Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/78c709c3-a821-4b83-a111-46643c615491.roa
File: 78c709c3-a821-4b83-a111-46643c615491.roa (raw, json)
Hash identifier: 5zlBzFHdP4EPOHVrDmw/v7OmIX+nioCKVa1GHRL8nj0=
Subject key identifier: 69:F8:09:D9:16:97:F1:64:D3:66:65:D3:35:B3:75:0C:7C:EE:78:3F
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 296316AF1904762C491F8617209366C3786E4ACC
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/78c709c3-a821-4b83-a111-46643c615491.roa
Signing time: Sat 27 May 2023 00:00:00 +0000
ROA not before: Sat 27 May 2023 00:00:00 +0000
ROA not after: Tue 30 May 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:63:16:af:19:04:76:2c:49:1f:86:17:20:93:66:c3:78:6e:4a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 27 00:00:00 2023 GMT
Not After : May 30 23:59:59 2023 GMT
Subject: serialNumber=19a41569295609737d074a641eb618dba91c83adec40037e40036aab356457c1, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:be:8a:87:a3:e0:06:6f:d1:2c:dc:49:fa:80:
a9:21:27:b3:04:b0:b0:f3:2b:6e:99:bd:58:f9:ba:
a8:9c:49:41:34:f3:b3:18:d7:22:c9:a8:d4:dc:19:
35:0f:a5:1a:5e:cf:ae:22:7a:af:ce:23:81:f5:1e:
d2:c3:40:2c:11:b9:c1:65:63:ef:6d:47:54:90:c9:
26:9b:9f:1d:e1:79:0d:9e:f4:bd:91:eb:2d:dc:1b:
88:31:fd:68:ad:43:17:b1:0a:d5:b8:f5:6d:b8:c8:
62:fe:f9:46:64:6a:2d:46:fb:36:a4:d1:f6:ac:38:
13:06:3b:97:d6:ce:72:9b:3a:0b:d0:b8:fe:c7:ca:
8f:e8:bc:b5:22:35:6a:40:22:0b:45:c7:2f:5d:8f:
4f:9d:3f:fc:de:60:d4:2d:71:71:d3:e5:af:a8:c6:
62:ab:31:44:ad:f9:38:2a:c1:6c:95:5c:45:58:40:
c1:72:9e:fe:8e:e2:58:fa:70:94:f7:44:df:95:73:
46:a2:29:b6:cf:f2:9f:82:17:05:1d:bf:20:d9:6f:
b3:97:de:a4:7a:38:cc:56:72:74:69:5e:f7:9e:cd:
b9:aa:81:1d:aa:37:e8:23:df:bd:0d:7e:11:e0:b5:
b4:02:21:b1:6c:50:c9:16:95:8a:fe:56:3b:ed:32:
a7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F8:09:D9:16:97:F1:64:D3:66:65:D3:35:B3:75:0C:7C:EE:78:3F
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/78c709c3-a821-4b83-a111-46643c615491.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f3:a0:75:4e:89:9e:e9:7f:54:fd:e8:a1:b4:63:9b:70:89:
b7:d1:e4:a8:30:4e:0d:1b:a7:ae:45:79:3c:62:5b:aa:ef:33:
14:12:5c:9d:46:b6:d3:9b:7c:c1:d0:b4:bc:8c:7c:ba:36:5c:
f5:cd:d7:5e:17:74:01:fc:3a:78:22:73:33:4e:41:bd:d4:0c:
2c:09:95:a4:ba:4f:5c:93:1c:84:58:7c:8c:31:9e:66:56:da:
07:16:f3:7c:f9:83:b3:b5:a4:27:21:88:23:65:e2:c4:83:09:
b2:f7:56:a7:d0:5b:ad:aa:db:05:1f:7f:0e:96:33:5d:f7:d2:
97:53:86:51:e6:93:07:aa:3a:1c:2c:f4:68:eb:55:fb:9e:bc:
9a:3b:4e:b5:d7:c7:b5:e2:ee:33:80:f8:e1:1a:af:5b:ce:0a:
64:04:61:e8:dc:a1:52:95:1c:0d:4f:b8:a3:f3:0d:41:63:34:
5e:9b:9d:5c:16:52:4a:b4:52:74:e1:05:07:dd:ca:66:93:1d:
37:5b:28:da:cf:ea:f4:48:1d:fb:04:5a:74:76:66:e9:23:8a:
68:25:cc:f5:f1:85:78:6f:0b:44:28:99:24:68:b9:e9:26:95:
27:ea:4a:e7:5e:ed:1c:fc:bb:25:81:af:6e:cf:93:5e:a1:89:
f4:45:49:ea
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUKWMWrxkEdixJH4YXIJNmw3huSswwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTI3MDAwMDAwWhcNMjMwNTMwMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMTlhNDE1NjkyOTU2MDk3MzdkMDc0YTY0MWViNjE4ZGJh
OTFjODNhZGVjNDAwMzdlNDAwMzZhYWIzNTY0NTdjMTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANq+ioej4AZv0SzcSfqAqSEnswSwsPMrbpm9WPm6qJxJQTTzsxjX
Ismo1NwZNQ+lGl7PriJ6r84jgfUe0sNALBG5wWVj721HVJDJJpufHeF5DZ70vZHr
LdwbiDH9aK1DF7EK1bj1bbjIYv75RmRqLUb7NqTR9qw4EwY7l9bOcps6C9C4/sfK
j+i8tSI1akAiC0XHL12PT50//N5g1C1xcdPlr6jGYqsxRK35OCrBbJVcRVhAwXKe
/o7iWPpwlPdE35VzRqIpts/yn4IXBR2/INlvs5fepHo4zFZydGle957NuaqBHao3
6CPfvQ1+EeC1tAIhsWxQyRaViv5WO+0yp40CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRp+AnZFpfxZNNmZdM1s3UMfO54PzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNzhjNzA5YzMtYTgyMS00YjgzLWExMTEtNDY2NDNjNjE1NDkxLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEXzoHVOiZ7pf1T9
6KG0Y5twibfR5KgwTg0bp65FeTxiW6rvMxQSXJ1GttObfMHQtLyMfLo2XPXN114X
dAH8OngiczNOQb3UDCwJlaS6T1yTHIRYfIwxnmZW2gcW83z5g7O1pCchiCNl4sSD
CbL3VqfQW62q2wUffw6WM1330pdThlHmkweqOhws9GjrVfuevJo7TrXXx7Xi7jOA
+OEar1vOCmQEYejcoVKVHA1PuKPzDUFjNF6bnVwWUkq0UnThBQfdymaTHTdbKNrP
6vRIHfsEWnR2ZukjimglzPXxhXhvC0QomSRouekmlSfqSude7Rz8uyWBr27Pk16h
ifRFSeo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-fra.rpki-client.org