Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/891ac36d-cd9e-4750-acb2-66e0a6835b12.roa
File: 891ac36d-cd9e-4750-acb2-66e0a6835b12.roa (raw, json)
Hash identifier: AnwTaGxY7MoDy/uGidX4+8xOGdatwI59qfOvZPjX8ZQ=
Subject key identifier: 7A:36:14:3B:14:91:D4:F5:F6:B4:D2:6C:E6:DB:80:FD:77:B7:DD:55
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 2CC63EA5FC2EF0FEA4FD156931C3D8DF679DEF14
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/891ac36d-cd9e-4750-acb2-66e0a6835b12.roa
Signing time: Mon 17 Apr 2023 00:00:00 +0000
ROA not before: Mon 17 Apr 2023 00:00:00 +0000
ROA not after: Thu 20 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:c6:3e:a5:fc:2e:f0:fe:a4:fd:15:69:31:c3:d8:df:67:9d:ef:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 17 00:00:00 2023 GMT
Not After : Apr 20 23:59:59 2023 GMT
Subject: serialNumber=dc8de0ece809114476900f9b528eb0168be20d6bcaaf94841a03ffc2f836b7e1, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:01:3f:68:f4:ad:be:00:e8:48:06:89:f0:eb:
4a:a1:9d:8f:c6:80:76:c7:51:2b:2c:96:f2:fe:5d:
c0:84:20:01:d7:4c:5c:35:4c:c3:90:f6:97:ee:2e:
39:22:43:cf:0d:2d:ca:05:67:b6:27:52:bf:c4:6f:
f7:36:a4:09:17:2b:ab:9b:6b:ef:3a:9f:94:34:e1:
52:fa:d6:59:29:68:2d:dc:af:29:dd:4e:a3:5e:5a:
1a:7c:ad:7a:d2:3b:0a:77:d7:77:a8:0a:3f:3f:37:
d2:0b:e9:ae:da:d8:69:ea:cb:9a:72:88:4e:20:01:
6f:e5:90:e6:5b:09:15:06:8d:08:24:e1:bd:4f:ce:
e6:4d:ab:ab:76:dd:56:40:50:ef:06:2f:76:63:97:
d7:6e:1d:63:06:1a:d7:54:58:6f:cf:e6:43:c2:6b:
a8:11:cf:3a:8d:a6:58:cc:e6:f8:0a:92:14:1a:9a:
b3:d7:87:8f:e2:3d:d9:cd:68:cd:2f:cd:f5:46:d5:
ca:51:27:25:6d:6a:96:13:82:a9:e8:d1:44:ee:0f:
d9:fa:2a:35:a0:ae:82:21:ce:2d:dd:f1:03:32:bf:
f2:9a:45:d3:67:cb:41:77:ce:0e:6e:1f:e3:a7:73:
17:7a:df:5f:92:c5:4b:bb:22:d9:e7:ed:b6:fd:b7:
65:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:36:14:3B:14:91:D4:F5:F6:B4:D2:6C:E6:DB:80:FD:77:B7:DD:55
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/891ac36d-cd9e-4750-acb2-66e0a6835b12.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
62:19:43:eb:c2:c5:0f:72:25:f3:07:69:d0:7c:1d:4c:8c:0d:
7c:eb:e7:bd:97:af:8a:8c:92:c4:0c:4d:d5:8d:f9:bc:53:be:
f0:7d:ea:4a:f9:31:7e:4f:ab:fd:e2:73:77:50:2d:b3:c9:03:
16:67:b1:49:e7:11:36:22:dc:b5:b7:39:8c:96:19:45:3b:2b:
be:86:42:5a:de:b9:89:41:21:31:c2:9a:9f:08:39:eb:7e:24:
28:04:d6:4f:ba:de:0f:0c:f6:4e:c9:04:19:e7:ea:7e:8f:c5:
2b:ea:9e:f3:2f:a2:ee:03:f6:70:f8:f7:56:e0:76:6f:0e:0f:
23:e7:14:4e:ff:b4:cc:08:7f:c2:c2:64:3e:21:d1:cb:3d:ca:
16:87:8d:7d:76:6c:4b:17:0b:05:fb:c2:18:3f:b8:b8:43:65:
df:09:8c:38:df:d5:27:75:d6:fc:62:50:3a:f7:36:e8:40:02:
13:84:1a:fe:ed:55:db:eb:94:70:47:ec:89:ad:21:ef:90:27:
a7:1e:c1:f4:d8:88:41:b0:51:3c:9e:5f:e0:17:28:03:be:c4:
3b:c3:dd:33:d4:77:4c:c5:6f:1b:89:48:bb:33:22:77:46:fe:
b2:b0:bf:e6:b1:e2:bf:c0:4a:c2:5b:46:08:f4:fe:6f:21:24:
64:05:07:b8
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIULMY+pfwu8P6k/RVpMcPY32ed7xQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDE3MDAwMDAwWhcNMjMwNDIwMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZGM4ZGUwZWNlODA5MTE0NDc2OTAwZjliNTI4ZWIwMTY4
YmUyMGQ2YmNhYWY5NDg0MWEwM2ZmYzJmODM2YjdlMTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKIBP2j0rb4A6EgGifDrSqGdj8aAdsdRKyyW8v5dwIQgAddMXDVM
w5D2l+4uOSJDzw0tygVntidSv8Rv9zakCRcrq5tr7zqflDThUvrWWSloLdyvKd1O
o15aGnytetI7CnfXd6gKPz830gvprtrYaerLmnKITiABb+WQ5lsJFQaNCCThvU/O
5k2rq3bdVkBQ7wYvdmOX124dYwYa11RYb8/mQ8JrqBHPOo2mWMzm+AqSFBqas9eH
j+I92c1ozS/N9UbVylEnJW1qlhOCqejRRO4P2foqNaCugiHOLd3xAzK/8ppF02fL
QXfODm4f46dzF3rfX5LFS7si2efttv23ZU0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBR6NhQ7FJHU9fa00mzm24D9d7fdVTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvODkxYWMzNmQtY2Q5ZS00NzUwLWFjYjItNjZlMGE2ODM1YjEyLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGIZQ+vCxQ9yJfMH
adB8HUyMDXzr572Xr4qMksQMTdWN+bxTvvB96kr5MX5Pq/3ic3dQLbPJAxZnsUnn
ETYi3LW3OYyWGUU7K76GQlreuYlBITHCmp8IOet+JCgE1k+63g8M9k7JBBnn6n6P
xSvqnvMvou4D9nD491bgdm8ODyPnFE7/tMwIf8LCZD4h0cs9yhaHjX12bEsXCwX7
whg/uLhDZd8JjDjf1Sd11vxiUDr3NuhAAhOEGv7tVdvrlHBH7ImtIe+QJ6cewfTY
iEGwUTyeX+AXKAO+xDvD3TPUd0zFbxuJSLszIndG/rKwv+ax4r/ASsJbRgj0/m8h
JGQFB7g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:48 2023 by rpki-client on console-ams.rpki-client.org