Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c684c4da-5a10-42f5-8124-3047f715ff00.roa
File: c684c4da-5a10-42f5-8124-3047f715ff00.roa (raw, json)
Hash identifier: UPfJParehhQ5QKf4lEkn2EonVRzkJ+92KukO34Kigck=
Subject key identifier: A2:6C:05:CB:96:49:20:22:96:3D:A2:03:69:E7:D5:87:F6:2A:C6:44
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 711E8A96E2820A77179E98475814F94E92DBE9D7
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c684c4da-5a10-42f5-8124-3047f715ff00.roa
Signing time: Mon 30 Jan 2023 00:00:00 +0000
ROA not before: Mon 30 Jan 2023 00:00:00 +0000
ROA not after: Thu 02 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:1e:8a:96:e2:82:0a:77:17:9e:98:47:58:14:f9:4e:92:db:e9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Jan 30 00:00:00 2023 GMT
Not After : Feb 2 23:59:59 2023 GMT
Subject: serialNumber=3efb5562411c1de197b11e287035406c453186f22abaf01767ee39ad08b3bdf1, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d0:25:db:23:b7:5f:8e:6e:a2:20:ee:7f:ad:
a8:dc:25:85:08:75:76:1a:69:52:a4:41:a5:6c:33:
e7:12:b1:cc:b6:53:52:92:54:2a:55:5a:6e:3b:d2:
e1:24:c3:4a:f6:23:25:5b:b4:ef:13:d4:7b:6e:2b:
94:80:90:ea:8a:44:95:5b:f6:22:af:38:42:58:00:
94:01:23:3c:7c:ff:ed:98:83:6f:91:80:ea:1f:47:
da:10:c1:3c:85:a9:fa:d3:cd:6a:30:59:13:fd:37:
3b:64:6e:12:b5:53:ef:e9:84:69:20:b4:6b:a2:75:
f5:be:9f:d9:a9:1e:47:09:13:f0:e8:00:8b:5b:ec:
f5:1f:7e:cb:1c:02:8a:1b:95:c0:8e:dc:68:45:0f:
88:e2:5c:53:8d:fd:6b:89:8d:9f:ff:37:47:d0:5b:
99:1d:c4:d2:90:17:66:2a:ba:7a:25:f2:cd:ad:29:
0f:22:49:c8:30:e5:dc:6c:2e:39:6d:b6:53:5f:bd:
f5:c5:cb:4b:cd:cd:fe:0d:db:f2:54:55:05:11:3c:
0b:d1:40:3a:7b:07:f8:5a:b6:d7:68:71:07:99:99:
b1:70:cc:7d:7c:65:98:e7:eb:62:68:a6:fa:af:5e:
9a:d5:d6:18:80:24:4a:08:02:50:71:3e:45:fc:86:
6c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6C:05:CB:96:49:20:22:96:3D:A2:03:69:E7:D5:87:F6:2A:C6:44
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c684c4da-5a10-42f5-8124-3047f715ff00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:46:6c:76:f0:87:34:34:91:95:95:73:54:d2:33:d0:da:b7:
d5:be:d5:86:5c:d5:3d:6e:78:92:69:e0:78:b0:5c:f7:8e:1b:
b7:32:63:ee:b4:10:f6:e5:93:21:a1:8e:80:ad:f1:1c:6b:25:
ca:87:65:33:45:c3:6f:d8:b9:84:d4:fd:13:60:90:c9:0a:bd:
d3:7a:26:ab:d3:b7:3f:a7:04:08:82:db:9f:e1:16:ce:fe:1d:
bb:3b:1c:ec:65:f0:1a:80:cd:1c:98:8c:6b:08:88:6e:25:85:
d2:63:ff:c2:61:3c:b6:eb:49:82:13:a1:bb:0a:4a:a2:c8:4d:
71:3c:ae:66:ff:8c:00:85:a1:03:83:2f:61:17:77:56:50:9c:
72:28:77:82:dd:40:eb:29:17:07:cf:af:ff:8d:cb:0d:48:ac:
b8:a4:b2:66:9d:c4:4c:c8:49:40:79:82:d5:6b:0a:f6:82:15:
c0:10:35:40:3c:ed:a2:c8:24:b3:d7:88:96:c9:23:2e:ea:99:
10:09:a1:87:dc:e6:d8:54:ca:8b:10:38:e8:95:bc:e0:79:fa:
ce:55:15:a0:86:70:bf:db:35:6a:5b:f1:bb:49:08:15:76:5f:
c3:66:09:c4:cc:4e:d0:8a:f9:33:1e:94:c8:e4:e7:4c:a5:fd:
b0:24:e2:ec
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUcR6KluKCCncXnphHWBT5TpLb6dcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMTMwMDAwMDAwWhcNMjMwMjAyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAM2VmYjU1NjI0MTFjMWRlMTk3YjExZTI4NzAzNTQwNmM0
NTMxODZmMjJhYmFmMDE3NjdlZTM5YWQwOGIzYmRmMTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKvQJdsjt1+ObqIg7n+tqNwlhQh1dhppUqRBpWwz5xKxzLZTUpJU
KlVabjvS4STDSvYjJVu07xPUe24rlICQ6opElVv2Iq84QlgAlAEjPHz/7ZiDb5GA
6h9H2hDBPIWp+tPNajBZE/03O2RuErVT7+mEaSC0a6J19b6f2akeRwkT8OgAi1vs
9R9+yxwCihuVwI7caEUPiOJcU439a4mNn/83R9BbmR3E0pAXZiq6eiXyza0pDyJJ
yDDl3GwuOW22U1+99cXLS83N/g3b8lRVBRE8C9FAOnsH+Fq212hxB5mZsXDMfXxl
mOfrYmim+q9emtXWGIAkSggCUHE+RfyGbOUCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSibAXLlkkgIpY9ogNp59WH9irGRDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYzY4NGM0ZGEtNWExMC00MmY1LTgxMjQtMzA0N2Y3MTVmZjAwLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALlGbHbwhzQ0kZWV
c1TSM9Dat9W+1YZc1T1ueJJp4HiwXPeOG7cyY+60EPblkyGhjoCt8RxrJcqHZTNF
w2/YuYTU/RNgkMkKvdN6JqvTtz+nBAiC25/hFs7+Hbs7HOxl8BqAzRyYjGsIiG4l
hdJj/8JhPLbrSYITobsKSqLITXE8rmb/jACFoQODL2EXd1ZQnHIod4LdQOspFwfP
r/+Nyw1IrLiksmadxEzISUB5gtVrCvaCFcAQNUA87aLIJLPXiJbJIy7qmRAJoYfc
5thUyosQOOiVvOB5+s5VFaCGcL/bNWpb8btJCBV2X8NmCcTMTtCK+TMelMjk50yl
/bAk4uw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:52 2023 by rpki-client on console-fra.rpki-client.org