Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/bff49253-ac36-46e5-b949-9a7b5ba832f5.roa
File: bff49253-ac36-46e5-b949-9a7b5ba832f5.roa (raw, json)
Hash identifier: W7jrst/AaxaI3YsqESO17tNUn+2rkU+s9wK2Fimpejk=
Subject key identifier: 9E:11:03:48:D2:9F:6E:16:CA:1D:F2:93:44:CF:96:93:7B:3F:5B:5F
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 7D68C9F3A2F340F5DEC9716ED102B890190B67
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/bff49253-ac36-46e5-b949-9a7b5ba832f5.roa
Signing time: Thu 23 Mar 2023 00:00:00 +0000
ROA not before: Thu 23 Mar 2023 00:00:00 +0000
ROA not after: Sun 26 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:68:c9:f3:a2:f3:40:f5:de:c9:71:6e:d1:02:b8:90:19:0b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 23 00:00:00 2023 GMT
Not After : Mar 26 23:59:59 2023 GMT
Subject: serialNumber=04efe1f32eb46698332f7cb9398e041fea63671f8b860ee6f932b5070c61598d, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:a1:c4:11:c1:45:51:fc:02:dd:d3:25:bd:
8a:7e:29:b5:2d:32:41:0a:9b:0b:4b:0d:05:9c:c9:
14:70:20:5a:6f:f4:e4:b4:f9:23:8a:ee:29:f9:60:
a1:72:fe:9b:8c:f4:62:33:1b:40:a7:d7:b0:92:ad:
11:1d:4c:61:71:5e:01:07:48:52:c6:06:00:40:51:
03:24:f1:6c:fe:f9:73:8e:d5:28:88:c2:34:8d:69:
6f:5a:30:a3:38:77:79:fc:7b:eb:40:27:09:da:d3:
62:42:ce:f6:03:3b:2b:bf:a5:dc:e5:da:5f:36:b8:
3c:9d:7e:95:5b:20:17:5f:b7:07:99:fa:10:30:14:
21:fb:8c:28:15:e8:a2:94:ed:ab:6d:91:9b:6d:a5:
0e:50:85:5d:d7:78:21:16:88:01:29:39:d9:83:5d:
66:6c:f1:98:50:1f:8e:d4:ca:bd:63:64:1e:61:3d:
93:6f:71:7c:2e:aa:22:4c:47:13:a8:fb:fb:fa:67:
be:e1:e2:ab:d0:93:01:dc:52:f8:0d:e6:a9:90:bf:
db:8d:cd:4d:46:75:6e:28:6d:bb:84:c6:9c:63:1b:
87:37:24:6e:8d:39:41:bb:86:2d:d2:82:72:89:cf:
b6:1b:52:5d:a6:89:ad:4f:d8:be:7a:09:1d:34:cf:
4f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:11:03:48:D2:9F:6E:16:CA:1D:F2:93:44:CF:96:93:7B:3F:5B:5F
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/bff49253-ac36-46e5-b949-9a7b5ba832f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:d4:48:8c:85:5f:51:a1:a9:7b:9c:c4:87:ff:f9:d7:55:aa:
c5:eb:19:ef:6f:57:8b:61:99:1c:f0:25:5a:0b:e3:30:9c:13:
03:1d:d6:aa:57:97:cd:6f:0d:f1:74:3f:6f:71:1e:44:b2:a2:
78:f6:d5:65:49:e2:8c:99:1f:b7:c0:03:4a:a0:26:5b:0a:bd:
45:77:f6:ee:6f:86:48:d4:d0:70:65:f6:2e:f4:56:ec:02:68:
2c:46:df:63:dd:03:ce:20:cd:5b:9f:0d:3d:94:ce:c5:14:03:
a6:c4:f9:6f:b1:95:c6:bd:e2:c7:e2:ef:e4:8c:51:a6:46:8f:
2c:1a:e4:83:92:fe:07:d2:fd:0d:ae:7f:06:17:a7:fd:7d:67:
fe:6e:7e:51:3f:29:cc:24:cb:60:db:39:b9:3e:ea:38:9e:5e:
