Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/7eee62de-892e-481f-9bf0-6818f3078f6d.roa
File: 7eee62de-892e-481f-9bf0-6818f3078f6d.roa (raw, json)
Hash identifier: qN2ngZeW0AT6+PkZA4WhNURUyZsuqVCEKwdbvOy/sNE=
Subject key identifier: 49:89:9C:02:AB:DD:DF:C6:56:28:E1:26:FB:B4:CC:F8:07:48:74:61
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4E913EF651DCCC1ACC68E630B2E22293496CF8
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/7eee62de-892e-481f-9bf0-6818f3078f6d.roa
Signing time: Fri 26 May 2023 00:00:00 +0000
ROA not before: Fri 26 May 2023 00:00:00 +0000
ROA not after: Mon 29 May 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:91:3e:f6:51:dc:cc:1a:cc:68:e6:30:b2:e2:22:93:49:6c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 26 00:00:00 2023 GMT
Not After : May 29 23:59:59 2023 GMT
Subject: serialNumber=5942c333e77a71420472e985501249c80d9b8860fa547358080417de97a4ae4f, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f1:da:41:b1:2b:19:3c:35:d2:cb:07:23:f6:
d5:45:73:3e:3a:a0:f4:c2:ff:d4:e9:a4:35:09:cc:
6d:ba:f2:d6:78:b1:17:eb:68:e7:2a:56:de:f5:6c:
77:0d:1c:2f:c7:0a:59:1b:85:96:10:2d:16:86:1a:
69:a7:ad:e4:7a:61:76:ff:f0:72:3b:9c:0c:b0:fc:
ad:38:df:8b:82:f0:ab:1c:04:aa:fe:2b:fa:0f:3d:
8a:d5:10:a6:bf:6b:55:04:01:6c:e0:51:08:ff:27:
65:f7:63:91:70:9d:05:f9:22:9c:02:f5:8e:a0:13:
d6:de:c3:ec:ec:7a:35:0a:de:73:1f:b3:a0:6a:b8:
0b:2b:75:76:01:18:2f:ae:df:34:26:a9:74:33:a3:
cc:6a:97:ae:ee:e8:d2:0b:64:26:88:47:9f:8a:86:
90:17:7e:99:32:08:21:03:51:ba:85:7c:9a:3d:c6:
52:92:2c:83:e5:35:f1:f4:5a:36:f4:56:eb:cb:4f:
e5:fc:0f:3b:fd:2e:21:a7:66:02:dd:f6:1e:37:5d:
a1:03:25:ef:c6:0e:dd:ed:9e:0f:35:32:be:1d:63:
4e:7b:40:42:b1:1a:89:a4:d7:f8:d3:12:82:07:fa:
b2:dc:10:67:63:f2:79:c8:37:44:b0:33:4a:d2:f7:
42:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:89:9C:02:AB:DD:DF:C6:56:28:E1:26:FB:B4:CC:F8:07:48:74:61
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/7eee62de-892e-481f-9bf0-6818f3078f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:ea:f0:0b:c6:f3:aa:95:6a:58:56:30:3e:aa:1d:0d:58:d5:
8a:c2:87:5d:9a:72:57:c9:33:77:02:a0:98:86:73:14:e1:2b:
89:6c:90:56:a0:7a:57:f4:1b:a6:c4:ef:14:1d:95:40:54:1b:
8b:63:46:5f:8d:5a:93:26:d7:e8:3e:c3:f5:54:32:0e:4f:be:
49:5a:f4:b9:b9:e3:dd:b4:45:2d:0d:68:0d:c3:0a:e0:42:26:
d3:80:34:5f:7f:29:a0:6b:53:8d:dd:b6:ac:bc:c8:7f:f5:12:
61:08:cd:7c:fe:14:ba:2b:8f:04:c7:c1:ea:c5:f9:3a:43:e8:
a6:3d:99:eb:9f:7b:2c:3f:03:15:63:b5:6d:a7:87:64:78:bc:
c9:f3:c9:a5:25:cf:d7:6e:5f:1e:28:ad:c3:e6:cb:a9:03:78:
