Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c30f737a-f778-4619-b737-e57b8703aa3f.roa
File: c30f737a-f778-4619-b737-e57b8703aa3f.roa (raw, json)
Hash identifier: T0FK7W50eM11s953n2vVTHtmu7RijharGRXNki/217s=
Subject key identifier: 89:A1:9E:EB:6C:EE:7D:F1:A8:14:7C:F7:80:AA:B1:B3:FF:C5:C8:5E
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 2F8071AE4E7A168FB77F22D494BB7514B2E3C2B0
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c30f737a-f778-4619-b737-e57b8703aa3f.roa
Signing time: Wed 29 Mar 2023 00:00:00 +0000
ROA not before: Wed 29 Mar 2023 00:00:00 +0000
ROA not after: Sat 01 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:80:71:ae:4e:7a:16:8f:b7:7f:22:d4:94:bb:75:14:b2:e3:c2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 29 00:00:00 2023 GMT
Not After : Apr 1 23:59:59 2023 GMT
Subject: serialNumber=a0d5517579998d4ad16edbf1f8c45060815b5b0e4d057e23ed5b3a0303477b20, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:56:1f:fe:ff:c4:fb:a1:ae:35:eb:ad:01:cd:
a2:91:1c:40:2c:03:1f:9d:e1:f5:aa:47:e6:33:82:
18:ca:dd:06:51:93:b7:44:1c:6d:30:2d:7a:22:01:
57:61:2b:25:de:50:0f:49:be:ad:83:73:fe:6a:be:
b4:a4:f1:61:6b:57:90:cc:78:7c:02:81:eb:ac:a4:
1d:24:37:0e:c0:9d:7e:2d:db:2f:bd:1a:80:10:74:
42:02:f5:f3:c9:33:ed:14:fd:19:5b:84:9a:23:5e:
c0:83:9d:f5:e0:67:ff:e1:99:66:03:8d:ca:49:4b:
e2:71:b6:ec:59:c6:03:c3:76:eb:0d:cc:ed:3d:ae:
11:6f:ac:e7:37:9b:df:1b:f3:d8:e2:4f:c0:e7:00:
5a:06:5f:8d:e1:71:7b:91:77:a7:0f:de:96:fe:73:
71:fb:9a:7b:09:ca:ec:18:09:77:7f:8d:12:6f:e2:
78:9c:27:3d:c9:96:55:62:9d:62:3f:85:18:95:21:
b9:35:b6:ff:2c:1d:51:38:fe:7b:c1:e7:2c:5d:a8:
dc:ef:75:95:6b:4a:86:a9:26:30:91:18:47:4a:a0:
97:10:19:0d:16:f6:33:cb:a1:ca:bd:10:32:ee:85:
36:99:fb:db:ac:25:bc:d8:8c:ab:ad:45:88:21:0f:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A1:9E:EB:6C:EE:7D:F1:A8:14:7C:F7:80:AA:B1:B3:FF:C5:C8:5E
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c30f737a-f778-4619-b737-e57b8703aa3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
05:76:a0:ec:01:10:e8:62:97:43:d5:7a:e3:46:d7:1b:2c:7d:
8b:ce:15:c7:14:57:03:a6:02:27:48:f3:d1:18:22:f3:6e:af:
7b:be:b3:20:d7:dd:b5:6c:89:37:7c:3d:0d:e7:b4:d9:6f:c4:
aa:20:95:2b:f5:f7:d1:56:81:97:cf:bb:00:7a:9c:a8:07:52:
73:03:8b:9e:ba:2e:b7:df:b3:19:c9:8b:9c:4d:17:f0:8b:e4:
f5:e1:f2:bc:12:6c:86:05:ee:17:5a:df:b9:57:35:f5:91:91:
ef:93:a5:96:66:8f:18:3a:0a:08:ba:70:4f:b2:82:2a:75:ac:
b1:38:c0:0b:83:44:f1:09:c7:0e:34:6a:4f:ee:eb:e7:d7:bb:
ab:fc:80:62:ed:a9:99:1d:23:2c:63:23:f4:c6:ad:51:94:2e:
20:46:a7:fd:f4:04:26:1a:41:57:3a:58:ec:3d:d2:bf:59:da:
a3:6f:3d:e5:23:c7:5b:84:68:3d:18:ab:bc:7d:06:31:62:74:
d7:71:8c:95:e0:07:2e:1d:5b:03:a0:cb:e8:ab:d9:d5:e9:0a:
d2:ea:88:96:1d:a4:d7:b2:7c:6c:9b:7c:f9:ad:e8:fc:62:2d:
a4:e8:24:3d:18:c7:82:20:95:05:25:36:d1:95:08:3d:6f:2c:
44:c5:3c:c2
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUL4Bxrk56Fo+3fyLUlLt1FLLjwrAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzI5MDAwMDAwWhcNMjMwNDAxMjM1OTU5
WjCBpTFJMEcGA1UEBRNAYTBkNTUxNzU3OTk5OGQ0YWQxNmVkYmYxZjhjNDUwNjA4
MTViNWIwZTRkMDU3ZTIzZWQ1YjNhMDMwMzQ3N2IyMDEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM9WH/7/xPuhrjXrrQHNopEcQCwDH53h9apH5jOCGMrdBlGTt0Qc
bTAteiIBV2ErJd5QD0m+rYNz/mq+tKTxYWtXkMx4fAKB66ykHSQ3DsCdfi3bL70a
gBB0QgL188kz7RT9GVuEmiNewIOd9eBn/+GZZgONyklL4nG27FnGA8N26w3M7T2u
EW+s5zeb3xvz2OJPwOcAWgZfjeFxe5F3pw/elv5zcfuaewnK7BgJd3+NEm/ieJwn
PcmWVWKdYj+FGJUhuTW2/ywdUTj+e8HnLF2o3O91lWtKhqkmMJEYR0qglxAZDRb2
M8uhyr0QMu6FNpn726wlvNiMq61FiCEPLvsCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSJoZ7rbO598agUfPeAqrGz/8XIXjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYzMwZjczN2EtZjc3OC00NjE5LWI3MzctZTU3Yjg3MDNhYTNmLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAV2oOwBEOhil0PV
euNG1xssfYvOFccUVwOmAidI89EYIvNur3u+syDX3bVsiTd8PQ3ntNlvxKoglSv1
99FWgZfPuwB6nKgHUnMDi566LrffsxnJi5xNF/CL5PXh8rwSbIYF7hda37lXNfWR
ke+TpZZmjxg6Cgi6cE+ygip1rLE4wAuDRPEJxw40ak/u6+fXu6v8gGLtqZkdIyxj
I/TGrVGULiBGp/30BCYaQVc6WOw90r9Z2qNvPeUjx1uEaD0Yq7x9BjFidNdxjJXg
By4dWwOgy+ir2dXpCtLqiJYdpNeyfGybfPmt6PxiLaToJD0Yx4IglQUlNtGVCD1v
LETFPMI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:52 2023 by rpki-client on console-fra.rpki-client.org