Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/add88c23-f2b1-4a0a-b474-273341a0d698.roa
File: add88c23-f2b1-4a0a-b474-273341a0d698.roa (raw, json)
Hash identifier: gZA8oVcD5N6h/aBXTmlKG3qd0FKz+So4QXzWq/sN+pQ=
Subject key identifier: 8A:F9:C4:41:46:73:78:F3:6F:C0:09:60:DA:CA:6A:09:ED:99:E2:3B
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 21E8A016EA58143D4B58847E578D728AC8A92257
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/add88c23-f2b1-4a0a-b474-273341a0d698.roa
Signing time: Thu 27 Apr 2023 00:00:00 +0000
ROA not before: Thu 27 Apr 2023 00:00:00 +0000
ROA not after: Sun 30 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:e8:a0:16:ea:58:14:3d:4b:58:84:7e:57:8d:72:8a:c8:a9:22:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 27 00:00:00 2023 GMT
Not After : Apr 30 23:59:59 2023 GMT
Subject: serialNumber=de15a07306382be071468b4aabed8614116041b7184bd7c367f6b99f3f2d05a9, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:75:92:8d:66:e9:78:f6:75:2c:15:d0:d9:62:
c8:ee:af:9c:85:63:ba:80:00:62:ec:cb:64:6c:d4:
23:f8:8c:f5:16:29:69:b7:32:99:c5:f5:77:07:51:
42:d3:99:e1:b8:b6:1d:19:6c:4a:17:47:8d:33:ae:
af:24:35:f9:1c:21:a9:be:42:62:7e:d1:33:ad:58:
b2:00:00:de:03:37:38:94:53:58:f0:2d:06:b7:a4:
49:fd:b6:7f:58:41:ed:90:88:40:77:29:57:c1:b6:
75:fd:cb:aa:b7:88:97:12:13:6c:60:3a:66:db:2f:
b9:e0:ca:5a:ad:2a:25:97:27:5e:ee:59:58:2a:fe:
2e:e1:af:5e:26:a6:7c:32:cc:45:83:83:83:fe:db:
f2:12:ee:7e:23:ac:b8:14:27:10:1a:d3:ef:b8:41:
d5:11:a3:37:ca:e4:00:50:7a:f8:1b:00:3b:ec:9d:
e5:8a:7f:98:d5:86:d8:a9:36:68:65:90:74:ef:7a:
9a:78:fd:1b:74:0e:10:ee:43:fd:fb:c4:ed:3e:cd:
e6:75:31:7e:e4:ae:21:88:58:3d:78:0b:ae:b7:2e:
18:f7:07:e1:be:51:b6:ea:b9:ea:67:06:1d:d6:58:
72:15:c0:da:c5:3e:8e:23:b6:7f:27:d7:af:9e:01:
56:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F9:C4:41:46:73:78:F3:6F:C0:09:60:DA:CA:6A:09:ED:99:E2:3B
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/add88c23-f2b1-4a0a-b474-273341a0d698.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
14:df:6f:4d:76:47:29:e0:f6:f7:21:dd:52:2c:98:ef:ca:fa:
6c:07:d7:59:1c:56:0b:32:88:36:8c:2b:f8:10:fb:ca:cc:08:
b2:c2:ac:a4:65:1c:d8:35:46:38:cb:ba:93:5d:4d:52:99:04:
f7:df:98:3a:86:ee:fa:aa:d7:d9:ad:bc:a3:f7:6c:47:f0:43:
73:94:27:59:0e:8e:f8:4f:30:b6:be:b1:01:b6:31:f4:d3:8f:
fd:8c:9e:c1:86:27:e2:bb:16:a4:58:5f:a0:44:36:d7:0b:5f:
42:f2:d5:8a:7e:2a:3b:c8:66:0a:5a:38:9e:fd:67:7c:82:db:
6d:64:0d:af:70:d9:8e:e6:ea:94:5e:c3:a0:a4:92:8c:93:d7:
62:0a:46:80:e6:63:c9:fd:72:7b:a0:3f:ed:65:75:92:5c:68:
7c:b9:db:4b:b0:be:b0:d6:a6:17:82:74:0e:08:47:f3:f4:c1:
dd:0c:f3:8d:40:ab:66:4c:ac:9a:b8:88:91:8f:0d:f7:35:bd:
87:6b:fd:85:5a:72:f3:d1:be:ae:c7:ba:c9:bb:bf:7e:ab:5b:
c4:cc:db:a6:5e:15:0d:05:5b:c4:f2:65:ab:ac:1c:65:0b:e0:
94:85:76:d9:d3:5f:1c:57:90:b6:90:ba:49:35:2e:00:a4:2b:
8a:df:3b:f8
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUIeigFupYFD1LWIR+V41yisipIlcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDI3MDAwMDAwWhcNMjMwNDMwMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZGUxNWEwNzMwNjM4MmJlMDcxNDY4YjRhYWJlZDg2MTQx
MTYwNDFiNzE4NGJkN2MzNjdmNmI5OWYzZjJkMDVhOTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKR1ko1m6Xj2dSwV0NliyO6vnIVjuoAAYuzLZGzUI/iM9RYpabcy
mcX1dwdRQtOZ4bi2HRlsShdHjTOuryQ1+Rwhqb5CYn7RM61YsgAA3gM3OJRTWPAt
BrekSf22f1hB7ZCIQHcpV8G2df3LqreIlxITbGA6ZtsvueDKWq0qJZcnXu5ZWCr+
LuGvXiamfDLMRYODg/7b8hLufiOsuBQnEBrT77hB1RGjN8rkAFB6+BsAO+yd5Yp/
mNWG2Kk2aGWQdO96mnj9G3QOEO5D/fvE7T7N5nUxfuSuIYhYPXgLrrcuGPcH4b5R
tuq56mcGHdZYchXA2sU+jiO2fyfXr54BVs0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSK+cRBRnN482/ACWDaymoJ7ZniOzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYWRkODhjMjMtZjJiMS00YTBhLWI0NzQtMjczMzQxYTBkNjk4LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABTfb012Ryng9vch
3VIsmO/K+mwH11kcVgsyiDaMK/gQ+8rMCLLCrKRlHNg1RjjLupNdTVKZBPffmDqG
7vqq19mtvKP3bEfwQ3OUJ1kOjvhPMLa+sQG2MfTTj/2MnsGGJ+K7FqRYX6BENtcL
X0Ly1Yp+KjvIZgpaOJ79Z3yC221kDa9w2Y7m6pRew6CkkoyT12IKRoDmY8n9cnug
P+1ldZJcaHy520uwvrDWpheCdA4IR/P0wd0M841Aq2ZMrJq4iJGPDfc1vYdr/YVa
cvPRvq7Husm7v36rW8TM26ZeFQ0FW8TyZausHGUL4JSFdtnTXxxXkLaQukk1LgCk
K4rfO/g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:49 2023 by rpki-client on console-ams.rpki-client.org