Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/be0aed82-df0b-4407-b53a-4a33f8ec495d.roa
File: be0aed82-df0b-4407-b53a-4a33f8ec495d.roa (raw, json)
Hash identifier: XD+KTAbmMGEzbl8vIE3B9GxEO/pGTO7rQ5ac++b9+WA=
Subject key identifier: 75:FC:71:AC:E3:BC:40:3F:4C:18:08:60:D7:06:B0:7A:55:48:70:00
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 30871F4E8D1F5E319B2EAA0B91C83DDB291C0436
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/be0aed82-df0b-4407-b53a-4a33f8ec495d.roa
Signing time: Mon 13 Mar 2023 00:00:00 +0000
ROA not before: Mon 13 Mar 2023 00:00:00 +0000
ROA not after: Thu 16 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:87:1f:4e:8d:1f:5e:31:9b:2e:aa:0b:91:c8:3d:db:29:1c:04:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 13 00:00:00 2023 GMT
Not After : Mar 16 23:59:59 2023 GMT
Subject: serialNumber=7cbf17ee1f7f6d4e876c3d18a51297238f2988007b7636f9ab374fd0e347e6ae, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a7:11:b1:fb:84:95:08:d3:5f:c1:1c:26:d7:
0a:94:fa:90:8b:c9:05:88:9e:e8:60:53:3e:14:01:
40:54:54:0b:a5:2a:a8:f9:ed:f3:26:9d:e1:76:ca:
a8:19:3a:da:7a:ec:07:18:16:52:9e:31:c8:08:00:
d3:0a:d6:fa:c0:b6:b9:99:6a:e9:2e:0a:7b:a8:cc:
72:24:57:d5:74:7c:1f:e6:f0:44:1a:84:c4:70:fa:
d7:05:51:85:f7:bf:ec:2b:c7:08:18:fe:03:61:ac:
8a:56:8c:01:cb:e4:b0:f6:c3:9e:58:ae:28:80:2e:
36:23:60:eb:9c:aa:30:00:c3:32:1e:5d:bc:14:59:
22:23:9e:67:04:11:9f:fe:24:38:5e:a3:9d:63:40:
4c:6b:8e:8a:a6:de:db:9c:f3:ca:9f:8b:f1:81:04:
bc:d5:20:8e:5c:f3:96:b4:3a:d8:9a:c9:99:88:6e:
5c:2c:2f:70:60:ea:3c:1c:f3:ee:52:dd:4a:1a:16:
a5:2a:27:a9:1a:97:8e:4b:08:7f:04:05:7e:78:ae:
06:60:a4:d6:64:98:16:82:f7:f1:53:06:fb:af:43:
7b:2c:70:fc:ff:50:6c:1a:0d:79:b4:a6:25:62:69:
f5:0e:75:84:d4:e4:ac:ce:ca:b0:fb:27:02:26:cb:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FC:71:AC:E3:BC:40:3F:4C:18:08:60:D7:06:B0:7A:55:48:70:00
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/be0aed82-df0b-4407-b53a-4a33f8ec495d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:47:ac:fe:12:dd:95:8a:0a:0b:6c:42:09:de:62:1c:78:bd:
f6:76:13:8f:76:f2:4d:3e:21:d6:78:99:2e:03:38:80:1d:1f:
03:b1:6f:a4:65:99:e1:88:37:02:ae:48:e9:77:07:aa:f7:b0:
4e:94:b9:79:55:29:9c:38:06:7b:e9:aa:e6:bb:d6:c9:28:6e:
dd:24:1c:31:f7:56:c6:e6:d1:7e:55:f1:3a:10:ee:c7:5e:91:
6a:1e:75:13:c5:81:19:71:82:f1:2d:01:26:7e:79:cb:43:e4:
52:10:fc:a6:bc:b8:26:49:30:92:74:91:fb:b4:09:9a:4b:8b:
9d:d2:9d:aa:e7:23:57:06:cc:94:05:c7:ef:fb:87:31:7b:80:
da:c3:4a:83:4a:a2:fd:b2:b7:92:79:6d:c8:22:94:95:f1:e1:
c9:3a:b4:4c:8f:4b:e1:11:12:b3:a7:d1:65:b3:40:08:8c:97:
5f:f4:2e:f7:0f:a9:05:34:dc:92:1c:3d:ff:82:fd:8b:bb:c9:
d2:ec:ed:e4:e8:da:98:71:3b:70:7a:6a:06:5f:79:0c:55:66:
66:88:dc:9b:90:0a:3c:b0:bd:8b:59:4b:34:e2:a5:60:96:6a:
5e:0d:5a:63:a2:9c:b3:c3:34:ba:56:92:8b:f7:3e:3a:ca:e2:
b2:2c:ab:44
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUMIcfTo0fXjGbLqoLkcg92ykcBDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzEzMDAwMDAwWhcNMjMwMzE2MjM1OTU5
WjCBpTFJMEcGA1UEBRNAN2NiZjE3ZWUxZjdmNmQ0ZTg3NmMzZDE4YTUxMjk3MjM4
ZjI5ODgwMDdiNzYzNmY5YWIzNzRmZDBlMzQ3ZTZhZTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJanEbH7hJUI01/BHCbXCpT6kIvJBYie6GBTPhQBQFRUC6UqqPnt
8yad4XbKqBk62nrsBxgWUp4xyAgA0wrW+sC2uZlq6S4Ke6jMciRX1XR8H+bwRBqE
xHD61wVRhfe/7CvHCBj+A2GsilaMAcvksPbDnliuKIAuNiNg65yqMADDMh5dvBRZ
IiOeZwQRn/4kOF6jnWNATGuOiqbe25zzyp+L8YEEvNUgjlzzlrQ62JrJmYhuXCwv
cGDqPBzz7lLdShoWpSonqRqXjksIfwQFfniuBmCk1mSYFoL38VMG+69Deyxw/P9Q
bBoNebSmJWJp9Q51hNTkrM7KsPsnAibL/98CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBR1/HGs47xAP0wYCGDXBrB6VUhwADAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYmUwYWVkODItZGYwYi00NDA3LWI1M2EtNGEzM2Y4ZWM0OTVkLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA1HrP4S3ZWKCgts
QgneYhx4vfZ2E4928k0+IdZ4mS4DOIAdHwOxb6RlmeGINwKuSOl3B6r3sE6UuXlV
KZw4Bnvpqua71skobt0kHDH3Vsbm0X5V8ToQ7sdekWoedRPFgRlxgvEtASZ+ectD
5FIQ/Ka8uCZJMJJ0kfu0CZpLi53SnarnI1cGzJQFx+/7hzF7gNrDSoNKov2yt5J5
bcgilJXx4ck6tEyPS+ERErOn0WWzQAiMl1/0LvcPqQU03JIcPf+C/Yu7ydLs7eTo
2phxO3B6agZfeQxVZmaI3JuQCjywvYtZSzTipWCWal4NWmOinLPDNLpWkov3PjrK
4rIsq0Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:50 2023 by rpki-client on console-ams.rpki-client.org