Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/729fb707-94ae-4be2-b37d-86e12dd96eb2.roa
File: 729fb707-94ae-4be2-b37d-86e12dd96eb2.roa (raw, json)
Hash identifier: nv0M+EAefsAsbXgt7uEvs1HlUFVM8/N9x+uzCZepZ4E=
Subject key identifier: EC:91:69:EC:98:B5:26:6C:B5:3D:46:02:FC:2B:C5:12:0C:64:C2:64
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 450A25ADB0E4D308F8CAFCD42EE40521E1133F44
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/729fb707-94ae-4be2-b37d-86e12dd96eb2.roa
Signing time: Sat 25 Feb 2023 00:00:00 +0000
ROA not before: Sat 25 Feb 2023 00:00:00 +0000
ROA not after: Tue 28 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:0a:25:ad:b0:e4:d3:08:f8:ca:fc:d4:2e:e4:05:21:e1:13:3f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 25 00:00:00 2023 GMT
Not After : Feb 28 23:59:59 2023 GMT
Subject: serialNumber=84e13de0687fb38996c3f85ecd470a83758943bdf82369ac524684eebd7d9d52, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:ab:66:02:c0:49:19:8b:62:e9:64:b3:f1:
3b:5b:e4:45:3d:c5:c4:33:3f:a0:72:c1:6f:40:98:
84:1f:48:30:fb:d4:aa:fe:5b:e1:7b:fa:62:4d:60:
7e:5b:26:04:50:88:05:0b:a7:9a:a6:ef:1c:8f:91:
c0:2c:85:ee:e4:f2:5a:02:0a:61:fd:f1:6d:90:34:
b2:5f:c8:7e:0d:53:f6:b0:99:e1:93:f6:f2:f1:a4:
86:47:4c:92:b6:02:8f:ce:bd:a2:3c:64:17:ef:9c:
aa:a8:18:81:eb:b2:88:31:aa:55:14:28:a9:7f:4f:
99:dc:d8:82:87:58:43:e1:db:e5:57:e0:80:c9:3e:
a6:c5:ef:93:73:08:44:7c:b8:e1:cf:f0:03:f9:ed:
11:f0:47:a6:29:6d:2f:ed:2d:66:cf:9d:c8:5c:91:
85:1a:07:ee:ec:9a:f0:ff:1c:fd:25:40:c6:cc:c3:
76:18:83:86:04:81:f0:d8:2b:37:03:0a:c1:48:ae:
a2:8a:c1:1e:43:bf:c6:5f:fe:19:dc:48:a6:31:9d:
34:92:d6:1a:5e:dd:ba:44:1d:46:81:90:68:d1:d2:
22:79:c4:34:8c:a7:a7:7b:df:9e:dd:2f:ed:74:ba:
bc:fe:e2:8d:85:da:a6:26:ba:15:f8:40:d7:21:9c:
69:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:91:69:EC:98:B5:26:6C:B5:3D:46:02:FC:2B:C5:12:0C:64:C2:64
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/729fb707-94ae-4be2-b37d-86e12dd96eb2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:f2:b1:56:ad:28:b7:aa:62:31:5f:5d:1e:57:a9:59:60:d0:
cf:22:49:9f:72:9b:8a:e8:1b:89:fc:62:47:1b:0c:bf:54:b5:
ce:75:81:de:a3:d4:d2:f5:a1:ff:0d:62:17:c7:af:33:19:af:
82:53:fa:d9:79:dc:89:df:f0:99:28:cc:31:31:b7:0d:61:57:
31:31:93:e1:c7:16:39:25:29:f7:8b:db:3d:55:68:e8:44:74:
49:20:8e:83:c0:72:e2:57:f9:16:b4:89:02:78:c9:20:d1:02:
88:6c:bf:0b:3a:14:84:0b:29:4f:69:06:72:67:90:e7:5d:17:
8a:39:b5:1c:7d:38:6b:b9:57:09:d6:6a:31:f9:89:47:f5:e2:
43:8c:0c:cc:c8:d2:94:b4:dc:5f:fb:4c:f2:73:de:f4:e4:9c:
69:fc:69:5f:98:9b:c1:92:bf:e9:b9:78:51:16:27:06:65:d4:
02:d6:b6:1a:5d:0e:42:e4:84:b1:2e:f3:69:8f:54:b4:2c:c6:
3e:b1:02:e6:43:1d:01:1f:2a:84:db:5c:04:c1:78:76:7c:16:
7c:3a:76:30:ef:7f:30:0e:b3:9a:34:f9:56:20:85:eb:f4:65:
24:98:d6:73:ab:bb:f0:ad:09:97:87:3a:8f:cc:31:6c:21:16:
d2:96:dd:ae
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIURQolrbDk0wj4yvzULuQFIeETP0QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjI1MDAwMDAwWhcNMjMwMjI4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAODRlMTNkZTA2ODdmYjM4OTk2YzNmODVlY2Q0NzBhODM3
NTg5NDNiZGY4MjM2OWFjNTI0Njg0ZWViZDdkOWQ1MjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKjDq2YCwEkZi2LpZLPxO1vkRT3FxDM/oHLBb0CYhB9IMPvUqv5b
4Xv6Yk1gflsmBFCIBQunmqbvHI+RwCyF7uTyWgIKYf3xbZA0sl/Ifg1T9rCZ4ZP2
8vGkhkdMkrYCj869ojxkF++cqqgYgeuyiDGqVRQoqX9PmdzYgodYQ+Hb5VfggMk+
psXvk3MIRHy44c/wA/ntEfBHpiltL+0tZs+dyFyRhRoH7uya8P8c/SVAxszDdhiD
hgSB8NgrNwMKwUiuoorBHkO/xl/+GdxIpjGdNJLWGl7dukQdRoGQaNHSInnENIyn
p3vfnt0v7XS6vP7ijYXapia6FfhA1yGcaWcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTskWnsmLUmbLU9RgL8K8USDGTCZDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNzI5ZmI3MDctOTRhZS00YmUyLWIzN2QtODZlMTJkZDk2ZWIyLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAL/ysVatKLeqYjFf
XR5XqVlg0M8iSZ9ym4roG4n8YkcbDL9Utc51gd6j1NL1of8NYhfHrzMZr4JT+tl5
3Inf8JkozDExtw1hVzExk+HHFjklKfeL2z1VaOhEdEkgjoPAcuJX+Ra0iQJ4ySDR
Aohsvws6FIQLKU9pBnJnkOddF4o5tRx9OGu5VwnWajH5iUf14kOMDMzI0pS03F/7
TPJz3vTknGn8aV+Ym8GSv+m5eFEWJwZl1ALWthpdDkLkhLEu82mPVLQsxj6xAuZD
HQEfKoTbXATBeHZ8Fnw6djDvfzAOs5o0+VYghev0ZSSY1nOru/CtCZeHOo/MMWwh
FtKW3a4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-ams.rpki-client.org