Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/73e162c8-dc44-4486-a6e1-ccac9c122e23.roa
File: 73e162c8-dc44-4486-a6e1-ccac9c122e23.roa (raw, json)
Hash identifier: 5jIAjv4HHl2te96/gSD1xbOtRzqk3dxz3Uj357Pts0Q=
Subject key identifier: 96:A6:5B:C4:19:52:F5:20:63:C9:ED:EB:AE:14:04:8C:A4:04:82:7C
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 3E626995103755BA2E0D2BD8A2E88F35FDF0527F
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/73e162c8-dc44-4486-a6e1-ccac9c122e23.roa
Signing time: Wed 25 Jan 2023 00:00:00 +0000
ROA not before: Wed 25 Jan 2023 00:00:00 +0000
ROA not after: Sat 28 Jan 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:62:69:95:10:37:55:ba:2e:0d:2b:d8:a2:e8:8f:35:fd:f0:52:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Jan 25 00:00:00 2023 GMT
Not After : Jan 28 23:59:59 2023 GMT
Subject: serialNumber=33edd39a5f5c0a8e98eb31ed33b06429c7d898dc7afac0218fd8ca9aa18be415, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2a:8e:49:b8:0e:64:a0:35:83:45:eb:69:9e:
e0:9a:1b:e0:94:62:3f:c9:91:0d:12:88:ea:0a:76:
be:23:19:62:d1:be:57:e2:43:2d:40:7c:7e:e1:c9:
db:ae:38:7a:58:e3:9f:45:07:e2:59:f0:8c:c4:2e:
39:de:43:f0:c2:fc:ee:0d:fe:e2:e4:d1:34:d8:59:
e2:3f:a6:d7:bf:67:e1:75:89:b7:f2:37:d2:10:fa:
79:0f:54:91:11:06:74:1b:1a:26:bc:71:e3:f5:15:
2d:08:2d:67:77:ca:75:6f:e8:13:8e:71:fc:68:fb:
4a:d2:08:4d:79:17:88:1b:1b:bb:fa:4d:28:47:e0:
5d:75:2f:32:90:7f:ce:e4:d0:87:ae:2c:57:05:52:
94:da:10:22:cf:63:3e:d2:ca:44:fc:9b:76:02:36:
2e:44:89:f8:07:0b:9e:35:e1:bb:41:8b:9c:59:62:
e6:bc:24:91:db:f8:28:66:f5:97:ea:d2:82:cd:42:
df:2c:02:47:26:85:c8:2d:36:c1:fe:88:2f:5c:68:
56:1f:ab:30:b2:e9:6e:ee:f0:48:ba:42:88:f2:c7:
94:54:34:b9:d0:c2:6b:0c:6a:2a:6f:7a:e0:fa:d1:
24:8b:39:c2:38:a1:c7:a7:ed:26:01:5a:fc:12:4d:
39:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A6:5B:C4:19:52:F5:20:63:C9:ED:EB:AE:14:04:8C:A4:04:82:7C
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/73e162c8-dc44-4486-a6e1-ccac9c122e23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
55:93:a4:0a:1c:57:6e:cb:96:40:d5:64:67:7f:64:9f:b1:bb:
d1:fe:6d:a1:a3:03:7f:93:af:4a:a4:f2:22:2d:d8:d0:74:99:
66:b4:3a:79:06:13:fe:c7:02:73:91:c8:d7:d6:03:fd:33:41:
1c:04:67:dc:59:85:1a:eb:50:c6:0b:4e:e1:1d:4b:f7:8d:91:
d0:71:0b:46:0e:31:e2:9f:5f:67:bf:2f:6e:06:dc:24:23:a9:
75:ff:55:2b:8d:ef:b1:71:80:68:7e:64:01:c7:ad:a6:d0:c7:
b3:a1:33:09:a2:92:5b:1d:7a:66:c6:56:b4:a1:98:d9:e6:05:
b4:90:53:24:7c:0d:dc:81:d2:9b:7a:6e:f6:70:8b:ff:38:c1:
a3:1a:5e:bb:c3:55:02:0d:c4:fa:be:eb:1a:bc:17:ac:35:4e:
7c:61:f5:f3:f9:73:65:72:fe:bc:2a:d6:c3:1e:9c:11:10:f9:
6c:7e:0d:e6:2a:91:78:f1:6f:f7:31:90:3a:96:a7:a2:92:8f:
4c:fb:10:29:43:23:a6:cb:c5:94:34:03:ff:26:cd:1e:25:90:
49:e7:47:a1:cc:ca:f1:b2:6d:5f:40:53:69:34:8e:7c:6c:4d:
c1:e9:0e:bc:d7:f8:fb:89:e7:02:b1:da:81:1e:87:c4:5d:cb:
b9:70:e4:19
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUPmJplRA3VbouDSvYouiPNf3wUn8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMTI1MDAwMDAwWhcNMjMwMTI4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMzNlZGQzOWE1ZjVjMGE4ZTk4ZWIzMWVkMzNiMDY0Mjlj
N2Q4OThkYzdhZmFjMDIxOGZkOGNhOWFhMThiZTQxNTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJ8qjkm4DmSgNYNF62me4Job4JRiP8mRDRKI6gp2viMZYtG+V+JD
LUB8fuHJ2644eljjn0UH4lnwjMQuOd5D8ML87g3+4uTRNNhZ4j+m179n4XWJt/I3
0hD6eQ9UkREGdBsaJrxx4/UVLQgtZ3fKdW/oE45x/Gj7StIITXkXiBsbu/pNKEfg
XXUvMpB/zuTQh64sVwVSlNoQIs9jPtLKRPybdgI2LkSJ+AcLnjXhu0GLnFli5rwk
kdv4KGb1l+rSgs1C3ywCRyaFyC02wf6IL1xoVh+rMLLpbu7wSLpCiPLHlFQ0udDC
awxqKm964PrRJIs5wjihx6ftJgFa/BJNOWcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSWplvEGVL1IGPJ7euuFASMpASCfDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNzNlMTYyYzgtZGM0NC00NDg2LWE2ZTEtY2NhYzljMTIyZTIzLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFWTpAocV27LlkDV
ZGd/ZJ+xu9H+baGjA3+Tr0qk8iIt2NB0mWa0OnkGE/7HAnORyNfWA/0zQRwEZ9xZ
hRrrUMYLTuEdS/eNkdBxC0YOMeKfX2e/L24G3CQjqXX/VSuN77FxgGh+ZAHHrabQ
x7OhMwmiklsdembGVrShmNnmBbSQUyR8DdyB0pt6bvZwi/84waMaXrvDVQINxPq+
6xq8F6w1Tnxh9fP5c2Vy/rwq1sMenBEQ+Wx+DeYqkXjxb/cxkDqWp6KSj0z7EClD
I6bLxZQ0A/8mzR4lkEnnR6HMyvGybV9AU2k0jnxsTcHpDrzX+PuJ5wKx2oEeh8Rd
y7lw5Bk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-fra.rpki-client.org