Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c1d93cde-b14e-4a88-9211-0acbbe73a091.roa
File: c1d93cde-b14e-4a88-9211-0acbbe73a091.roa (raw, json)
Hash identifier: il6xS5rmBiA3fPTKPmbyrrBxkgSHfofSWqmGQWnTvP4=
Subject key identifier: 4F:DB:F5:D9:A3:9F:9D:21:89:8B:A7:9C:F3:97:E0:67:28:68:54:18
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 65547C8FDBE858EDF82D347F247AB1678F50508D
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c1d93cde-b14e-4a88-9211-0acbbe73a091.roa
Signing time: Sun 26 Feb 2023 00:00:00 +0000
ROA not before: Sun 26 Feb 2023 00:00:00 +0000
ROA not after: Wed 01 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:54:7c:8f:db:e8:58:ed:f8:2d:34:7f:24:7a:b1:67:8f:50:50:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 26 00:00:00 2023 GMT
Not After : Mar 1 23:59:59 2023 GMT
Subject: serialNumber=74df0a4655bbb3ec91121144d0607c3b643dbbd5b1098c2e3525fefb105cf31d, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6b:16:8b:4d:85:26:3a:3c:36:e7:dc:08:75:
37:53:42:d3:0e:08:2a:d2:3a:b0:50:98:3f:7f:3e:
fd:90:01:2b:ca:57:f0:1c:cb:bb:80:df:4e:a2:78:
74:76:da:bb:b2:1a:6e:55:61:68:f1:53:fa:f8:6b:
34:7a:9e:4c:56:40:27:58:00:9b:e9:f8:5d:52:d9:
bc:36:61:1a:23:3a:7e:b3:e3:57:1e:ce:fa:98:08:
d7:8f:39:f4:86:9b:e2:5f:61:1c:93:86:b1:13:12:
57:a2:af:f7:7f:fc:a8:a1:a2:df:b1:7f:fe:77:27:
29:08:be:07:9f:62:30:26:13:99:c7:6d:78:74:5a:
9d:16:3d:5c:5c:9e:11:9e:a9:35:6f:75:08:04:95:
bc:bf:9f:78:28:76:64:03:29:c8:82:49:a5:07:a5:
da:76:ed:e9:7f:ce:70:b9:18:b5:9c:b6:50:4a:6e:
30:b1:ca:eb:b6:1e:68:8b:02:73:fb:13:c3:ed:5d:
a8:37:86:e0:0d:03:19:b4:1d:fc:a6:61:99:91:57:
60:31:ef:b6:75:6f:ed:1e:05:12:4a:e9:64:2a:7b:
99:05:9d:e5:89:2f:90:81:f8:b1:a5:9d:c0:45:83:
ef:a5:ac:e5:15:dc:11:39:79:63:10:75:e4:8f:c2:
14:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DB:F5:D9:A3:9F:9D:21:89:8B:A7:9C:F3:97:E0:67:28:68:54:18
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c1d93cde-b14e-4a88-9211-0acbbe73a091.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:88:d8:99:93:03:3a:80:d4:36:b7:96:d9:54:6a:aa:35:9a:
f2:a7:dd:c2:ec:ab:ae:9e:19:6a:83:f9:38:60:f0:9f:32:ce:
f0:b2:a9:9c:5e:cc:7a:ef:b3:50:85:36:05:72:61:d8:a7:85:
2f:c3:b0:01:9f:1d:3c:b0:df:d6:db:c9:90:3a:f6:34:f3:35:
82:d6:0a:e7:45:6d:38:57:4b:3c:f3:5f:9f:7d:a2:6e:e8:d0:
26:73:9c:10:82:04:f8:6e:2c:f2:ea:72:e5:fb:ea:2f:3e:d2:
84:1e:d1:04:23:c1:c2:57:db:11:9c:51:b3:2a:88:22:75:c0:
11:d9:0b:e9:ec:75:a6:95:fb:e0:4e:00:22:b0:d1:b0:5e:15:
17:00:7f:89:78:9d:b0:c9:85:6d:0a:ff:64:85:41:1f:f6:90:
dc:cc:32:ae:c8:78:e9:2d:5b:42:74:d7:f5:0d:a1:3b:34:f1:
9a:db:80:61:8b:c3:6c:0f:96:09:92:ea:d1:4e:1d:50:68:09:
e7:92:61:69:f7:50:79:99:12:ae:d8:db:cb:37:0b:1a:7f:35:
22:ec:eb:bc:82:5f:15:2e:f7:c6:89:ca:80:82:35:9a:d8:f5:
75:3c:97:f9:3a:fa:0d:21:de:6b:d9:5d:6a:d4:b6:76:8e:b5:
e9:6c:5f:b1
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUZVR8j9voWO34LTR/JHqxZ49QUI0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjI2MDAwMDAwWhcNMjMwMzAxMjM1OTU5
WjCBpTFJMEcGA1UEBRNANzRkZjBhNDY1NWJiYjNlYzkxMTIxMTQ0ZDA2MDdjM2I2
NDNkYmJkNWIxMDk4YzJlMzUyNWZlZmIxMDVjZjMxZDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAORrFotNhSY6PDbn3Ah1N1NC0w4IKtI6sFCYP38+/ZABK8pX8BzL
u4DfTqJ4dHbau7IablVhaPFT+vhrNHqeTFZAJ1gAm+n4XVLZvDZhGiM6frPjVx7O
+pgI14859Iab4l9hHJOGsRMSV6Kv93/8qKGi37F//ncnKQi+B59iMCYTmcdteHRa
nRY9XFyeEZ6pNW91CASVvL+feCh2ZAMpyIJJpQel2nbt6X/OcLkYtZy2UEpuMLHK
67YeaIsCc/sTw+1dqDeG4A0DGbQd/KZhmZFXYDHvtnVv7R4FEkrpZCp7mQWd5Ykv
kIH4saWdwEWD76Ws5RXcETl5YxB15I/CFOsCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRP2/XZo5+dIYmLp5zzl+BnKGhUGDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYzFkOTNjZGUtYjE0ZS00YTg4LTkyMTEtMGFjYmJlNzNhMDkxLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAI6I2JmTAzqA1Da3
ltlUaqo1mvKn3cLsq66eGWqD+Thg8J8yzvCyqZxezHrvs1CFNgVyYdinhS/DsAGf
HTyw39bbyZA69jTzNYLWCudFbThXSzzzX599om7o0CZznBCCBPhuLPLqcuX76i8+
0oQe0QQjwcJX2xGcUbMqiCJ1wBHZC+nsdaaV++BOACKw0bBeFRcAf4l4nbDJhW0K
/2SFQR/2kNzMMq7IeOktW0J01/UNoTs08ZrbgGGLw2wPlgmS6tFOHVBoCeeSYWn3
UHmZEq7Y28s3Cxp/NSLs67yCXxUu98aJyoCCNZrY9XU8l/k6+g0h3mvZXWrUtnaO
telsX7E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:52 2023 by rpki-client on console-fra.rpki-client.org