Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/b175964e-1553-468b-9a11-db117314df5b.roa
File: b175964e-1553-468b-9a11-db117314df5b.roa (raw, json)
Hash identifier: VVMiHaxN85cZloEfSYhYt0pI6Hp8D6irGl22o96sxsI=
Subject key identifier: DD:63:1F:85:76:27:67:D9:DE:48:5C:7A:D8:EB:5E:C8:A8:4B:B5:AC
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 40FD723C89E74C21EE9A95195CE6704E026ABA7A
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/b175964e-1553-468b-9a11-db117314df5b.roa
Signing time: Sat 01 Apr 2023 00:00:00 +0000
ROA not before: Sat 01 Apr 2023 00:00:00 +0000
ROA not after: Tue 04 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:fd:72:3c:89:e7:4c:21:ee:9a:95:19:5c:e6:70:4e:02:6a:ba:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 1 00:00:00 2023 GMT
Not After : Apr 4 23:59:59 2023 GMT
Subject: serialNumber=a7f77319493e8da87740b582c67a790c8386dbe2e45c7fe495d11f7f640dabe0, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:b3:90:e5:8b:5f:ab:2e:db:62:b9:f2:1b:84:
41:41:68:31:9f:8b:35:5e:02:5f:49:f8:9b:19:90:
00:d3:9d:fe:08:a3:27:82:ec:09:15:b3:02:5b:f0:
db:0e:8e:94:62:0d:92:ac:a1:38:96:6a:cc:cd:e4:
15:71:2a:e2:74:33:24:92:b5:67:08:56:62:83:82:
df:3e:1b:2a:f1:71:a9:a7:65:a6:8f:43:e0:40:f1:
f2:7b:c7:e4:3d:12:22:fa:19:76:77:fa:73:66:97:
93:05:2b:d6:96:14:f5:56:77:24:d9:25:76:06:99:
90:86:0e:e8:b1:8a:1a:bd:9d:bd:8b:3f:3e:aa:73:
53:8f:13:7e:f7:5a:38:e3:c2:52:a2:e1:9e:17:ba:
14:eb:a2:f8:c7:5f:14:a6:b5:0d:e3:80:01:4f:fc:
ed:d0:22:61:92:a7:dc:b1:9f:26:3d:97:ca:a6:60:
1b:78:21:05:35:1e:c2:05:a1:a6:b3:e7:26:a5:8b:
4b:0b:60:82:df:be:34:41:f4:a8:34:50:15:ec:fa:
7a:1b:5d:e5:6b:16:f9:3c:d6:d8:ad:eb:21:87:3e:
1b:d0:4e:2b:c8:80:37:20:c2:6f:ef:4b:30:11:24:
2e:29:02:22:68:db:fe:dc:59:95:d5:3f:d0:72:a7:
b0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:63:1F:85:76:27:67:D9:DE:48:5C:7A:D8:EB:5E:C8:A8:4B:B5:AC
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/b175964e-1553-468b-9a11-db117314df5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:de:ae:97:95:cd:a0:e8:a7:44:63:a4:79:f3:80:fe:0d:f1:
be:72:de:ac:34:70:e4:02:7e:a7:87:3b:f1:15:45:9d:68:80:
be:c4:ee:ff:4d:18:26:78:5d:af:3a:9a:42:df:e2:23:25:cb:
07:cd:e7:8b:6f:77:d9:3c:09:5c:03:b7:0c:8d:ce:8d:26:be:
88:e8:48:12:b5:43:4d:0a:cd:75:b2:eb:55:4b:c4:b6:2e:61:
b6:5d:88:b8:88:2f:0c:bd:e7:ff:c3:57:41:40:90:91:1b:7c:
ad:d1:22:a7:ae:44:73:78:0f:42:fe:65:05:e4:29:ac:da:5f:
74:32:39:b4:9e:bb:6f:bf:3b:7a:32:1e:83:6e:ee:ea:db:71:
15:99:1d:12:43:cd:29:b0:a2:f8:72:ec:0b:cd:04:3c:de:fd:
cb:a5:5b:f2:f7:57:2c:44:53:86:d6:a8:8e:26:62:a6:da:52:
d8:23:e2:9b:55:b2:f6:8d:58:11:f7:68:94:69:f7:e1:a7:e8:
9e:9f:f8:74:6f:bf:d0:1d:bd:51:d7:a3:cc:95:f1:b5:53:45:
0a:13:8c:44:20:a0:b6:1a:d3:08:31:05:78:b1:33:69:7a:7a:
e3:fe:38:c7:f0:c4:ce:23:0b:1a:84:d4:0d:f5:4d:85:9b:5b:
d7:d9:cf:14
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUQP1yPInnTCHumpUZXOZwTgJqunowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDAxMDAwMDAwWhcNMjMwNDA0MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYTdmNzczMTk0OTNlOGRhODc3NDBiNTgyYzY3YTc5MGM4
Mzg2ZGJlMmU0NWM3ZmU0OTVkMTFmN2Y2NDBkYWJlMDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOqzkOWLX6su22K58huEQUFoMZ+LNV4CX0n4mxmQANOd/gijJ4Ls
CRWzAlvw2w6OlGINkqyhOJZqzM3kFXEq4nQzJJK1ZwhWYoOC3z4bKvFxqadlpo9D
4EDx8nvH5D0SIvoZdnf6c2aXkwUr1pYU9VZ3JNkldgaZkIYO6LGKGr2dvYs/Pqpz
U48TfvdaOOPCUqLhnhe6FOui+MdfFKa1DeOAAU/87dAiYZKn3LGfJj2XyqZgG3gh
BTUewgWhprPnJqWLSwtggt++NEH0qDRQFez6ehtd5WsW+TzW2K3rIYc+G9BOK8iA
NyDCb+9LMBEkLikCImjb/txZldU/0HKnsNcCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTdYx+Fdidn2d5IXHrY617IqEu1rDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYjE3NTk2NGUtMTU1My00NjhiLTlhMTEtZGIxMTczMTRkZjViLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD3erpeVzaDop0Rj
pHnzgP4N8b5y3qw0cOQCfqeHO/EVRZ1ogL7E7v9NGCZ4Xa86mkLf4iMlywfN54tv
d9k8CVwDtwyNzo0mvojoSBK1Q00KzXWy61VLxLYuYbZdiLiILwy95//DV0FAkJEb
fK3RIqeuRHN4D0L+ZQXkKazaX3QyObSeu2+/O3oyHoNu7urbcRWZHRJDzSmwovhy
7AvNBDze/culW/L3VyxEU4bWqI4mYqbaUtgj4ptVsvaNWBH3aJRp9+Gn6J6f+HRv
v9AdvVHXo8yV8bVTRQoTjEQgoLYa0wgxBXixM2l6euP+OMfwxM4jCxqE1A31TYWb
W9fZzxQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:49 2023 by rpki-client on console-ams.rpki-client.org