Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/68d7ca30-fe3d-474b-957f-f6c61178a2fd.roa
File: 68d7ca30-fe3d-474b-957f-f6c61178a2fd.roa (raw, json)
Hash identifier: EutP7zaJ+jnF08baxJrUCT1w7jqoncrP9Di21u4Prbs=
Subject key identifier: 9F:00:01:32:47:87:7C:47:BC:87:A5:70:12:2B:FB:3F:15:A0:A3:B5
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 7A29C3DBB7F8764ACE47CF9C80F86236B60D2CCE
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/68d7ca30-fe3d-474b-957f-f6c61178a2fd.roa
Signing time: Mon 03 Apr 2023 00:00:00 +0000
ROA not before: Mon 03 Apr 2023 00:00:00 +0000
ROA not after: Thu 06 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:29:c3:db:b7:f8:76:4a:ce:47:cf:9c:80:f8:62:36:b6:0d:2c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 3 00:00:00 2023 GMT
Not After : Apr 6 23:59:59 2023 GMT
Subject: serialNumber=63b5cb64e5760d5373a65da1b2220ff4fba32c324c1ceecaecb8f34ebce3fd25, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5a:86:5a:69:01:7f:25:4e:95:ca:03:9f:b5:
68:9f:65:32:04:dc:66:f6:06:52:e4:6d:29:c6:65:
fb:e7:15:78:d9:db:37:67:b0:2e:3d:14:9c:b2:09:
6e:25:17:7d:9f:e6:36:e8:61:38:30:50:58:d7:18:
14:09:58:b9:53:1e:b1:d6:73:aa:9f:1c:39:8e:ed:
c7:21:36:96:b0:e5:ba:c8:fd:1d:3d:7e:ab:0e:ac:
a8:fb:ba:d1:a8:e4:4a:48:23:af:39:89:0d:56:20:
d9:45:0c:f7:34:e2:ab:53:e0:ac:cb:8d:ff:11:dd:
a3:47:de:9e:fe:a0:82:3a:a0:2d:43:8c:98:13:de:
86:15:d0:aa:d7:f6:c2:6d:d5:28:49:ba:ca:9a:e3:
75:ea:8b:22:5d:b5:72:4b:fe:0b:62:90:09:f4:a4:
51:ca:36:28:b7:bc:dc:be:d9:bf:e0:23:e1:50:17:
c1:b9:d1:0c:c6:61:67:87:e0:50:c5:2c:3d:17:e1:
1d:39:4a:28:31:d8:b4:8c:c5:be:d6:ce:1f:75:41:
2d:a4:c8:09:76:3d:e9:46:88:77:7c:36:85:fd:6e:
f6:40:d8:7f:3c:88:96:9b:d8:f2:b6:c8:18:06:aa:
18:9a:3a:7b:1e:e4:a7:1c:48:f5:de:ea:54:c7:b2:
ce:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:00:01:32:47:87:7C:47:BC:87:A5:70:12:2B:FB:3F:15:A0:A3:B5
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/68d7ca30-fe3d-474b-957f-f6c61178a2fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:6b:99:3b:ce:8a:04:dd:3b:e3:e0:66:75:e4:9b:8d:93:d9:
f0:e6:60:db:0c:6b:b7:31:1b:c2:49:f3:b8:84:a6:76:fe:24:
c2:fc:36:42:17:f2:33:29:b6:bf:16:1b:dc:54:be:e3:02:e9:
e9:92:a3:82:a4:b3:fa:d2:53:ac:cd:74:1b:49:52:84:33:00:
3b:bb:72:88:47:4b:d3:0b:15:e1:5b:40:77:f4:54:f4:71:80:
02:03:92:aa:a8:b7:cc:53:1a:1d:a5:5f:60:fd:b0:b3:4f:df:
a0:95:89:11:90:62:5a:ba:7b:cb:a7:55:e3:61:1d:89:70:e1:
be:4a:16:f5:a2:4d:47:2a:b9:11:83:46:32:f3:c7:a8:d0:8f:
c7:5a:4d:16:0b:ab:c0:c8:75:8d:9d:3b:23:3b:8b:54:5c:ed:
e3:5e:f2:e8:6b:36:05:9f:8a:01:95:83:b9:0f:11:88:9c:5f:
9f:59:12:3b:92:44:2a:5f:83:85:c3:ff:60:bf:38:aa:cc:41:
00:5b:5d:05:66:ce:01:3b:62:34:70:90:05:56:c6:8f:72:8a:
b4:75:19:3b:ed:21:ca:ca:e9:d5:0d:80:27:21:13:46:87:48:
18:cd:1a:8c:f9:ff:63:b5:b6:ce:81:37:11:6b:eb:a9:34:dd:
56:32:5c:cb
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUeinD27f4dkrOR8+cgPhiNrYNLM4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDAzMDAwMDAwWhcNMjMwNDA2MjM1OTU5
WjCBpTFJMEcGA1UEBRNANjNiNWNiNjRlNTc2MGQ1MzczYTY1ZGExYjIyMjBmZjRm
YmEzMmMzMjRjMWNlZWNhZWNiOGYzNGViY2UzZmQyNTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMRahlppAX8lTpXKA5+1aJ9lMgTcZvYGUuRtKcZl++cVeNnbN2ew
Lj0UnLIJbiUXfZ/mNuhhODBQWNcYFAlYuVMesdZzqp8cOY7txyE2lrDlusj9HT1+
qw6sqPu60ajkSkgjrzmJDVYg2UUM9zTiq1PgrMuN/xHdo0fenv6ggjqgLUOMmBPe
hhXQqtf2wm3VKEm6yprjdeqLIl21ckv+C2KQCfSkUco2KLe83L7Zv+Aj4VAXwbnR
DMZhZ4fgUMUsPRfhHTlKKDHYtIzFvtbOH3VBLaTICXY96UaId3w2hf1u9kDYfzyI
lpvY8rbIGAaqGJo6ex7kpxxI9d7qVMeyzqMCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSfAAEyR4d8R7yHpXASK/s/FaCjtTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNjhkN2NhMzAtZmUzZC00NzRiLTk1N2YtZjZjNjExNzhhMmZkLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD9rmTvOigTdO+Pg
ZnXkm42T2fDmYNsMa7cxG8JJ87iEpnb+JML8NkIX8jMptr8WG9xUvuMC6emSo4Kk
s/rSU6zNdBtJUoQzADu7cohHS9MLFeFbQHf0VPRxgAIDkqqot8xTGh2lX2D9sLNP
36CViRGQYlq6e8unVeNhHYlw4b5KFvWiTUcquRGDRjLzx6jQj8daTRYLq8DIdY2d
OyM7i1Rc7eNe8uhrNgWfigGVg7kPEYicX59ZEjuSRCpfg4XD/2C/OKrMQQBbXQVm
zgE7YjRwkAVWxo9yirR1GTvtIcrK6dUNgCchE0aHSBjNGoz5/2O1ts6BNxFr66k0
3VYyXMs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:46 2023 by rpki-client on console-fra.rpki-client.org