Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c57b6018-93c4-4075-b2a5-497f24bf9d6c.roa
File: c57b6018-93c4-4075-b2a5-497f24bf9d6c.roa (raw, json)
Hash identifier: PNZa7rg4RcTXh4DLf5YFn6kHOh5GMmOQOLm8EnKFZeM=
Subject key identifier: DE:93:32:E3:BD:04:B7:91:0F:32:D4:F9:DE:CC:D4:89:91:22:D6:85
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4BF48226BD01AC07C27015DD6EA028272206F305
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c57b6018-93c4-4075-b2a5-497f24bf9d6c.roa
Signing time: Tue 28 Mar 2023 00:00:00 +0000
ROA not before: Tue 28 Mar 2023 00:00:00 +0000
ROA not after: Fri 31 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:f4:82:26:bd:01:ac:07:c2:70:15:dd:6e:a0:28:27:22:06:f3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 28 00:00:00 2023 GMT
Not After : Mar 31 23:59:59 2023 GMT
Subject: serialNumber=f649c5ea05ab3ab29f35c94ae3757057ee578ba48ae818aa4c7caca5a75c2305, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ca:4e:72:f5:de:ee:4e:b7:b3:99:4a:bd:03:
01:d0:73:7b:bb:e4:20:16:b5:18:6b:c4:d4:f4:16:
0e:83:3e:58:a0:88:2b:58:9b:ab:2a:40:ed:0f:4e:
67:38:fa:e7:62:4d:e0:4d:be:95:7b:f7:a9:79:1f:
75:2e:ff:12:48:3a:38:d9:35:cf:9a:8f:6e:a9:ea:
58:86:e9:d4:b3:05:1d:71:d6:43:d3:76:bb:8c:59:
98:e0:44:8a:60:2a:08:27:45:66:30:50:b7:03:c3:
56:b3:1c:ca:e4:1e:12:8a:41:17:fe:11:0e:37:d9:
00:5b:a6:35:39:91:05:3f:e4:2d:92:f3:f9:6a:af:
61:18:0c:b3:ad:e7:c3:b7:9e:81:bf:e3:5b:fc:07:
ef:07:2f:d0:57:4c:ce:c5:60:e7:d7:90:24:1c:f2:
fd:49:1f:43:bf:f3:68:67:ed:45:53:f2:01:83:26:
5d:3f:a3:aa:2a:1a:3f:51:e4:25:da:d3:ef:0c:1c:
30:14:39:4c:4f:59:ec:89:17:32:be:ee:1a:e1:50:
1c:1f:04:78:58:30:1f:18:3f:92:49:83:0b:c5:7c:
f9:2d:80:1c:2d:44:6d:ee:d7:71:7c:bb:2e:cb:6d:
31:b1:06:92:b3:cd:a6:80:4f:6c:01:ee:28:2e:3e:
ac:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:93:32:E3:BD:04:B7:91:0F:32:D4:F9:DE:CC:D4:89:91:22:D6:85
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c57b6018-93c4-4075-b2a5-497f24bf9d6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:97:42:a6:be:e4:b5:d4:1a:2d:89:86:7d:6a:6a:49:53:e0:
08:c3:f7:e8:de:4e:91:16:46:86:b6:62:d9:53:fc:1a:d1:9e:
af:5b:48:22:1e:2e:d1:05:0c:ec:67:a9:23:1e:59:2a:eb:ed:
b5:8a:36:82:e4:b8:d0:07:43:3c:8f:01:82:b1:bb:d6:0c:b7:
40:24:2b:57:92:6d:fd:6c:0d:58:e6:34:4d:da:28:ba:f4:87:
51:ee:1a:3c:f3:69:4c:28:8c:d4:41:55:b4:0a:7f:02:39:68:
a3:2a:3b:00:e5:d6:c7:38:33:42:7a:10:a2:1e:d4:a6:3b:62:
c8:fe:89:f5:f3:3c:ac:3f:16:95:95:d9:1f:6b:8c:ea:a7:16:
fd:93:18:a7:8e:a0:a5:db:c8:a4:5c:d3:5c:bd:96:06:f5:6a:
d0:93:f3:ac:a3:1d:18:7a:8a:ba:9e:32:cf:c0:e2:10:aa:3a:
ef:da:14:c6:80:73:24:ca:50:0d:cb:7d:12:d4:9b:9b:d0:66:
dc:97:94:5d:21:c3:0c:63:02:42:b0:d5:28:90:c6:46:b3:52:
f2:92:ca:3b:9a:42:92:c3:cf:08:e0:98:11:17:d1:82:4b:bd:
80:23:c2:72:11:80:ed:94:f1:35:6f:ca:e3:f7:7b:49:e8:62:
3a:39:52:d2
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUS/SCJr0BrAfCcBXdbqAoJyIG8wUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzI4MDAwMDAwWhcNMjMwMzMxMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZjY0OWM1ZWEwNWFiM2FiMjlmMzVjOTRhZTM3NTcwNTdl
ZTU3OGJhNDhhZTgxOGFhNGM3Y2FjYTVhNzVjMjMwNTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJrKTnL13u5Ot7OZSr0DAdBze7vkIBa1GGvE1PQWDoM+WKCIK1ib
qypA7Q9OZzj652JN4E2+lXv3qXkfdS7/Ekg6ONk1z5qPbqnqWIbp1LMFHXHWQ9N2
u4xZmOBEimAqCCdFZjBQtwPDVrMcyuQeEopBF/4RDjfZAFumNTmRBT/kLZLz+Wqv
YRgMs63nw7eegb/jW/wH7wcv0FdMzsVg59eQJBzy/UkfQ7/zaGftRVPyAYMmXT+j
qioaP1HkJdrT7wwcMBQ5TE9Z7IkXMr7uGuFQHB8EeFgwHxg/kkmDC8V8+S2AHC1E
be7XcXy7LsttMbEGkrPNpoBPbAHuKC4+rMECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTekzLjvQS3kQ8y1PnezNSJkSLWhTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYzU3YjYwMTgtOTNjNC00MDc1LWIyYTUtNDk3ZjI0YmY5ZDZjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKGXQqa+5LXUGi2J
hn1qaklT4AjD9+jeTpEWRoa2YtlT/BrRnq9bSCIeLtEFDOxnqSMeWSrr7bWKNoLk
uNAHQzyPAYKxu9YMt0AkK1eSbf1sDVjmNE3aKLr0h1HuGjzzaUwojNRBVbQKfwI5
aKMqOwDl1sc4M0J6EKIe1KY7Ysj+ifXzPKw/FpWV2R9rjOqnFv2TGKeOoKXbyKRc
01y9lgb1atCT86yjHRh6irqeMs/A4hCqOu/aFMaAcyTKUA3LfRLUm5vQZtyXlF0h
wwxjAkKw1SiQxkazUvKSyjuaQpLDzwjgmBEX0YJLvYAjwnIRgO2U8TVvyuP3e0no
Yjo5UtI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:52 2023 by rpki-client on console-fra.rpki-client.org