5:4f:47:59:de:b5:1e:f1:09:0e:20:55:
02:72:b8:d4:f7:f7:3f:cf:ee:1d:cf:67:05:6a:74:
c8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:97:47:04:94:B7:5E:18:BB:C9:71:AB:48:4E:9E:FC:75:53:36:08
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/669c57e2-ac21-4413-a647-0938f63f56b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
af:d1:d2:5d:de:3f:7a:e5:79:0e:56:93:c7:51:69:cb:43:a1:
f2:6f:a6:1a:96:d2:22:54:e1:a2:09:0f:ca:c5:3f:c5:92:c2:
5c:55:1b:b8:d8:8b:dc:03:b8:df:a9:94:56:f1:a6:29:4d:4a:
3e:ae:d1:26:15:c6:5d:b3:b3:da:2d:0a:09:64:b5:7f:1c:14:
3b:03:c6:14:85:f7:bd:7f:00:54:26:16:2b:a3:77:83:42:71:
40:79:aa:bd:27:30:27:bb:3e:4f:ef:53:a3:e9:48:72:ea:d1:
42:d3:0a:d8:a0:79:30:bb:29:7c:36:d0:d3:e9:a5:ca:87:a4:
9d:2a:60:f4:5f:df:a6:a6:36:53:23:e6:88:d6:12:fe:e8:68:
67:ac:b9:0b:49:67:11:40:89:4b:94:37:1a:6c:56:95:5e:29:
7e:a8:28:94:1f:3b:f6:c9:73:45:a8:78:dc:d2:e4:37:47:fa:
b5:31:c8:2e:c2:5f:15:31:39:c9:10:5e:b2:5b:32:9a:15:99:
24:db:9e:c2:76:29:03:07:79:34:de:bf:b0:50:08:22:93:e5:
92:f6:95:8c:2b:d2:1a:5c:6c:73:39:14:66:6a:c1:2f:f1:76:
0c:01:2f:57:e1:7c:57:e6:ad:16:8b:a4:17:c3:a4:f6:db:3c:
00:98:ff:ba
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUR2FwQN2KhML4mRw24wRQLKtFVygwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMTA2MDAwMDAwWhcNMjMwMTA5MjM1OTU5
WjCBpTFJMEcGA1UEBRNANmJhZGFkMjRiMDJhZTFjM2Y2OWJkZWU4NmVmM2IwMjMw
YjQxMzA3NDJjOTYzOTM2ZTNkMjgxNWM3OGI0NTdiYjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANBEH1PRBVQjn94M54kBZcEURcmOqB3tVKA/QOb3Qqud72Nl0uce
A0qh6vbm+dW8C6uMPU0l2bX9FwRHnK7dm/gN1eW6jEfs5ICKh5Jmo532vTCd+FO6
9yK/69pxEhg1JVobfXGa5aZRzHIJuVkGXG12PT7PkISqJVks3ypmZtkg4NzkEr1a
9jZiUXw2dGrDLtF5HEUdpE8CcxXhYNr6L/0BlTo9ExnDndrRNb68tzhnbZSnQ+oB
nfkByjWJJbpEs6mQgZxzk/bfupN/qhBjm/eRaUnqrvVGOnXQNVAcZIuagjO0tU9H
Wd61HvEJDiBVAnK41Pf3P8/uHc9nBWp0yL8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTfl0cElLdeGLvJcatITp78dVM2CDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNjY5YzU3ZTItYWMyMS00NDEzLWE2NDctMDkzOGY2M2Y1NmIwLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAK/R0l3eP3rleQ5W
k8dRactDofJvphqW0iJU4aIJD8rFP8WSwlxVG7jYi9wDuN+plFbxpilNSj6u0SYV
xl2zs9otCglktX8cFDsDxhSF971/AFQmFiujd4NCcUB5qr0nMCe7Pk/vU6PpSHLq
0ULTCtigeTC7KXw20NPppcqHpJ0qYPRf36amNlMj5ojWEv7oaGesuQtJZxFAiUuU
NxpsVpVeKX6oKJQfO/bJc0WoeNzS5DdH+rUxyC7CXxUxOckQXrJbMpoVmSTbnsJ2
KQMHeTTev7BQCCKT5ZL2lYwr0hpcbHM5FGZqwS/xdgwBL1fhfFfmrRaLpBfDpPbb
PACY/7o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:46 2023 by rpki-client on console-ams.rpki-client.org