Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8137d403-fad1-4195-8a1c-8192e105d126.roa
File: 8137d403-fad1-4195-8a1c-8192e105d126.roa (raw, json)
Hash identifier: H/0mSS1z/ZuezKKTKmXoX3KBI3jCWotqYFFxmuzW8aE=
Subject key identifier: 6E:07:52:E2:AE:23:A5:26:8A:78:81:46:FE:99:26:40:ED:64:69:9E
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 220246E1AD1A3937BA3D8EE07824B22C77582D0B
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8137d403-fad1-4195-8a1c-8192e105d126.roa
Signing time: Sat 01 Apr 2023 00:00:00 +0000
ROA not before: Sat 01 Apr 2023 00:00:00 +0000
ROA not after: Tue 04 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:02:46:e1:ad:1a:39:37:ba:3d:8e:e0:78:24:b2:2c:77:58:2d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 1 00:00:00 2023 GMT
Not After : Apr 4 23:59:59 2023 GMT
Subject: serialNumber=2ee192ae1b40b3969550a0ce421c6442f7e7477127ae207a06ed48303e5021ef, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:92:a3:e7:b3:2f:5e:b7:59:6d:97:d2:5a:
b6:71:93:1f:41:19:44:bb:eb:35:dd:9f:3f:27:ef:
3c:e8:71:c5:25:1b:ef:ba:9c:31:ec:03:6e:d0:1c:
ec:5c:9e:a0:c1:0d:ed:4a:0f:96:5a:69:32:dd:3d:
0f:f9:f0:50:5a:bc:37:0a:fa:55:63:91:80:99:46:
e3:f4:c2:ce:d9:9d:1c:ae:b2:ba:d0:16:9c:2e:be:
db:73:67:db:95:de:bf:9b:35:b9:20:85:75:9c:6b:
5d:4a:f3:82:eb:01:8a:a1:0b:d5:87:52:a4:63:06:
70:72:36:a8:4a:92:b0:fb:c5:5f:52:e2:57:e3:b7:
ad:53:a0:d8:3e:c2:05:13:c5:80:b0:2e:70:b1:1f:
21:17:20:0e:0e:25:1f:0e:ae:27:6e:e2:42:fa:75:
24:02:88:1e:75:f5:76:8f:61:7b:4a:9f:5a:ed:2f:
e9:56:cb:44:49:0f:8a:1f:c3:13:7e:b7:4d:ea:8f:
bd:d3:89:69:de:b0:44:19:e2:2b:8e:70:bf:75:bd:
07:77:e9:0d:18:03:73:79:14:8d:2e:44:8f:b5:ed:
d3:91:11:e5:78:5f:f5:37:48:de:5f:b7:ee:61:d4:
f3:04:bb:55:2a:e6:dd:a5:a4:8e:5c:20:3c:24:ff:
8c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:07:52:E2:AE:23:A5:26:8A:78:81:46:FE:99:26:40:ED:64:69:9E
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8137d403-fad1-4195-8a1c-8192e105d126.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
35:da:92:71:fe:49:23:9f:99:62:c2:6b:97:a6:83:1b:85:c4:
bc:bd:e3:3a:cd:a1:58:5a:46:de:39:bb:a6:54:c7:f8:3f:c5:
77:f2:c1:22:9d:bc:f6:ba:90:68:fb:c0:fd:40:8a:e6:69:f8:
e0:a7:8a:7e:c5:b1:7b:01:4b:1b:e8:d2:a1:e9:21:f2:02:b0:
1e:32:c5:53:05:8a:b3:f2:5b:f7:42:fa:33:ee:8c:aa:19:9f:
5f:0d:c0:ac:ae:48:b2:5d:72:4b:8b:6e:d0:e4:c7:bb:eb:50:
96:44:53:40:c4:ad:d8:af:01:6d:ac:ab:99:e8:37:ad:9a:d7:
1b:48:32:e8:8d:92:bd:33:fc:fd:77:dd:e1:26:74:03:97:04:
50:ae:ec:3f:de:2e:da:b7:f1:dd:82:1e:72:05:37:d2:c5:59:
25:19:1a:77:65:cb:39:e6:31:d1:1f:05:8a:47:9d:01:cf:da:
16:db:0a:10:bb:12:1c:fb:19:05:a4:79:97:7c:54:a5:17:07:
f8:ed:4a:d9:72:6e:e3:18:8a:bd:92:54:a7:5b:36:43:6b:07:
0d:a3:e4:02:13:cd:fa:fe:89:e3:05:7b:0f:a6:57:eb:91:ae:
66:ef:7e:ab:51:e4:fd:b5:a3:a6:98:7b:97:a3:51:6e:92:43:
ab:61:21:f0
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUIgJG4a0aOTe6PY7geCSyLHdYLQswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDAxMDAwMDAwWhcNMjMwNDA0MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMmVlMTkyYWUxYjQwYjM5Njk1NTBhMGNlNDIxYzY0NDJm
N2U3NDc3MTI3YWUyMDdhMDZlZDQ4MzAzZTUwMjFlZjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALV5kqPnsy9et1ltl9JatnGTH0EZRLvrNd2fPyfvPOhxxSUb77qc
MewDbtAc7FyeoMEN7UoPllppMt09D/nwUFq8Nwr6VWORgJlG4/TCztmdHK6yutAW
nC6+23Nn25Xev5s1uSCFdZxrXUrzgusBiqEL1YdSpGMGcHI2qEqSsPvFX1LiV+O3
rVOg2D7CBRPFgLAucLEfIRcgDg4lHw6uJ27iQvp1JAKIHnX1do9he0qfWu0v6VbL
REkPih/DE363TeqPvdOJad6wRBniK45wv3W9B3fpDRgDc3kUjS5Ej7Xt05ER5Xhf
9TdI3l+37mHU8wS7VSrm3aWkjlwgPCT/jEcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRuB1LiriOlJop4gUb+mSZA7WRpnjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvODEzN2Q0MDMtZmFkMS00MTk1LThhMWMtODE5MmUxMDVkMTI2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADXaknH+SSOfmWLC
a5emgxuFxLy94zrNoVhaRt45u6ZUx/g/xXfywSKdvPa6kGj7wP1AiuZp+OCnin7F
sXsBSxvo0qHpIfICsB4yxVMFirPyW/dC+jPujKoZn18NwKyuSLJdckuLbtDkx7vr
UJZEU0DErdivAW2sq5noN62a1xtIMuiNkr0z/P133eEmdAOXBFCu7D/eLtq38d2C
HnIFN9LFWSUZGndlyznmMdEfBYpHnQHP2hbbChC7Ehz7GQWkeZd8VKUXB/jtStly
buMYir2SVKdbNkNrBw2j5AITzfr+ieMFew+mV+uRrmbvfqtR5P21o6aYe5ejUW6S
Q6thIfA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-fra.rpki-client.org