Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/95c02baa-8398-4d7a-bbb9-3b5f34f378bb.roa
File: 95c02baa-8398-4d7a-bbb9-3b5f34f378bb.roa (raw, json)
Hash identifier: EYu5emijeLm7gerjik/aKrjre3BBZj+tUUzJajUDOYU=
Subject key identifier: FC:37:D7:F1:71:C8:B2:42:96:01:5E:47:7C:EA:8B:38:DD:67:98:3E
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4DBE522A79E4A79C0B46A71C949A2E6BA6268844
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/95c02baa-8398-4d7a-bbb9-3b5f34f378bb.roa
Signing time: Thu 27 Apr 2023 00:00:00 +0000
ROA not before: Thu 27 Apr 2023 00:00:00 +0000
ROA not after: Sun 30 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:be:52:2a:79:e4:a7:9c:0b:46:a7:1c:94:9a:2e:6b:a6:26:88:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 27 00:00:00 2023 GMT
Not After : Apr 30 23:59:59 2023 GMT
Subject: serialNumber=2806a0a856553bb088b76b2e2fd2350ced99579ece7eebeea74e434d001c04ba, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:6d:6a:f3:58:57:f3:90:fb:28:24:a5:db:
5d:06:fa:53:62:6e:71:58:93:6d:3a:ba:c2:c5:b9:
3d:4e:d8:15:11:cc:98:2c:1b:d1:44:59:cd:f3:31:
fd:65:e2:7c:2c:c9:fb:cf:83:55:74:a4:24:76:4e:
c9:e9:b2:6c:ef:c1:fc:86:e7:1e:25:21:e1:8a:ee:
6e:69:eb:42:be:db:bc:30:04:04:10:fe:94:0a:b5:
b6:01:ae:79:f3:32:f2:47:5a:51:83:3f:a7:e3:23:
e9:06:3b:db:1e:b9:48:63:e1:b3:0a:99:b7:6e:43:
fd:c3:cf:55:9a:df:7d:b9:f1:62:94:fe:86:4f:2c:
6c:f9:cb:dc:67:01:4d:88:79:0d:54:81:f2:e8:4c:
4e:72:32:84:01:5d:a1:dc:32:a0:a8:62:36:37:53:
eb:ab:24:bd:77:bc:18:5b:34:25:ea:1a:a9:43:ee:
de:f8:00:5c:52:6c:6c:8d:9d:01:d7:95:4d:8c:1c:
ea:40:1a:af:5a:f5:ab:af:09:b8:ea:89:34:37:b9:
7f:da:0c:95:76:5d:c9:4a:a1:67:55:38:be:d4:e7:
9f:55:35:83:ed:ab:51:51:05:1b:9b:78:87:db:80:
3f:0c:dd:2e:ce:6d:ff:26:a2:2a:c3:e4:a1:5f:2b:
23:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:37:D7:F1:71:C8:B2:42:96:01:5E:47:7C:EA:8B:38:DD:67:98:3E
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/95c02baa-8398-4d7a-bbb9-3b5f34f378bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ff:b3:cb:f6:b2:b0:75:e8:8f:1b:e5:b7:df:b4:78:de:3f:
3f:7c:5c:b4:c5:d4:12:2d:1c:48:e4:77:85:c9:bf:38:4c:07:
a3:91:66:63:20:3f:31:94:73:c4:e8:3b:4a:16:5b:7e:9a:96:
85:df:e2:34:10:17:d5:ed:d9:b1:4d:34:a9:e9:42:2d:f6:40:
d1:db:af:73:2f:30:ab:ce:15:77:cd:08:c4:23:1e:ff:fc:30:
6e:94:f7:79:4c:98:71:8c:71:62:12:02:17:f8:45:35:80:86:
3d:f5:73:8d:27:0b:b6:ba:77:c9:88:f5:c2:7b:8f:e2:23:c0:
5f:32:cc:e3:85:48:4a:9f:ee:c9:cf:38:de:e6:f5:cc:a4:2e:
aa:69:97:02:e8:cf:7c:0d:9c:5a:96:39:6d:9f:a7:d6:bb:97:
45:95:7d:06:8f:25:31:a8:4b:d7:3b:75:43:20:67:29:5c:b5:
52:92:68:27:61:47:3d:7c:7c:20:dc:32:ba:f7:f3:e0:a7:b7:
3d:cb:b9:84:f8:d9:a5:f2:12:bb:54:76:89:fd:95:a6:64:70:
e5:cf:cd:62:9a:e7:e7:e3:c9:b8:fd:f8:5d:c5:3c:7d:b8:78:
22:4a:a7:2c:60:54:73:2c:ab:0e:ec:57:fe:8c:15:99:d8:d7:
65:fa:0d:f0
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUTb5SKnnkp5wLRqcclJoua6YmiEQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDI3MDAwMDAwWhcNMjMwNDMwMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMjgwNmEwYTg1NjU1M2JiMDg4Yjc2YjJlMmZkMjM1MGNl
ZDk5NTc5ZWNlN2VlYmVlYTc0ZTQzNGQwMDFjMDRiYTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAIl0bWrzWFfzkPsoJKXbXQb6U2JucViTbTq6wsW5PU7YFRHMmCwb
0URZzfMx/WXifCzJ+8+DVXSkJHZOyemybO/B/IbnHiUh4YrubmnrQr7bvDAEBBD+
lAq1tgGuefMy8kdaUYM/p+Mj6QY72x65SGPhswqZt25D/cPPVZrffbnxYpT+hk8s
bPnL3GcBTYh5DVSB8uhMTnIyhAFdodwyoKhiNjdT66skvXe8GFs0JeoaqUPu3vgA
XFJsbI2dAdeVTYwc6kAar1r1q68JuOqJNDe5f9oMlXZdyUqhZ1U4vtTnn1U1g+2r
UVEFG5t4h9uAPwzdLs5t/yaiKsPkoV8rI/8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBT8N9fxcciyQpYBXkd86os43WeYPjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvOTVjMDJiYWEtODM5OC00ZDdhLWJiYjktM2I1ZjM0ZjM3OGJiLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGv/s8v2srB16I8b
5bfftHjePz98XLTF1BItHEjkd4XJvzhMB6ORZmMgPzGUc8ToO0oWW36aloXf4jQQ
F9Xt2bFNNKnpQi32QNHbr3MvMKvOFXfNCMQjHv/8MG6U93lMmHGMcWISAhf4RTWA
hj31c40nC7a6d8mI9cJ7j+IjwF8yzOOFSEqf7snPON7m9cykLqpplwLoz3wNnFqW
OW2fp9a7l0WVfQaPJTGoS9c7dUMgZylctVKSaCdhRz18fCDcMrr38+Cntz3LuYT4
2aXyErtUdon9laZkcOXPzWKa5+fjybj9+F3FPH24eCJKpyxgVHMsqw7sV/6MFZnY
12X6DfA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:48 2023 by rpki-client on console-fra.rpki-client.org