Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70729484-c064-46e5-938a-c583be021f66.roa
File: 70729484-c064-46e5-938a-c583be021f66.roa (raw, json)
Hash identifier: tDhVCsx8S6xpq6AGurtNoMJr267jL8a8eZ04EmufV+M=
Subject key identifier: 81:5A:52:DB:6B:AB:32:F1:B1:CB:8D:64:41:73:CB:A5:9E:5D:47:09
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 2811D7922152AC41ED2D8177B5F88BEC39F0799D
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70729484-c064-46e5-938a-c583be021f66.roa
Signing time: Tue 28 Mar 2023 00:00:00 +0000
ROA not before: Tue 28 Mar 2023 00:00:00 +0000
ROA not after: Fri 31 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:11:d7:92:21:52:ac:41:ed:2d:81:77:b5:f8:8b:ec:39:f0:79:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 28 00:00:00 2023 GMT
Not After : Mar 31 23:59:59 2023 GMT
Subject: serialNumber=cca6101b35acaea74d32b3559dae6f096e6b8afa5430825086ee7d3d7eab0b77, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fb:a2:62:87:12:30:b5:82:c8:7a:6a:37:98:
b5:3d:51:24:4d:67:c6:93:d5:d7:97:34:0d:14:c4:
a4:60:f1:2e:16:e5:4d:ba:42:aa:4a:50:dc:8b:28:
30:49:5b:5b:39:e1:3d:0b:d6:bd:c5:78:c5:f7:00:
0b:7f:ce:1b:eb:29:4d:97:63:7d:56:75:9d:0b:56:
d1:cc:af:3c:03:1d:b8:f9:e4:91:7c:05:0e:be:16:
cc:d2:ac:f0:56:36:f2:91:1e:0b:64:95:ba:1c:e5:
5b:14:12:60:75:ff:8e:84:f3:93:86:d4:67:52:11:
9b:10:07:18:08:b9:95:9e:f6:97:59:05:5f:b2:d1:
f6:8e:38:5e:32:42:d4:a2:0b:4e:35:53:c1:d2:9b:
8d:22:22:b7:9c:5e:cf:f8:04:26:96:73:e8:cf:dd:
7b:92:d4:f4:32:a9:74:bd:6b:36:9a:d6:a9:0f:c5:
40:7a:33:bc:a7:db:42:38:30:6f:a8:b9:e0:23:11:
3f:dc:03:d0:bf:37:d2:92:d3:b5:1a:22:84:9e:a2:
d2:d2:1c:23:5c:ae:69:84:a9:43:ef:a1:ce:73:37:
97:88:8e:83:e6:06:05:51:3a:ea:17:b0:f9:32:92:
fa:22:84:17:e3:9b:3c:50:8d:01:ba:57:76:49:92:
45:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5A:52:DB:6B:AB:32:F1:B1:CB:8D:64:41:73:CB:A5:9E:5D:47:09
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70729484-c064-46e5-938a-c583be021f66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
83:21:3c:a8:14:90:03:8d:ea:3c:7c:50:08:62:7d:93:97:a4:
62:c1:d8:48:3f:3a:13:f3:b8:31:f9:52:5a:12:51:b8:b0:91:
52:d5:e2:cb:76:53:d5:91:cb:bb:f4:11:b2:ee:67:6a:8b:be:
06:6a:39:50:97:90:7f:b8:ff:d7:c6:08:c1:9a:b8:a3:62:a1:
c5:53:07:a6:c5:a3:f3:79:0d:ad:1e:ac:63:25:9b:0c:e4:d4:
45:ff:74:46:cc:31:ee:91:6b:cc:f2:be:02:07:11:83:27:a2:
f6:8d:12:6a:0d:c1:cb:62:8c:90:24:c5:11:f5:0d:94:e7:99:
50:63:c0:8d:46:9c:66:6c:bb:06:4a:38:24:77:3f:10:10:8c:
51:f2:b5:5a:62:08:cf:aa:b5:74:5b:b3:78:e7:83:64:22:50:
1b:e3:98:06:b1:3a:d5:28:5c:86:1c:86:f9:b1:06:09:73:2f:
e5:63:4b:cd:83:6a:a5:57:39:95:b4:8b:9d:e3:0a:4c:35:32:
88:49:01:f0:d6:93:5f:e3:b4:74:4d:93:e1:4b:53:19:35:41:
7c:64:55:86:8b:e3:ce:e5:4e:9a:05:20:77:c9:f3:58:63:2e:
0a:1a:01:2c:08:00:fe:62:d7:32:14:68:79:a6:8b:d7:40:a9:
ab:72:17:2a
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUKBHXkiFSrEHtLYF3tfiL7DnweZ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzI4MDAwMDAwWhcNMjMwMzMxMjM1OTU5
WjCBpTFJMEcGA1UEBRNAY2NhNjEwMWIzNWFjYWVhNzRkMzJiMzU1OWRhZTZmMDk2
ZTZiOGFmYTU0MzA4MjUwODZlZTdkM2Q3ZWFiMGI3NzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALD7omKHEjC1gsh6ajeYtT1RJE1nxpPV15c0DRTEpGDxLhblTbpC
qkpQ3IsoMElbWznhPQvWvcV4xfcAC3/OG+spTZdjfVZ1nQtW0cyvPAMduPnkkXwF
Dr4WzNKs8FY28pEeC2SVuhzlWxQSYHX/joTzk4bUZ1IRmxAHGAi5lZ72l1kFX7LR
9o44XjJC1KILTjVTwdKbjSIit5xez/gEJpZz6M/de5LU9DKpdL1rNprWqQ/FQHoz
vKfbQjgwb6i54CMRP9wD0L830pLTtRoihJ6i0tIcI1yuaYSpQ++hznM3l4iOg+YG
BVE66hew+TKS+iKEF+ObPFCNAbpXdkmSRQUCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSBWlLba6sy8bHLjWRBc8ulnl1HCTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNzA3Mjk0ODQtYzA2NC00NmU1LTkzOGEtYzU4M2JlMDIxZjY2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIMhPKgUkAON6jx8
UAhifZOXpGLB2Eg/OhPzuDH5UloSUbiwkVLV4st2U9WRy7v0EbLuZ2qLvgZqOVCX
kH+4/9fGCMGauKNiocVTB6bFo/N5Da0erGMlmwzk1EX/dEbMMe6Ra8zyvgIHEYMn
ovaNEmoNwctijJAkxRH1DZTnmVBjwI1GnGZsuwZKOCR3PxAQjFHytVpiCM+qtXRb
s3jng2QiUBvjmAaxOtUoXIYchvmxBglzL+VjS82DaqVXOZW0i53jCkw1MohJAfDW
k1/jtHRNk+FLUxk1QXxkVYaL487lTpoFIHfJ81hjLgoaASwIAP5i1zIUaHmmi9dA
qatyFyo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-fra.rpki-client.org