Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/ae72b4d4-e54e-408a-a2f5-70fd689e940a.roa
File: ae72b4d4-e54e-408a-a2f5-70fd689e940a.roa (raw, json)
Hash identifier: aWk8jfALePaiSbMHcGyv+DdMqO62ksZJsZXnCbFmRd0=
Subject key identifier: 8B:43:C6:B6:88:83:71:46:6D:52:3E:5F:F4:2E:7F:DD:A5:92:2F:5E
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 064618B3A952B8E94E209103765E8D691E551B8F
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/ae72b4d4-e54e-408a-a2f5-70fd689e940a.roa
Signing time: Sat 11 Mar 2023 00:00:00 +0000
ROA not before: Sat 11 Mar 2023 00:00:00 +0000
ROA not after: Tue 14 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:46:18:b3:a9:52:b8:e9:4e:20:91:03:76:5e:8d:69:1e:55:1b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 11 00:00:00 2023 GMT
Not After : Mar 14 23:59:59 2023 GMT
Subject: serialNumber=12f7f29131c54530b7f51c4078c8f0bb84156fc2646e8df04b3197aa46d50814, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:98:c3:a1:ae:f2:2a:f9:0c:38:47:26:73:be:
76:f6:1b:39:79:00:63:74:94:d1:02:00:8f:c1:dc:
36:93:99:9e:3d:53:b9:86:08:4e:b2:bd:61:c8:80:
dc:4c:d5:04:0b:96:d7:18:37:10:12:4b:21:72:b9:
b8:50:ea:f4:8e:ac:24:d8:73:a0:4e:b2:ca:6b:c8:
44:a3:20:ae:99:6e:13:0c:fb:13:a6:62:e9:99:c9:
32:52:b6:bb:d7:cf:57:e7:00:e3:d6:0b:4e:a5:45:
10:58:78:be:1a:b9:bc:a8:03:31:13:7a:10:b2:9d:
08:68:39:bc:1f:72:44:6e:e7:65:15:be:30:5a:d8:
df:40:4f:b1:fc:30:5d:77:45:48:9c:03:b5:c3:84:
ab:12:42:74:db:6f:95:23:fb:f4:cd:10:79:8e:38:
7c:59:1d:90:4f:cf:52:a5:16:e3:6b:07:8c:a0:10:
f2:76:06:01:c6:ae:dc:e2:34:4b:9f:6c:48:ec:cb:
16:2c:07:72:5a:48:26:65:b9:f7:54:17:d0:30:59:
64:2c:fc:e7:9b:61:40:2d:5a:9b:b6:6c:66:39:cb:
1a:fe:65:23:30:7e:40:53:92:48:18:14:6c:89:02:
07:33:b7:00:27:83:1e:12:50:88:37:c8:23:41:d5:
5d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:43:C6:B6:88:83:71:46:6D:52:3E:5F:F4:2E:7F:DD:A5:92:2F:5E
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/ae72b4d4-e54e-408a-a2f5-70fd689e940a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:34:ee:c9:93:cc:75:f6:d7:cc:7c:4f:d6:9a:28:5a:33:0f:
99:4d:be:a4:50:a2:11:bd:76:8e:5a:68:fe:25:91:7f:9d:ea:
27:f3:6a:2c:36:63:c4:d1:33:4b:5a:c1:a4:a9:44:7b:0d:ad:
11:5b:45:00:53:c5:17:b0:42:90:aa:97:d1:71:d7:40:57:25:
f8:18:a2:08:c4:57:60:8e:1d:47:19:fb:9c:28:df:78:fc:d2:
b2:30:24:ba:69:e2:d6:0e:84:cf:67:30:57:f9:b4:7c:c3:c3:
16:2e:fd:b1:42:20:25:10:5c:f9:02:d4:7a:de:f8:9a:bd:4d:
f9:6b:f2:9f:84:ff:ef:f1:d6:60:4c:51:2f:15:34:a5:8d:bd:
61:60:20:95:80:72:2f:db:aa:56:d6:4e:11:81:63:b5:ed:d1:
51:81:5c:f3:fa:95:87:b8:27:a0:56:d9:5a:21:54:6b:75:b6:
a5:00:58:09:f7:e4:99:05:e5:32:a8:c1:47:ee:f2:45:ad:1f:
db:5a:63:80:d4:62:20:15:3d:aa:bf:84:3a:4e:0d:1c:87:82:
6f:99:c0:06:69:49:8d:28:15:e5:85:3f:25:28:8d:94:eb:63:
c9:f5:c4:a1:8b:cf:33:6d:49:da:17:ca:8a:f9:3b:8e:37:a8:
bf:c9:ed:a5
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUBkYYs6lSuOlOIJEDdl6NaR5VG48wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzExMDAwMDAwWhcNMjMwMzE0MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMTJmN2YyOTEzMWM1NDUzMGI3ZjUxYzQwNzhjOGYwYmI4
NDE1NmZjMjY0NmU4ZGYwNGIzMTk3YWE0NmQ1MDgxNDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKmYw6Gu8ir5DDhHJnO+dvYbOXkAY3SU0QIAj8HcNpOZnj1TuYYI
TrK9YciA3EzVBAuW1xg3EBJLIXK5uFDq9I6sJNhzoE6yymvIRKMgrpluEwz7E6Zi
6ZnJMlK2u9fPV+cA49YLTqVFEFh4vhq5vKgDMRN6ELKdCGg5vB9yRG7nZRW+MFrY
30BPsfwwXXdFSJwDtcOEqxJCdNtvlSP79M0QeY44fFkdkE/PUqUW42sHjKAQ8nYG
Acau3OI0S59sSOzLFiwHclpIJmW591QX0DBZZCz855thQC1am7ZsZjnLGv5lIzB+
QFOSSBgUbIkCBzO3ACeDHhJQiDfII0HVXX0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSLQ8a2iINxRm1SPl/0Ln/dpZIvXjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYWU3MmI0ZDQtZTU0ZS00MDhhLWEyZjUtNzBmZDY4OWU5NDBhLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD807smTzHX218x8
T9aaKFozD5lNvqRQohG9do5aaP4lkX+d6ifzaiw2Y8TRM0tawaSpRHsNrRFbRQBT
xRewQpCql9Fx10BXJfgYogjEV2COHUcZ+5wo33j80rIwJLpp4tYOhM9nMFf5tHzD
wxYu/bFCICUQXPkC1Hre+Jq9Tflr8p+E/+/x1mBMUS8VNKWNvWFgIJWAci/bqlbW
ThGBY7Xt0VGBXPP6lYe4J6BW2VohVGt1tqUAWAn35JkF5TKowUfu8kWtH9taY4DU
YiAVPaq/hDpODRyHgm+ZwAZpSY0oFeWFPyUojZTrY8n1xKGLzzNtSdoXyor5O443
qL/J7aU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:50 2023 by rpki-client on console-fra.rpki-client.org