71:65:55:d3:d3:12:98:53:40:47:fd:b1:c6:52:01:7b:3f:30:
55:3f:4b:e0:e6:ff:7d:bf:3d:77:97:50:87:be:24:bf:92:bf:
65:2e:92:e2:07:a0:b3:6c:74:cb:34:0a:cd:d9:ba:fd:65:f2:
59:16:d5:ea:80:1a:81:8e:14:a2:60:2e:74:fa:38:84:a9:5e:
d4:7c:c8:10:52:cc:d9:94:70:0a:26:f4:40:3e:2c:c7:a0:b1:
45:7c:a0:f0
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgITfWjJ86LzQPXeyXFu0QK4kBkLZzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5NGIwOTJkODZm
YjFkN2EwZjc0ZTI4MTYxMTAeFw0yMzAzMjMwMDAwMDBaFw0yMzAzMjYyMzU5NTla
MIGlMUkwRwYDVQQFE0AwNGVmZTFmMzJlYjQ2Njk4MzMyZjdjYjkzOThlMDQxZmVh
NjM2NzFmOGI4NjBlZTZmOTMyYjUwNzBjNjE1OThkMS0wKwYDVQQDEyQ2YWU0ZTU2
Ny02MzQ4LTRjNGYtOThhOC0wNDIyYzRjNTJmZjMxFDASBgNVBAsTC0FtYXpvbiBS
UEtJMRMwEQYDVQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvMqhxBHBRVH8At3TJb2Kfim1LTJBCpsLSw0FnMkUcCBab/TktPkj
iu4p+WChcv6bjPRiMxtAp9ewkq0RHUxhcV4BB0hSxgYAQFEDJPFs/vlzjtUoiMI0
jWlvWjCjOHd5/HvrQCcJ2tNiQs72Azsrv6Xc5dpfNrg8nX6VWyAXX7cHmfoQMBQh
+4woFeiilO2rbZGbbaUOUIVd13ghFogBKTnZg11mbPGYUB+O1Mq9Y2QeYT2Tb3F8
LqoiTEcTqPv7+me+4eKr0JMB3FL4DeapkL/bjc1NRnVuKG27hMacYxuHNyRujTlB
u4Yt0oJyic+2G1JdpomtT9i+egkdNM9PbQIDAQABo4ICvjCCArowHQYDVR0OBBYE
FJ4RA0jSn24Wyh3yk0TPlpN7P1tfMB8GA1UdIwQYMBaAFJFE7cekDumQt/o2b/bh
fXmtxIOXMA4GA1UdDwEB/wQEAwIHgDCB8wYIKwYBBQUHAQEEgeYwgeMwgeAGCCsG
AQUFBzAChoHTcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1y
cGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3
MjcyYy1hNzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvNzNmMjFjMmItODgyMy00
YzI0LWIyNWItNDNjODBjYjZkMWJiLzI3OGFhYjg3OGYyODMxYmIxODIzYjU4Nzk0
YjA5MmQ4NmZiMWQ3YTBmNzRlMjgxNjExLmNlcjCBngYIKwYBBQUHAQsEgZEwgY4w
gYsGCCsGAQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv
bmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNkLTFhNWJlNzQ4
YmZlYS9iZmY0OTI1My1hYzM2LTQ2ZTUtYjk0OS05YTdiNWJhODMyZjUucm9hMIGV
BgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvYjY4YTMyZWUtNDU1ZC00ODNhLTk0M2Qt
MWE1YmU3NDhiZmVhLzRiYjhhZTVjLTEyNGMtNDJmMy04N2ZiLTRmMzRlNzRlM2Rh
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAS9RIjIVfUaGpe5zE
h//511WqxesZ729Xi2GZHPAlWgvjMJwTAx3WqleXzW8N8XQ/b3EeRLKiePbVZUni
jJkft8ADSqAmWwq9RXf27m+GSNTQcGX2LvRW7AJoLEbfY90DziDNW58NPZTOxRQD
psT5b7GVxr3ix+Lv5IxRpkaPLBrkg5L+B9L9Da5/Bhen/X1n/m5+UT8pzCTLYNs5
uT7qOJ5ecWVV09MSmFNAR/2xxlIBez8wVT9L4Ob/fb89d5dQh74kv5K/ZS6S4geg
s2x0yzQKzdm6/WXyWRbV6oAagY4UomAudPo4hKle1HzIEFLM2ZRwCib0QD4sx6Cx
RXyg8A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:52 2023 by rpki-client on console-fra.rpki-client.org