Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70bcca89-ed7c-407f-a01d-0bf584fcdc36.roa
File: 70bcca89-ed7c-407f-a01d-0bf584fcdc36.roa (raw, json)
Hash identifier: 5cBGb6DlxhCgT/0Cc8FoBLFjnZo0ap296powwcEVBOI=
Subject key identifier: B1:2D:2C:BB:B4:E3:B9:9A:A8:E9:B1:29:80:F7:9F:08:70:66:F9:A9
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 7C62F79DE4CE7D1E5430D4EE007A00A80FED0DCB
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70bcca89-ed7c-407f-a01d-0bf584fcdc36.roa
Signing time: Wed 22 Mar 2023 00:00:00 +0000
ROA not before: Wed 22 Mar 2023 00:00:00 +0000
ROA not after: Sat 25 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:62:f7:9d:e4:ce:7d:1e:54:30:d4:ee:00:7a:00:a8:0f:ed:0d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 22 00:00:00 2023 GMT
Not After : Mar 25 23:59:59 2023 GMT
Subject: serialNumber=a68935eeaecc5ea71c83ea386bbb340c06977ab6ce14593354cbbc84a732d77a, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:75:fe:6c:ec:74:21:05:56:00:10:04:4f:8e:
82:8a:3e:7e:51:4d:f3:ed:13:4b:de:77:dd:3e:96:
00:bc:15:39:d1:00:4b:34:8f:e3:8e:5a:fb:7e:da:
94:82:65:25:d6:5a:e5:66:d3:92:ac:94:74:47:a3:
4e:52:61:8a:6c:82:17:7d:25:8a:7d:52:a6:72:80:
b0:5c:af:4a:a9:45:c0:f4:53:cd:0b:f4:be:f3:89:
50:e2:b7:fe:32:a0:1a:b4:45:f2:fc:50:ff:d4:43:
c2:d3:7e:c6:bd:f3:6e:4f:00:33:69:56:55:61:fc:
85:d2:77:09:5a:d5:32:87:9e:b4:05:40:ff:05:fc:
e0:fa:0b:26:62:da:52:30:02:e9:03:72:67:c5:9b:
28:60:47:86:fb:2d:c5:6a:55:6f:3a:67:18:d9:d1:
cf:89:22:40:6c:0b:64:15:c1:07:e4:af:ee:64:7c:
f2:3b:4c:f1:d8:b5:3b:2a:f3:47:c5:df:04:a3:d1:
4b:5d:7c:73:73:5b:af:18:0f:9b:e5:e1:95:85:7f:
cf:82:1b:ba:76:4e:66:ff:0d:4e:01:db:72:24:26:
96:b2:88:38:7f:5f:3f:d6:49:d2:c7:99:07:2f:fc:
f3:6f:2a:4f:b8:34:5d:81:bf:d3:91:78:94:bf:55:
76:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2D:2C:BB:B4:E3:B9:9A:A8:E9:B1:29:80:F7:9F:08:70:66:F9:A9
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70bcca89-ed7c-407f-a01d-0bf584fcdc36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
89:51:c8:d1:55:27:80:28:f9:6f:6d:3a:64:0b:4f:40:f9:2a:
5d:c9:0e:b8:81:4a:f4:2e:6f:e7:53:04:45:18:9a:95:41:98:
a7:cc:bb:39:0f:9f:2d:84:ef:c9:a9:52:20:6b:01:13:db:46:
b8:87:56:1d:6d:e3:94:66:11:f7:ad:3a:12:a5:49:91:66:e5:
f7:81:a1:97:d1:81:70:2f:7d:78:12:c4:b9:bf:29:9a:f5:ea:
5c:74:21:3e:b6:b5:61:87:a8:8b:15:95:6b:ba:98:05:f8:5b:
30:32:4d:7f:65:c6:5e:b3:1c:fa:19:70:07:fa:9d:7e:0c:79:
f9:25:75:db:5f:3a:d2:25:92:23:77:87:52:5d:39:97:88:48:
ef:c4:39:28:7a:ff:79:02:5d:f0:02:8f:a6:93:5e:c9:ef:be:
00:a7:70:ce:e8:5d:23:8a:cd:c4:57:b7:db:20:1b:a0:eb:06:
7a:17:51:88:27:34:2f:5b:f8:c7:00:57:02:46:d7:2f:90:0a:
06:7c:cc:9a:68:7b:fe:ab:e0:c4:eb:ca:f8:12:91:10:3c:31:
a3:62:09:5e:56:11:9b:d4:fc:9e:e9:c7:96:53:63:ad:4f:77:
79:93:6a:05:06:de:1a:f3:45:68:96:c1:89:49:94:52:c4:59:
c4:9b:a2:cd
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUfGL3neTOfR5UMNTuAHoAqA/tDcswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzIyMDAwMDAwWhcNMjMwMzI1MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYTY4OTM1ZWVhZWNjNWVhNzFjODNlYTM4NmJiYjM0MGMw
Njk3N2FiNmNlMTQ1OTMzNTRjYmJjODRhNzMyZDc3YTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOV1/mzsdCEFVgAQBE+Ogoo+flFN8+0TS9533T6WALwVOdEASzSP
445a+37alIJlJdZa5WbTkqyUdEejTlJhimyCF30lin1SpnKAsFyvSqlFwPRTzQv0
vvOJUOK3/jKgGrRF8vxQ/9RDwtN+xr3zbk8AM2lWVWH8hdJ3CVrVMoeetAVA/wX8
4PoLJmLaUjAC6QNyZ8WbKGBHhvstxWpVbzpnGNnRz4kiQGwLZBXBB+Sv7mR88jtM
8di1OyrzR8XfBKPRS118c3NbrxgPm+XhlYV/z4IbunZOZv8NTgHbciQmlrKIOH9f
P9ZJ0seZBy/8828qT7g0XYG/05F4lL9Vdm0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSxLSy7tOO5mqjpsSmA958IcGb5qTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNzBiY2NhODktZWQ3Yy00MDdmLWEwMWQtMGJmNTg0ZmNkYzM2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIlRyNFVJ4Ao+W9t
OmQLT0D5Kl3JDriBSvQub+dTBEUYmpVBmKfMuzkPny2E78mpUiBrARPbRriHVh1t
45RmEfetOhKlSZFm5feBoZfRgXAvfXgSxLm/KZr16lx0IT62tWGHqIsVlWu6mAX4
WzAyTX9lxl6zHPoZcAf6nX4MefklddtfOtIlkiN3h1JdOZeISO/EOSh6/3kCXfAC
j6aTXsnvvgCncM7oXSOKzcRXt9sgG6DrBnoXUYgnNC9b+McAVwJG1y+QCgZ8zJpo
e/6r4MTryvgSkRA8MaNiCV5WEZvU/J7px5ZTY61Pd3mTagUG3hrzRWiWwYlJlFLE
WcSbos0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-fra.rpki-client.org