Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/a40a56c5-bb3d-4303-8d9e-8d5a0b46c092.roa
File: a40a56c5-bb3d-4303-8d9e-8d5a0b46c092.roa (raw, json)
Hash identifier: Fod+Hrts82lyqB0q+Ar+f4fcBXnfliqCTLQ72Jk6QlY=
Subject key identifier: CF:73:E4:E9:77:51:32:37:B5:10:CC:28:D2:15:63:FF:24:1F:37:11
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 02C42BF8C741EDAA7DD14717DF0E5E28EBAD4C68
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/a40a56c5-bb3d-4303-8d9e-8d5a0b46c092.roa
Signing time: Thu 01 Sep 2022 00:00:00 +0000
ROA not before: Thu 01 Sep 2022 00:00:00 +0000
ROA not after: Sun 04 Sep 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c4:2b:f8:c7:41:ed:aa:7d:d1:47:17:df:0e:5e:28:eb:ad:4c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Sep 1 00:00:00 2022 GMT
Not After : Sep 4 23:59:59 2022 GMT
Subject: serialNumber=d7039bcb29106d15d865ae202b87149b7cf68550008fb1345995b8cd87912371, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:68:1b:ae:ef:e7:f0:9f:15:b7:4b:03:34:1c:
31:e8:65:17:e8:02:88:1f:ac:44:e2:91:18:f0:06:
cd:c5:4e:95:ec:cd:dd:b5:67:1c:f4:05:9f:d6:77:
94:f5:c5:63:66:30:1d:96:01:bd:db:17:06:92:50:
8c:4f:e8:69:69:dc:f9:e2:e1:88:e6:2b:c0:da:93:
52:fa:e3:fc:c9:36:67:30:b5:7e:f5:d0:cd:86:9f:
98:39:79:d4:dd:fb:8f:c4:22:a6:84:4e:7b:d2:15:
09:87:20:ed:c9:75:c8:0f:f1:d7:7e:d4:e5:3f:03:
7c:08:37:cf:00:25:c2:50:9c:b9:fe:e1:51:03:a8:
af:4b:0b:6a:ce:b4:d9:d2:27:52:64:f5:10:36:0f:
ac:35:0b:6b:08:9e:ed:af:52:f9:2d:dd:02:74:83:
92:61:89:75:df:be:ab:d0:d6:d6:35:f4:0b:86:25:
35:b8:af:cb:68:72:3c:25:73:ed:8b:d2:25:9d:0b:
34:01:af:bc:b4:86:b6:49:53:55:18:58:7e:3a:c5:
69:1f:56:76:49:fd:09:2c:ab:c9:79:09:df:16:00:
26:f3:ad:cf:cd:7f:14:b2:0e:f1:13:0b:26:52:4a:
82:25:67:33:10:d0:fc:29:89:46:14:f4:51:8e:f6:
cb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:73:E4:E9:77:51:32:37:B5:10:CC:28:D2:15:63:FF:24:1F:37:11
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/a40a56c5-bb3d-4303-8d9e-8d5a0b46c092.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:1c:2f:f1:cc:8f:ba:82:fd:fc:e0:d1:59:ed:64:75:f1:55:
3a:66:8b:14:5d:32:c8:3d:a1:66:1b:47:9d:8b:85:81:ad:c1:
ba:fd:78:5b:7f:b9:37:0c:20:63:cf:b3:77:d3:9a:f4:ff:8a:
68:6c:f8:bc:e5:4a:e9:d5:e4:18:50:76:5b:8f:42:a8:da:02:
79:53:e7:eb:11:f1:9e:23:06:ff:4e:25:17:d8:b9:1b:93:ff:
b2:02:95:51:72:e5:05:20:67:af:ae:d7:55:4e:fe:69:f5:ca:
ed:56:86:6f:61:9d:7c:73:63:fb:60:64:02:ad:e9:da:c7:50:
b6:ac:a1:db:ce:fd:8d:81:b3:33:75:0f:ae:7c:4c:60:59:a4:
7b:2d:21:2e:7f:32:a3:bc:70:37:9d:cc:cf:76:5a:1a:1e:b0:
44:69:e7:33:b7:94:ab:9e:d1:fc:0a:ef:9f:7e:c0:95:3a:e6:
d4:c4:7d:c7:70:78:e2:27:fc:aa:81:78:95:4d:a6:02:b3:f5:
c6:4d:16:04:32:13:ac:4d:e2:45:f4:f5:30:79:39:9a:70:b5:
e7:94:42:f4:35:3d:c1:cf:15:4c:8c:37:18:8f:22:cf:b5:68:
25:5e:7b:a1:e8:d7:57:0f:32:22:d4:47:c6:c9:ba:66:4a:32:
bb:68:e7:44
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUAsQr+MdB7ap90UcX3w5eKOutTGgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIwOTAxMDAwMDAwWhcNMjIwOTA0MjM1OTU5
WjCBpTFJMEcGA1UEBRNAZDcwMzliY2IyOTEwNmQxNWQ4NjVhZTIwMmI4NzE0OWI3
Y2Y2ODU1MDAwOGZiMTM0NTk5NWI4Y2Q4NzkxMjM3MTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANdoG67v5/CfFbdLAzQcMehlF+gCiB+sROKRGPAGzcVOlezN3bVn
HPQFn9Z3lPXFY2YwHZYBvdsXBpJQjE/oaWnc+eLhiOYrwNqTUvrj/Mk2ZzC1fvXQ
zYafmDl51N37j8QipoROe9IVCYcg7cl1yA/x137U5T8DfAg3zwAlwlCcuf7hUQOo
r0sLas602dInUmT1EDYPrDULawie7a9S+S3dAnSDkmGJdd++q9DW1jX0C4YlNbiv
y2hyPCVz7YvSJZ0LNAGvvLSGtklTVRhYfjrFaR9Wdkn9CSyryXkJ3xYAJvOtz81/
FLIO8RMLJlJKgiVnMxDQ/CmJRhT0UY72y48CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTPc+Tpd1EyN7UQzCjSFWP/JB83ETAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYTQwYTU2YzUtYmIzZC00MzAzLThkOWUtOGQ1YTBiNDZjMDkyLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABwcL/HMj7qC/fzg
0VntZHXxVTpmixRdMsg9oWYbR52LhYGtwbr9eFt/uTcMIGPPs3fTmvT/imhs+Lzl
SunV5BhQdluPQqjaAnlT5+sR8Z4jBv9OJRfYuRuT/7IClVFy5QUgZ6+u11VO/mn1
yu1Whm9hnXxzY/tgZAKt6drHULasodvO/Y2BszN1D658TGBZpHstIS5/MqO8cDed
zM92WhoesERp5zO3lKue0fwK759+wJU65tTEfcdweOIn/KqBeJVNpgKz9cZNFgQy
E6xN4kX09TB5OZpwteeUQvQ1PcHPFUyMNxiPIs+1aCVee6Ho11cPMiLUR8bJumZK
Mrto50Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:49 2023 by rpki-client on console-fra.rpki-client.org