Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/afa96d44-5643-406c-aede-f9126897417f.roa
File: afa96d44-5643-406c-aede-f9126897417f.roa (raw, json)
Hash identifier: 9LOMFl4R2SHeIWkmHCeUEu01tPmpWPT1BfN9K2HnyHc=
Subject key identifier: C9:51:1E:21:EA:07:AA:6A:6A:CC:09:CA:02:5C:83:37:3E:CA:54:23
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 2314CEDEABC895DAC69F72A92D08DF9A5D90E44A
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/afa96d44-5643-406c-aede-f9126897417f.roa
Signing time: Sun 04 Jun 2023 00:00:00 +0000
ROA not before: Sun 04 Jun 2023 00:00:00 +0000
ROA not after: Wed 07 Jun 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:14:ce:de:ab:c8:95:da:c6:9f:72:a9:2d:08:df:9a:5d:90:e4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Jun 4 00:00:00 2023 GMT
Not After : Jun 7 23:59:59 2023 GMT
Subject: serialNumber=1786e94592d774593f16a5179ee4f85a3e0ef2e8744f26bd920b69c8226d7f30, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b2:76:85:b5:d7:76:9a:a6:05:67:b7:9f:84:
d7:98:fb:02:1a:53:d8:a0:ce:0d:b4:a4:9f:b2:29:
06:2c:d8:7d:eb:1f:13:c2:42:6f:96:25:b0:46:ce:
63:96:92:d4:70:13:6a:7f:b2:54:ac:27:72:48:89:
82:d7:a2:2c:85:3e:5b:c3:91:30:c7:ba:d0:8d:27:
50:1b:4e:4f:1b:ee:1a:42:15:11:79:43:de:df:1f:
61:5c:32:98:31:27:9b:75:7a:59:10:c9:79:1f:15:
9d:e7:c9:d6:54:ec:bf:d8:bc:ef:1e:38:17:06:07:
26:61:2c:80:14:22:46:0b:e7:ac:16:7f:16:1d:e7:
2b:56:0c:6a:c2:33:d4:c5:82:31:1e:c5:a6:ce:d0:
53:09:30:7c:dc:58:a3:4d:73:20:9c:14:4a:0a:07:
52:ff:60:a5:28:bd:3d:ac:4a:5d:f7:8c:c0:00:8e:
e9:bc:92:c9:cb:3e:22:e9:0c:6b:7d:5c:ba:d7:f5:
6a:f3:8d:19:84:46:fc:70:1a:4e:1c:99:64:12:f6:
88:b9:b0:42:5e:99:83:bd:a4:3a:0b:06:10:14:e1:
7e:61:68:f5:93:47:93:72:3f:9e:55:ac:3b:d6:83:
7b:ce:d5:ef:48:ad:a9:5d:92:a8:d9:85:ad:49:58:
e3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:51:1E:21:EA:07:AA:6A:6A:CC:09:CA:02:5C:83:37:3E:CA:54:23
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/afa96d44-5643-406c-aede-f9126897417f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
35:4c:f2:6b:29:dd:fd:63:ac:5f:2b:3d:f9:3e:5e:6e:66:ad:
d2:97:36:99:af:71:ed:c4:c6:d9:5c:4c:1a:38:30:1e:f6:e7:
28:fa:d2:d4:c5:b0:5d:7f:59:60:df:57:42:20:df:da:a8:99:
62:c6:9e:da:90:36:e0:7c:06:81:ae:67:08:37:36:dc:a7:5c:
b5:02:54:7a:3f:64:8e:be:f7:70:00:d2:51:00:46:40:37:69:
98:02:dc:fc:11:96:76:7d:d0:fe:42:8a:09:78:09:58:1e:95:
89:b8:88:c6:12:9c:6e:13:72:a0:94:2e:23:66:3c:95:a3:c3:
2b:c3:e9:d3:fe:c1:38:c2:dc:e5:29:a1:2b:98:b0:de:d9:ad:
69:10:ee:1c:dd:19:f0:29:f3:c9:95:16:9e:92:0a:3c:c4:14:
39:4c:14:47:02:a9:3d:65:84:d5:cf:6f:4a:89:bb:8c:09:51:
bc:6c:0e:c9:9b:d3:58:01:15:1b:91:6b:2d:60:1e:ab:58:09:
c7:df:58:9c:cf:8a:74:df:30:86:37:28:af:28:14:d1:e5:c0:
47:4a:02:fb:eb:fa:37:17:ca:4b:74:f6:6b:40:9d:dc:b0:7c:
0d:8a:a3:79:d4:fb:06:87:ee:5a:95:c0:7c:5c:c3:f8:34:53:
2f:b6:7c:3f
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUIxTO3qvIldrGn3KpLQjfml2Q5EowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNjA0MDAwMDAwWhcNMjMwNjA3MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMTc4NmU5NDU5MmQ3NzQ1OTNmMTZhNTE3OWVlNGY4NWEz
ZTBlZjJlODc0NGYyNmJkOTIwYjY5YzgyMjZkN2YzMDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALCydoW113aapgVnt5+E15j7AhpT2KDODbSkn7IpBizYfesfE8JC
b5YlsEbOY5aS1HATan+yVKwnckiJgteiLIU+W8ORMMe60I0nUBtOTxvuGkIVEXlD
3t8fYVwymDEnm3V6WRDJeR8VnefJ1lTsv9i87x44FwYHJmEsgBQiRgvnrBZ/Fh3n
K1YMasIz1MWCMR7Fps7QUwkwfNxYo01zIJwUSgoHUv9gpSi9PaxKXfeMwACO6byS
ycs+IukMa31cutf1avONGYRG/HAaThyZZBL2iLmwQl6Zg72kOgsGEBThfmFo9ZNH
k3I/nlWsO9aDe87V70itqV2SqNmFrUlY46kCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTJUR4h6geqamrMCcoCXIM3PspUIzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYWZhOTZkNDQtNTY0My00MDZjLWFlZGUtZjkxMjY4OTc0MTdmLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADVM8msp3f1jrF8r
Pfk+Xm5mrdKXNpmvce3ExtlcTBo4MB725yj60tTFsF1/WWDfV0Ig39qomWLGntqQ
NuB8BoGuZwg3NtynXLUCVHo/ZI6+93AA0lEARkA3aZgC3PwRlnZ90P5Cigl4CVge
lYm4iMYSnG4TcqCULiNmPJWjwyvD6dP+wTjC3OUpoSuYsN7ZrWkQ7hzdGfAp88mV
Fp6SCjzEFDlMFEcCqT1lhNXPb0qJu4wJUbxsDsmb01gBFRuRay1gHqtYCcffWJzP
inTfMIY3KK8oFNHlwEdKAvvr+jcXykt09mtAndywfA2Ko3nU+waH7lqVwHxcw/g0
Uy+2fD8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:49 2023 by rpki-client on console-ams.rpki-client.org