68:c6:bb:47:d1:cb:79:9d:72:a2:a8:3c:8c:9d:49:b0:0a:df:
81:11:46:e2:a1:ca:06:74:a0:1d:89:d8:4d:43:15:7f:f2:58:
f3:e3:87:06:bb:42:55:d7:d3:cc:da:81:0d:65:91:7a:fc:35:
a1:6d:29:04:c3:ec:5f:9a:11:e1:e6:dd:79:82:87:c0:16:a5:
40:c7:5f:79:40:8a:3f:51:ae:5a:9c:c9:01:0b:02:9f:80:db:
5b:c5:90:85
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgITTpE+9lHczBrMaOYwsuIik0ls+DANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5NGIwOTJkODZm
YjFkN2EwZjc0ZTI4MTYxMTAeFw0yMzA1MjYwMDAwMDBaFw0yMzA1MjkyMzU5NTla
MIGlMUkwRwYDVQQFE0A1OTQyYzMzM2U3N2E3MTQyMDQ3MmU5ODU1MDEyNDljODBk
OWI4ODYwZmE1NDczNTgwODA0MTdkZTk3YTRhZTRmMS0wKwYDVQQDEyQ2YWU0ZTU2
Ny02MzQ4LTRjNGYtOThhOC0wNDIyYzRjNTJmZjMxFDASBgNVBAsTC0FtYXpvbiBS
UEtJMRMwEQYDVQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0vHaQbErGTw10ssHI/bVRXM+OqD0wv/U6aQ1CcxtuvLWeLEX62jn
Klbe9Wx3DRwvxwpZG4WWEC0Whhppp63kemF2//ByO5wMsPytON+LgvCrHASq/iv6
Dz2K1RCmv2tVBAFs4FEI/ydl92ORcJ0F+SKcAvWOoBPW3sPs7Ho1Ct5zH7OgargL
K3V2ARgvrt80Jql0M6PMapeu7ujSC2QmiEefioaQF36ZMgghA1G6hXyaPcZSkiyD
5TXx9Fo29Fbry0/l/A87/S4hp2YC3fYeN12hAyXvxg7d7Z4PNTK+HWNOe0BCsRqJ
pNf40xKCB/qy3BBnY/J5yDdEsDNK0vdCcQIDAQABo4ICvjCCArowHQYDVR0OBBYE
FEmJnAKr3d/GVijhJvu0zPgHSHRhMB8GA1UdIwQYMBaAFJFE7cekDumQt/o2b/bh
fXmtxIOXMA4GA1UdDwEB/wQEAwIHgDCB8wYIKwYBBQUHAQEEgeYwgeMwgeAGCCsG
AQUFBzAChoHTcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1y
cGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3
MjcyYy1hNzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvNzNmMjFjMmItODgyMy00
YzI0LWIyNWItNDNjODBjYjZkMWJiLzI3OGFhYjg3OGYyODMxYmIxODIzYjU4Nzk0
YjA5MmQ4NmZiMWQ3YTBmNzRlMjgxNjExLmNlcjCBngYIKwYBBQUHAQsEgZEwgY4w
gYsGCCsGAQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv
bmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNkLTFhNWJlNzQ4
YmZlYS83ZWVlNjJkZS04OTJlLTQ4MWYtOWJmMC02ODE4ZjMwNzhmNmQucm9hMIGV
BgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvYjY4YTMyZWUtNDU1ZC00ODNhLTk0M2Qt
MWE1YmU3NDhiZmVhLzRiYjhhZTVjLTEyNGMtNDJmMy04N2ZiLTRmMzRlNzRlM2Rh
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAserwC8bzqpVqWFYw
PqodDVjVisKHXZpyV8kzdwKgmIZzFOEriWyQVqB6V/QbpsTvFB2VQFQbi2NGX41a
kybX6D7D9VQyDk++SVr0ubnj3bRFLQ1oDcMK4EIm04A0X38poGtTjd22rLzIf/US
YQjNfP4UuiuPBMfB6sX5OkPopj2Z6597LD8DFWO1baeHZHi8yfPJpSXP125fHiit
w+bLqQN4aMa7R9HLeZ1yoqg8jJ1JsArfgRFG4qHKBnSgHYnYTUMVf/JY8+OHBrtC
VdfTzNqBDWWRevw1oW0pBMPsX5oR4ebdeYKHwBalQMdfeUCKP1GuWpzJAQsCn4Db
W8WQhQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-fra.rpki-client.org