Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8dd2c828-1c92-4ee8-ad28-3a3d48232e45.roa
File: 8dd2c828-1c92-4ee8-ad28-3a3d48232e45.roa (raw, json)
Hash identifier: TYcYj31x8dzJaA1NX7H6ufdDTuSvGok6dFpQRQEbGCw=
Subject key identifier: FF:A0:2D:5B:98:07:37:3B:FE:67:7A:D9:EB:BC:8A:E0:99:56:E4:4B
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 7B37AB7DFBB0FE2E232B7A56F625B486BDB9D1D3
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8dd2c828-1c92-4ee8-ad28-3a3d48232e45.roa
Signing time: Thu 02 Mar 2023 00:00:00 +0000
ROA not before: Thu 02 Mar 2023 00:00:00 +0000
ROA not after: Sun 05 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:37:ab:7d:fb:b0:fe:2e:23:2b:7a:56:f6:25:b4:86:bd:b9:d1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 2 00:00:00 2023 GMT
Not After : Mar 5 23:59:59 2023 GMT
Subject: serialNumber=0bc6b8c2ab63a5f0653806a988f619c197a42deab625208ad7afed3212414aa5, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d6:a5:f5:db:f3:16:0e:e0:fb:12:b5:49:6d:
7c:f0:d9:ba:8b:85:c8:30:58:75:25:c9:12:40:2d:
f7:1b:40:95:d0:4e:3d:2e:e6:dc:38:c5:e3:c8:a4:
ff:66:fe:7b:21:de:2c:24:f1:88:10:a2:3c:d1:06:
61:03:1c:89:ec:0a:65:48:80:26:09:34:2c:8f:28:
e9:d0:9b:37:3c:2d:db:c3:fd:70:4e:c7:d9:75:31:
9b:0c:57:2d:3e:65:2e:55:65:52:eb:c2:06:5f:26:
2b:75:18:ea:32:d2:36:9b:2e:01:9f:31:45:ea:49:
54:c2:8f:8d:9a:f6:84:01:32:c9:dc:ac:5f:49:3b:
b7:88:ce:d9:ed:ae:bc:33:43:99:2e:00:09:c7:41:
5e:3d:8b:35:4a:72:20:a6:76:4d:cd:bd:ac:5b:bd:
7b:03:d2:3a:aa:92:57:6f:72:4a:d6:11:a3:f5:15:
ed:1d:18:22:07:5e:dc:81:82:ab:e7:cb:b9:9f:e8:
fa:ac:83:fe:78:24:e7:56:7f:9d:2a:f2:f5:87:ce:
f0:7a:6d:0a:6e:a7:50:a9:18:e9:1e:68:be:ec:30:
3c:fc:57:f6:83:80:dd:d9:19:23:89:72:7e:8b:e1:
d4:af:ab:8d:c8:2f:cb:63:f1:91:cb:fe:8b:c5:56:
6e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A0:2D:5B:98:07:37:3B:FE:67:7A:D9:EB:BC:8A:E0:99:56:E4:4B
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/8dd2c828-1c92-4ee8-ad28-3a3d48232e45.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
73:22:aa:be:29:c7:55:2b:fe:0c:02:5f:45:42:3f:d3:ce:29:
7b:f8:50:76:3b:f1:ba:5d:7d:55:a3:54:7c:f4:51:3c:b3:75:
ba:58:23:63:0a:63:3a:02:31:60:dd:55:b2:b8:a5:7a:95:8c:
29:b7:39:59:eb:ca:a2:78:86:98:2c:c6:f2:de:ed:07:2f:86:
a7:d5:54:3a:54:45:dc:2b:63:ec:7d:fb:dd:f6:65:72:c0:b2:
c0:64:ad:59:56:af:1c:04:c1:fb:00:46:ed:ad:1e:56:f3:a5:
0a:44:3c:aa:9c:8b:40:94:93:2c:bb:f6:65:58:a1:35:67:82:
d0:c5:25:10:81:6a:24:a5:2d:99:7e:c4:ad:6e:f5:7e:24:76:
20:1d:d2:d1:09:5e:fe:1c:77:77:cf:7f:44:64:d8:d9:63:36:
97:d6:c4:e9:4d:1a:c4:54:eb:e4:5a:75:fb:b9:a7:8b:7a:fe:
11:07:cd:72:3f:32:18:ef:0a:d9:7e:73:63:a8:4b:7d:92:ca:
d4:4e:0f:4d:c7:df:06:05:fe:67:1d:4d:f1:2d:5f:dc:de:75:
68:95:87:c7:42:6b:f5:e9:f9:d8:0d:51:56:a0:8d:a1:2e:6c:
a7:f6:e4:c5:e6:dc:78:62:9e:b8:4d:ca:a1:10:7c:6d:eb:72:
c4:3d:63:1c
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUezerffuw/i4jK3pW9iW0hr250dMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzAyMDAwMDAwWhcNMjMwMzA1MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMGJjNmI4YzJhYjYzYTVmMDY1MzgwNmE5ODhmNjE5YzE5
N2E0MmRlYWI2MjUyMDhhZDdhZmVkMzIxMjQxNGFhNTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANnWpfXb8xYO4PsStUltfPDZuouFyDBYdSXJEkAt9xtAldBOPS7m
3DjF48ik/2b+eyHeLCTxiBCiPNEGYQMciewKZUiAJgk0LI8o6dCbNzwt28P9cE7H
2XUxmwxXLT5lLlVlUuvCBl8mK3UY6jLSNpsuAZ8xRepJVMKPjZr2hAEyydysX0k7
t4jO2e2uvDNDmS4ACcdBXj2LNUpyIKZ2Tc29rFu9ewPSOqqSV29yStYRo/UV7R0Y
Igde3IGCq+fLuZ/o+qyD/ngk51Z/nSry9YfO8HptCm6nUKkY6R5ovuwwPPxX9oOA
3dkZI4lyfovh1K+rjcgvy2Pxkcv+i8VWbrkCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBT/oC1bmAc3O/5netnrvIrgmVbkSzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvOGRkMmM4MjgtMWM5Mi00ZWU4LWFkMjgtM2EzZDQ4MjMyZTQ1LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHMiqr4px1Ur/gwC
X0VCP9POKXv4UHY78bpdfVWjVHz0UTyzdbpYI2MKYzoCMWDdVbK4pXqVjCm3OVnr
yqJ4hpgsxvLe7QcvhqfVVDpURdwrY+x9+932ZXLAssBkrVlWrxwEwfsARu2tHlbz
pQpEPKqci0CUkyy79mVYoTVngtDFJRCBaiSlLZl+xK1u9X4kdiAd0tEJXv4cd3fP
f0Rk2NljNpfWxOlNGsRU6+Radfu5p4t6/hEHzXI/MhjvCtl+c2OoS32SytROD03H
3wYF/mcdTfEtX9zedWiVh8dCa/Xp+dgNUVagjaEubKf25MXm3HhinrhNyqEQfG3r
csQ9Yxw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:48 2023 by rpki-client on console-fra.rpki-client.org