Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/9b9951cb-04d4-4241-ba64-90afacd4796c.roa
File: 9b9951cb-04d4-4241-ba64-90afacd4796c.roa (raw, json)
Hash identifier: QIFpX2TLXcCPmLx2nhxCRgy7uEhvzZZ6087u+WiPosg=
Subject key identifier: 3B:44:9E:38:1E:38:ED:F6:2E:D7:47:58:7E:BD:3F:B6:50:34:E9:77
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 638DB39CE2C487E3C237FB932155B8494AEEBEB7
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/9b9951cb-04d4-4241-ba64-90afacd4796c.roa
Signing time: Tue 03 Jan 2023 00:00:00 +0000
ROA not before: Tue 03 Jan 2023 00:00:00 +0000
ROA not after: Fri 06 Jan 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:8d:b3:9c:e2:c4:87:e3:c2:37:fb:93:21:55:b8:49:4a:ee:be:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Jan 3 00:00:00 2023 GMT
Not After : Jan 6 23:59:59 2023 GMT
Subject: serialNumber=a4c2d13cf2a6ad3537331c56b65af2c00634d02d6643efeec221d456bb73f7ea, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cc:10:dd:98:36:5a:5a:bb:4d:13:99:0b:6e:
4f:27:73:bf:c2:68:2b:af:10:9c:ab:19:49:83:c9:
aa:0f:46:d2:43:89:af:c0:b6:6a:a9:3e:5c:d3:56:
37:12:c2:fe:64:7b:b9:4b:8e:6b:ec:b3:dc:17:97:
77:31:58:a8:e9:69:0b:14:9f:89:3c:b5:02:d5:ee:
02:1d:59:1e:5a:1f:e8:ce:aa:b5:d9:18:a9:8e:05:
0d:9b:9e:ea:97:bb:37:50:e7:69:27:d4:bf:7a:1c:
6c:c1:8a:c9:df:79:3b:ec:49:d7:6c:5f:55:96:ab:
99:58:48:18:99:77:47:f3:45:be:d2:f3:d7:b2:d0:
40:d3:a7:51:f1:65:96:ee:92:31:33:0e:3f:d9:4d:
10:9a:de:d1:cd:b1:95:11:b4:6d:35:00:d4:9f:82:
80:19:78:39:11:c1:36:ea:c1:08:82:8a:6a:4d:8a:
ef:9b:44:e2:c2:2f:ad:65:bc:3e:5e:8f:7d:c8:c1:
45:cb:a8:a5:25:24:4c:08:99:79:46:c1:00:03:7e:
37:6c:54:44:82:d1:1a:ab:ec:73:04:e9:7c:e5:16:
d5:ac:49:57:b2:dd:b6:af:fd:0c:91:76:3c:44:b1:
3a:fe:c1:1d:83:0c:aa:3f:9c:53:7f:1b:67:a1:06:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:44:9E:38:1E:38:ED:F6:2E:D7:47:58:7E:BD:3F:B6:50:34:E9:77
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/9b9951cb-04d4-4241-ba64-90afacd4796c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
90:d8:c0:a6:8b:80:77:64:b9:c3:44:59:02:04:7b:e4:8e:c7:
65:b0:7a:ba:21:ad:7e:7c:bc:e6:a2:99:d6:3e:a7:f7:cb:6e:
7e:84:f5:4d:7e:93:f1:fd:92:49:d1:c6:1b:5a:29:c0:3d:00:
c6:09:73:75:35:aa:44:e7:ff:c6:56:3d:c5:25:76:43:32:cb:
ef:b3:3a:fe:d5:9f:56:23:fd:ff:c8:00:46:8b:96:58:a7:ca:
d8:d9:1c:6a:39:c1:cc:1c:b3:7f:31:ed:7e:69:46:98:1d:63:
22:4e:ef:29:98:fe:fa:16:6c:5c:a2:7d:10:8f:d9:41:1e:36:
16:e6:54:90:cd:ce:2f:62:94:94:ca:f3:ad:b2:19:5d:1d:34:
6b:da:60:d6:03:a4:84:f4:af:41:2c:72:ca:12:9d:56:b1:bb:
21:a1:fa:25:18:8c:7a:f2:28:fe:ef:4a:05:41:50:50:1b:55:
86:3a:1a:07:38:ab:b4:8f:d8:fa:19:f6:60:39:e3:04:8a:85:
fb:c5:f7:30:3c:02:4a:86:88:78:c2:0f:d6:8d:ed:6e:89:9d:
05:30:8a:0e:25:ba:58:a4:3e:ad:69:f8:ac:ff:e5:12:cc:2c:
24:67:a2:ad:c6:92:da:b6:0a:02:6b:ac:9b:d7:b0:77:21:17:
bd:01:e7:e9
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUY42znOLEh+PCN/uTIVW4SUruvrcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMTAzMDAwMDAwWhcNMjMwMTA2MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYTRjMmQxM2NmMmE2YWQzNTM3MzMxYzU2YjY1YWYyYzAw
NjM0ZDAyZDY2NDNlZmVlYzIyMWQ0NTZiYjczZjdlYTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALXMEN2YNlpau00TmQtuTydzv8JoK68QnKsZSYPJqg9G0kOJr8C2
aqk+XNNWNxLC/mR7uUuOa+yz3BeXdzFYqOlpCxSfiTy1AtXuAh1ZHlof6M6qtdkY
qY4FDZue6pe7N1DnaSfUv3ocbMGKyd95O+xJ12xfVZarmVhIGJl3R/NFvtLz17LQ
QNOnUfFllu6SMTMOP9lNEJre0c2xlRG0bTUA1J+CgBl4ORHBNurBCIKKak2K75tE
4sIvrWW8Pl6PfcjBRcuopSUkTAiZeUbBAAN+N2xURILRGqvscwTpfOUW1axJV7Ld
tq/9DJF2PESxOv7BHYMMqj+cU38bZ6EG8mkCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQ7RJ44Hjjt9i7XR1h+vT+2UDTpdzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvOWI5OTUxY2ItMDRkNC00MjQxLWJhNjQtOTBhZmFjZDQ3OTZjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJDYwKaLgHdkucNE
WQIEe+SOx2WwerohrX58vOaimdY+p/fLbn6E9U1+k/H9kknRxhtaKcA9AMYJc3U1
qkTn/8ZWPcUldkMyy++zOv7Vn1Yj/f/IAEaLllinytjZHGo5wcwcs38x7X5pRpgd
YyJO7ymY/voWbFyifRCP2UEeNhbmVJDNzi9ilJTK862yGV0dNGvaYNYDpIT0r0Es
csoSnVaxuyGh+iUYjHryKP7vSgVBUFAbVYY6Ggc4q7SP2PoZ9mA54wSKhfvF9zA8
AkqGiHjCD9aN7W6JnQUwig4lulikPq1p+Kz/5RLMLCRnoq3Gktq2CgJrrJvXsHch
F70B5+k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:49 2023 by rpki-client on console-fra.rpki-client.org