Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8230c507-326d-4552-bd6c-fde83a0ee386.roa
File: 8230c507-326d-4552-bd6c-fde83a0ee386.roa (raw, json)
Hash identifier: a3KMKzrT6QFizcZxbPEkJEUQDAcfC5CnfSVcJkXqng8=
Subject key identifier: 82:19:86:3D:21:82:DB:D1:FE:07:F4:4D:82:34:B9:8E:6B:4A:6C:8F
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 6B72C79115BD793E8187F316F52B0B388B28FC4B
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8230c507-326d-4552-bd6c-fde83a0ee386.roa
Signing time: Wed 19 Apr 2023 00:00:00 +0000
ROA not before: Wed 19 Apr 2023 00:00:00 +0000
ROA not after: Sat 22 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:72:c7:91:15:bd:79:3e:81:87:f3:16:f5:2b:0b:38:8b:28:fc:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 19 00:00:00 2023 GMT
Not After : Apr 22 23:59:59 2023 GMT
Subject: serialNumber=3ce0dbf030e15e4c5a6eb69f0a56445a2ddb254a5d955735e63ce7e52ab2778b, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3c:99:10:35:37:1b:d1:84:2e:e6:a4:fc:b5:
3a:41:d1:09:77:2d:43:4d:3e:c3:10:91:a3:eb:8c:
e6:65:11:03:8d:32:52:f6:b5:97:01:04:90:0d:e4:
2b:27:f0:ea:a3:f4:7c:a6:d9:e0:84:a6:9a:f7:c2:
4b:73:e3:44:ed:74:61:3e:ec:24:15:ee:46:a5:ee:
8b:16:a4:f0:02:21:c3:91:ca:84:58:8e:e5:21:8d:
78:94:9b:25:ca:5c:0f:5b:40:44:29:44:3e:65:2f:
55:f2:0e:ba:d4:2c:98:a3:23:ce:00:42:c7:b1:0a:
4f:5b:25:78:ae:42:a0:4c:8b:0c:da:9b:46:a0:02:
01:f5:3d:0e:e0:e3:76:24:2a:6c:fe:3d:be:2d:ce:
d4:90:5f:03:f3:70:ad:d0:3e:5b:24:75:51:e0:eb:
22:de:1d:d8:17:3f:b7:9a:e7:f4:aa:35:2b:0a:e3:
b9:c5:f6:b9:9d:bf:7d:68:da:85:cf:d1:69:3f:31:
f9:ea:cc:76:19:d9:9e:57:5e:01:49:38:99:7a:f8:
0b:61:21:5e:ab:e3:b1:3d:08:eb:cd:d8:c4:64:c3:
21:d2:e2:5b:9e:e8:19:36:10:f3:42:ff:e2:b5:9d:
84:78:ca:71:3e:44:7c:5a:cd:2d:5e:b2:7d:68:9e:
5c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:19:86:3D:21:82:DB:D1:FE:07:F4:4D:82:34:B9:8E:6B:4A:6C:8F
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8230c507-326d-4552-bd6c-fde83a0ee386.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
71:4f:69:3e:9f:40:55:fd:4e:d9:26:fb:47:ad:db:04:0b:3b:
86:8d:91:97:a4:db:95:1c:06:ba:48:fc:ca:28:04:4c:94:0a:
ea:3a:31:68:93:cc:56:0f:8c:69:d9:69:bc:f3:27:d4:23:f9:
61:e2:0b:57:e8:9b:1d:44:83:e5:1f:5e:f4:03:34:f7:25:90:
56:0f:c7:fd:ae:ee:b4:06:d1:cc:1e:33:00:a0:cf:78:0e:e4:
9c:06:ec:b6:f9:94:c5:68:29:16:2e:34:73:dc:2f:1c:03:33:
b3:2f:83:ff:aa:ee:ad:be:5b:78:b8:0e:b1:0e:9d:4b:58:e1:
71:f9:a2:06:5a:fd:4a:fb:f9:e1:b3:9f:e9:91:4a:a3:5b:c9:
bd:e2:65:c1:fd:28:07:2e:ff:37:e7:cd:d3:bb:35:6c:f0:3a:
94:40:13:a6:a8:ed:55:c5:64:80:a5:0a:53:f1:7b:31:c9:33:
a4:31:71:ab:74:82:c5:91:c2:77:63:ea:81:58:30:94:ff:ea:
94:dd:25:f9:7b:1e:66:b2:08:e8:79:61:c3:de:00:52:f9:70:
b9:05:a9:08:be:ef:49:db:69:72:5b:23:27:67:a7:9a:d9:af:
4a:06:c9:b9:88:c4:2d:e7:a7:a6:60:35:2b:42:16:d0:70:5b:
a8:84:7e:a8
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUa3LHkRW9eT6Bh/MW9SsLOIso/EswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDE5MDAwMDAwWhcNMjMwNDIyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAM2NlMGRiZjAzMGUxNWU0YzVhNmViNjlmMGE1NjQ0NWEy
ZGRiMjU0YTVkOTU1NzM1ZTYzY2U3ZTUyYWIyNzc4YjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKE8mRA1NxvRhC7mpPy1OkHRCXctQ00+wxCRo+uM5mURA40yUva1
lwEEkA3kKyfw6qP0fKbZ4ISmmvfCS3PjRO10YT7sJBXuRqXuixak8AIhw5HKhFiO
5SGNeJSbJcpcD1tARClEPmUvVfIOutQsmKMjzgBCx7EKT1sleK5CoEyLDNqbRqAC
AfU9DuDjdiQqbP49vi3O1JBfA/NwrdA+WyR1UeDrIt4d2Bc/t5rn9Ko1KwrjucX2
uZ2/fWjahc/RaT8x+erMdhnZnldeAUk4mXr4C2EhXqvjsT0I683YxGTDIdLiW57o
GTYQ80L/4rWdhHjKcT5EfFrNLV6yfWieXHkCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSCGYY9IYLb0f4H9E2CNLmOa0psjzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvODIzMGM1MDctMzI2ZC00NTUyLWJkNmMtZmRlODNhMGVlMzg2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHFPaT6fQFX9Ttkm
+0et2wQLO4aNkZek25UcBrpI/MooBEyUCuo6MWiTzFYPjGnZabzzJ9Qj+WHiC1fo
mx1Eg+UfXvQDNPclkFYPx/2u7rQG0cweMwCgz3gO5JwG7Lb5lMVoKRYuNHPcLxwD
M7Mvg/+q7q2+W3i4DrEOnUtY4XH5ogZa/Ur7+eGzn+mRSqNbyb3iZcH9KAcu/zfn
zdO7NWzwOpRAE6ao7VXFZIClClPxezHJM6Qxcat0gsWRwndj6oFYMJT/6pTdJfl7
HmayCOh5YcPeAFL5cLkFqQi+70nbaXJbIydnp5rZr0oGybmIxC3np6ZgNStCFtBw
W6iEfqg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:47 2023 by rpki-client on console-ams.rpki-client.org