Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70d8458e-8e5d-4c5e-b52d-177640c8477f.roa
File: 70d8458e-8e5d-4c5e-b52d-177640c8477f.roa (raw, json)
Hash identifier: 907tYRlvlZiMO48lBNgEksUPKprteHqMgHNQEqDNK6I=
Subject key identifier: 52:A3:52:D6:6F:74:D3:21:CA:EB:E9:DD:2C:32:EE:B4:06:D6:56:7E
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 580B1F414074C04BA16086F3624FB6CD7BAB9E60
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70d8458e-8e5d-4c5e-b52d-177640c8477f.roa
Signing time: Sun 19 Feb 2023 00:00:00 +0000
ROA not before: Sun 19 Feb 2023 00:00:00 +0000
ROA not after: Wed 22 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:0b:1f:41:40:74:c0:4b:a1:60:86:f3:62:4f:b6:cd:7b:ab:9e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 19 00:00:00 2023 GMT
Not After : Feb 22 23:59:59 2023 GMT
Subject: serialNumber=401c0ab62e531638f7e76f1cad9f209158ce1cfb6119dd6be3dc85cdbd702911, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8b:d1:55:9d:83:26:1e:4a:49:f2:68:31:f6:
87:5f:db:36:50:eb:68:71:4a:fe:4a:9c:28:da:ad:
27:fe:68:bd:9d:c4:95:ee:5a:b3:96:d2:44:20:77:
fb:83:82:65:5f:f0:14:d7:4d:ce:3a:3b:6e:26:65:
5d:56:50:cc:ed:bf:74:85:29:73:00:0f:b2:08:b7:
03:91:7d:3b:a1:6c:b5:29:69:3d:09:ef:30:fc:33:
62:d9:82:d8:ff:c2:8b:ef:23:b4:5b:4c:d2:05:5b:
7b:86:56:43:6f:a2:65:72:b8:58:ac:53:54:47:26:
f4:0d:cc:41:a9:6c:09:05:a5:0a:06:80:60:ca:03:
65:2e:61:9d:0f:a6:00:0a:5f:4d:f1:c6:b5:dc:55:
e7:08:cf:d1:55:6e:c2:20:2e:f8:b4:8e:56:e9:28:
71:06:79:ab:d8:3b:ad:03:2e:d4:fa:99:e4:73:fe:
76:3f:4a:e1:4e:ef:41:27:8a:4c:41:97:25:2f:fb:
23:35:b1:94:d3:c1:a6:4c:de:e3:33:98:9e:03:9c:
66:7c:51:40:9f:b9:bd:3c:f8:a8:83:a3:c9:3d:01:
6a:ea:30:4d:1a:fa:de:34:ef:e9:50:8d:4a:93:1f:
6b:0a:b6:8f:7d:f3:33:e6:37:69:60:43:c2:e9:c7:
67:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A3:52:D6:6F:74:D3:21:CA:EB:E9:DD:2C:32:EE:B4:06:D6:56:7E
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/70d8458e-8e5d-4c5e-b52d-177640c8477f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:49:d8:44:3a:7e:bd:f0:c9:dc:47:7e:87:c9:af:d1:39:8a:
d9:f9:fe:0f:4e:09:b7:d9:aa:7c:38:ac:fd:88:97:3c:72:42:
a4:c5:af:e9:05:a3:32:4c:97:b6:af:bc:43:bb:82:17:fb:57:
79:ac:59:1a:c2:7a:18:15:af:55:4e:e6:d0:79:64:fa:c5:11:
8f:73:9f:9d:b4:b4:a7:7b:cb:28:2b:dc:25:26:96:02:ec:7d:
31:cb:90:e2:b7:05:41:2f:c7:a3:93:05:11:ba:3d:07:c9:e3:
0f:e3:5c:fb:d2:2e:6c:19:be:35:3a:e9:1d:7a:43:df:02:6f:
23:58:e2:17:c5:5e:28:b5:08:46:09:42:da:eb:22:94:51:27:
40:01:d3:86:92:c4:49:2d:6f:25:55:73:3a:73:e3:00:bb:a7:
cf:5f:83:36:6f:00:78:49:a9:c6:62:16:5e:74:4a:47:ca:ec:
36:c3:7c:e0:05:51:78:d8:2a:f3:b5:04:16:cd:73:6c:87:a7:
16:c9:87:c2:4b:dc:41:5f:b2:3a:0a:bb:29:4e:47:cc:8f:b7:
fe:9b:ef:a0:f3:71:ee:4e:5e:5e:49:76:45:bf:a9:5d:07:2b:
0d:e5:00:57:95:b0:9f:f0:13:9e:0f:37:f1:2c:9a:f8:5e:05:
bc:b7:40:c4
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUWAsfQUB0wEuhYIbzYk+2zXurnmAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjE5MDAwMDAwWhcNMjMwMjIyMjM1OTU5
WjCBpTFJMEcGA1UEBRNANDAxYzBhYjYyZTUzMTYzOGY3ZTc2ZjFjYWQ5ZjIwOTE1
OGNlMWNmYjYxMTlkZDZiZTNkYzg1Y2RiZDcwMjkxMTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKWL0VWdgyYeSknyaDH2h1/bNlDraHFK/kqcKNqtJ/5ovZ3Ele5a
s5bSRCB3+4OCZV/wFNdNzjo7biZlXVZQzO2/dIUpcwAPsgi3A5F9O6FstSlpPQnv
MPwzYtmC2P/Ci+8jtFtM0gVbe4ZWQ2+iZXK4WKxTVEcm9A3MQalsCQWlCgaAYMoD
ZS5hnQ+mAApfTfHGtdxV5wjP0VVuwiAu+LSOVukocQZ5q9g7rQMu1PqZ5HP+dj9K
4U7vQSeKTEGXJS/7IzWxlNPBpkze4zOYngOcZnxRQJ+5vTz4qIOjyT0BauowTRr6
3jTv6VCNSpMfawq2j33zM+Y3aWBDwunHZzkCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRSo1LWb3TTIcrr6d0sMu60BtZWfjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNzBkODQ1OGUtOGU1ZC00YzVlLWI1MmQtMTc3NjQwYzg0NzdmLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACxJ2EQ6fr3wydxH
fofJr9E5itn5/g9OCbfZqnw4rP2IlzxyQqTFr+kFozJMl7avvEO7ghf7V3msWRrC
ehgVr1VO5tB5ZPrFEY9zn520tKd7yygr3CUmlgLsfTHLkOK3BUEvx6OTBRG6PQfJ
4w/jXPvSLmwZvjU66R16Q98CbyNY4hfFXii1CEYJQtrrIpRRJ0AB04aSxEktbyVV
czpz4wC7p89fgzZvAHhJqcZiFl50SkfK7DbDfOAFUXjYKvO1BBbNc2yHpxbJh8JL
3EFfsjoKuylOR8yPt/6b76Dzce5OXl5JdkW/qV0HKw3lAFeVsJ/wE54PN/Esmvhe
Bby3QMQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:46 2023 by rpki-client on console-ams.rpki-client.org