Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/99cce2b5-157e-4933-9d73-682b4e7a5cbc.roa
File: 99cce2b5-157e-4933-9d73-682b4e7a5cbc.roa (raw, json)
Hash identifier: HIJB1G8JmdGxQhsS2mmDUPq2hHJcWTYAqLtigW3K0SY=
Subject key identifier: 51:DC:B1:B0:C4:D8:63:24:5B:D0:3B:4F:56:CA:D0:1D:01:04:A6:49
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 1702592BD2AF277EF50077B08638FC474EA197B9
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/99cce2b5-157e-4933-9d73-682b4e7a5cbc.roa
Signing time: Mon 27 Feb 2023 00:00:00 +0000
ROA not before: Mon 27 Feb 2023 00:00:00 +0000
ROA not after: Thu 02 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:02:59:2b:d2:af:27:7e:f5:00:77:b0:86:38:fc:47:4e:a1:97:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 27 00:00:00 2023 GMT
Not After : Mar 2 23:59:59 2023 GMT
Subject: serialNumber=e86145702f9996d8302c27cd7c1f07ac1f4a753b4dd75d60a70cad461ca11551, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ae:bc:6b:7f:2a:93:36:ad:77:f3:1e:9f:7f:
e7:b4:89:c3:c6:bd:c9:49:e7:13:4f:7e:07:5b:51:
c0:3c:ec:11:ad:54:f1:26:20:d1:f8:50:75:53:f8:
d4:dd:2f:16:db:ab:19:96:cb:70:16:c4:bd:fc:3e:
76:6d:b0:b3:bf:3b:96:a6:c7:ee:6c:c9:e0:39:8a:
65:be:ec:e5:35:12:0b:94:97:02:06:02:78:a6:ae:
a0:22:10:da:1b:45:ae:d4:45:76:7e:aa:f7:7e:02:
b4:c7:c9:53:02:f1:2c:24:b4:f2:22:63:9a:4c:d6:
26:9b:ee:f7:25:79:71:c1:9d:7c:17:e7:30:f3:b7:
23:f7:3d:a7:c9:94:f5:58:bd:83:fd:f8:65:8a:1f:
8c:b2:60:53:53:1a:22:ea:6a:4b:83:0d:06:9f:60:
1b:74:fa:ef:72:bd:15:f5:d3:dc:dc:e0:a9:b7:ad:
f7:e4:c2:0e:43:96:c3:ff:a9:ba:1a:31:01:e0:f6:
8e:4a:63:01:cd:bf:36:c4:c3:e3:2b:df:4a:80:d0:
23:fa:96:39:9b:11:18:37:ad:df:16:a5:2a:7a:c4:
00:99:89:ba:46:1c:89:d1:03:e0:df:0b:55:cd:c9:
cb:33:32:5b:59:ef:dd:96:8c:2f:6f:12:62:ec:10:
39:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DC:B1:B0:C4:D8:63:24:5B:D0:3B:4F:56:CA:D0:1D:01:04:A6:49
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/99cce2b5-157e-4933-9d73-682b4e7a5cbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:74:a9:41:48:98:09:ed:fa:0d:b1:92:69:b7:3a:d6:af:e0:
d6:7b:d1:7e:d9:1c:76:f2:7b:32:37:b3:ec:a0:88:4c:db:1a:
51:43:65:4f:91:d9:aa:60:a9:1e:49:50:49:7f:ed:11:77:89:
8f:5d:2b:de:a4:2d:9c:c0:6b:d7:52:28:4c:b9:79:97:84:fb:
06:d3:6f:ad:da:c7:c1:b7:18:7c:ce:da:cc:48:d2:6a:55:82:
4f:84:bb:33:19:44:88:cb:c0:57:a8:b6:af:8d:ce:bb:0e:39:
a8:a7:08:1d:3f:40:e6:36:10:3e:e7:54:f5:30:61:40:eb:53:
51:d6:a1:fa:9d:68:da:b7:eb:00:3a:18:97:b3:c6:de:9b:e8:
fd:1b:73:c5:5e:ec:27:32:18:fd:f8:e2:f8:98:dc:ba:5d:a2:
dc:f3:55:31:ad:3c:ce:c2:b6:0c:f4:5e:50:b4:cb:b9:f2:10:
e1:8a:89:ed:df:7a:a0:54:4b:d9:75:a8:fd:78:8b:d5:7b:50:
1d:fb:84:90:51:52:7e:2d:ab:0b:7c:f4:45:f2:f9:75:0b:60:
dc:eb:0d:07:0c:0b:1c:f8:e2:d5:b2:23:64:f3:77:3f:0e:d6:
b1:d9:90:89:f0:3f:48:b8:b1:1c:00:02:e9:9d:a3:fb:99:2c:
23:4d:07:2f
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUFwJZK9KvJ371AHewhjj8R06hl7kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjI3MDAwMDAwWhcNMjMwMzAyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZTg2MTQ1NzAyZjk5OTZkODMwMmMyN2NkN2MxZjA3YWMx
ZjRhNzUzYjRkZDc1ZDYwYTcwY2FkNDYxY2ExMTU1MTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANyuvGt/KpM2rXfzHp9/57SJw8a9yUnnE09+B1tRwDzsEa1U8SYg
0fhQdVP41N0vFturGZbLcBbEvfw+dm2ws787lqbH7mzJ4DmKZb7s5TUSC5SXAgYC
eKauoCIQ2htFrtRFdn6q934CtMfJUwLxLCS08iJjmkzWJpvu9yV5ccGdfBfnMPO3
I/c9p8mU9Vi9g/34ZYofjLJgU1MaIupqS4MNBp9gG3T673K9FfXT3Nzgqbet9+TC
DkOWw/+puhoxAeD2jkpjAc2/NsTD4yvfSoDQI/qWOZsRGDet3xalKnrEAJmJukYc
idED4N8LVc3JyzMyW1nv3ZaML28SYuwQOdMCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRR3LGwxNhjJFvQO09WytAdAQSmSTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvOTljY2UyYjUtMTU3ZS00OTMzLTlkNzMtNjgyYjRlN2E1Y2JjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAMV0qUFImAnt+g2x
kmm3Otav4NZ70X7ZHHbyezI3s+ygiEzbGlFDZU+R2apgqR5JUEl/7RF3iY9dK96k
LZzAa9dSKEy5eZeE+wbTb63ax8G3GHzO2sxI0mpVgk+EuzMZRIjLwFeotq+NzrsO
OainCB0/QOY2ED7nVPUwYUDrU1HWofqdaNq36wA6GJezxt6b6P0bc8Ve7CcyGP34
4viY3LpdotzzVTGtPM7Ctgz0XlC0y7nyEOGKie3feqBUS9l1qP14i9V7UB37hJBR
Un4tqwt89EXy+XULYNzrDQcMCxz44tWyI2Tzdz8O1rHZkInwP0i4sRwAAumdo/uZ
LCNNBy8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:49 2023 by rpki-client on console-fra.rpki-client.org