Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c994d741-e27f-401d-9e3c-5661284512cc.roa
File: c994d741-e27f-401d-9e3c-5661284512cc.roa (raw, json)
Hash identifier: fr3jzx+zwq//waJwOxUDxj7OnTFyNFxWvwPjY4wfF30=
Subject key identifier: 66:50:B3:E4:10:54:54:FC:EC:DE:B9:85:86:C1:91:88:F0:01:9F:C4
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 51EB3108D8F05A8773EE39576B4D6219162891EA
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c994d741-e27f-401d-9e3c-5661284512cc.roa
Signing time: Fri 09 Dec 2022 00:00:00 +0000
ROA not before: Fri 09 Dec 2022 00:00:00 +0000
ROA not after: Mon 12 Dec 2022 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:eb:31:08:d8:f0:5a:87:73:ee:39:57:6b:4d:62:19:16:28:91:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Dec 9 00:00:00 2022 GMT
Not After : Dec 12 23:59:59 2022 GMT
Subject: serialNumber=9e46613a86d9d99a59e0bf4337f267ccb30aa0fb6e695ef4188ba26e3b64252c, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a9:c6:28:e1:59:10:b7:5d:ee:81:cc:4e:58:
85:4a:68:3a:39:1c:b8:97:92:5f:0f:45:b0:ff:65:
a5:e2:a2:ec:38:11:d0:53:c7:80:30:32:b1:47:04:
d6:4f:97:0c:38:81:4b:b1:9a:a6:55:ff:74:e6:e2:
9e:14:1a:dc:8a:6c:56:68:6f:07:87:72:7e:b0:22:
9e:46:6c:ad:7a:9c:4c:56:b3:22:ee:a5:6b:4f:13:
98:e5:b7:79:f2:e1:47:99:ad:60:53:08:2b:a2:c1:
b2:a8:f8:17:ea:c1:68:5f:c6:2f:da:5d:a4:00:06:
f6:65:f9:df:90:c3:7c:99:55:53:85:fc:74:9b:78:
ad:df:63:fc:86:a6:10:4c:74:ea:45:3f:9c:d2:27:
dd:15:e2:e3:b4:36:06:a9:5f:fc:d4:ad:30:41:9b:
84:c5:f0:86:78:60:4a:14:ad:47:fe:9b:8c:dd:ae:
04:0f:8a:15:ef:d4:ad:88:b7:bc:03:27:fb:da:cf:
c8:a5:18:43:1d:d1:50:b9:92:dd:ba:a9:34:3d:5d:
3f:02:04:1b:09:cd:9e:0d:42:6a:b3:cc:da:72:06:
a9:39:78:57:9b:18:17:33:7e:d5:a0:a4:19:57:bc:
a2:79:71:09:8e:3e:1a:4a:59:0d:5d:30:f8:a4:77:
2d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:50:B3:E4:10:54:54:FC:EC:DE:B9:85:86:C1:91:88:F0:01:9F:C4
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/c994d741-e27f-401d-9e3c-5661284512cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:40:ce:2a:ab:b5:19:1f:7f:05:fe:7d:5a:46:b9:54:a6:24:
8f:ee:25:17:49:ce:86:32:8f:78:11:f4:44:8b:a5:bb:e5:c7:
36:cf:5c:d0:56:08:d7:9a:cf:3b:69:6a:4a:c1:31:15:88:31:
4f:b2:b6:32:15:ed:4f:b8:25:df:a7:14:c5:60:9a:7b:64:ee:
e9:0a:74:51:67:6d:a5:f7:36:f8:f2:c0:ff:aa:b6:d8:5d:29:
97:96:2d:98:f0:bf:db:e4:cd:d6:36:ab:39:9d:c1:d8:15:c9:
c0:47:35:c9:0f:fc:97:f2:0b:c7:b4:c7:31:64:64:93:b4:33:
88:4b:10:4c:95:1c:f8:be:09:ed:d0:c2:0a:b6:5f:4a:88:c3:
44:be:e1:de:d2:fd:26:58:c2:aa:d0:94:7f:b1:08:eb:38:d8:
2b:61:7f:64:0b:12:1c:d4:ca:20:49:c2:84:c8:8d:94:1b:3c:
1b:0b:db:a8:5a:9e:ee:cf:c6:33:cb:c0:a4:b7:23:ec:51:06:
db:b6:7a:bc:bc:02:4a:9d:96:b8:f5:6f:60:bd:50:ff:92:32:
db:08:cb:4b:71:21:fe:0e:21:a5:e9:e8:42:c7:ef:f3:39:42:
34:f6:7b:cb:7a:07:41:69:b1:d8:f2:5e:c7:74:ed:0a:b5:9f:
18:b4:fa:1b
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUUesxCNjwWodz7jlXa01iGRYokeowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIxMjA5MDAwMDAwWhcNMjIxMjEyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAOWU0NjYxM2E4NmQ5ZDk5YTU5ZTBiZjQzMzdmMjY3Y2Ni
MzBhYTBmYjZlNjk1ZWY0MTg4YmEyNmUzYjY0MjUyYzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMipxijhWRC3Xe6BzE5YhUpoOjkcuJeSXw9FsP9lpeKi7DgR0FPH
gDAysUcE1k+XDDiBS7GaplX/dObinhQa3IpsVmhvB4dyfrAinkZsrXqcTFazIu6l
a08TmOW3efLhR5mtYFMIK6LBsqj4F+rBaF/GL9pdpAAG9mX535DDfJlVU4X8dJt4
rd9j/IamEEx06kU/nNIn3RXi47Q2Bqlf/NStMEGbhMXwhnhgShStR/6bjN2uBA+K
Fe/UrYi3vAMn+9rPyKUYQx3RULmS3bqpND1dPwIEGwnNng1CarPM2nIGqTl4V5sY
FzN+1aCkGVe8onlxCY4+GkpZDV0w+KR3LecCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRmULPkEFRU/OzeuYWGwZGI8AGfxDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYzk5NGQ3NDEtZTI3Zi00MDFkLTllM2MtNTY2MTI4NDUxMmNjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAK5AziqrtRkffwX+
fVpGuVSmJI/uJRdJzoYyj3gR9ESLpbvlxzbPXNBWCNeazztpakrBMRWIMU+ytjIV
7U+4Jd+nFMVgmntk7ukKdFFnbaX3NvjywP+qtthdKZeWLZjwv9vkzdY2qzmdwdgV
ycBHNckP/JfyC8e0xzFkZJO0M4hLEEyVHPi+Ce3Qwgq2X0qIw0S+4d7S/SZYwqrQ
lH+xCOs42Cthf2QLEhzUyiBJwoTIjZQbPBsL26hanu7PxjPLwKS3I+xRBtu2ery8
Akqdlrj1b2C9UP+SMtsIy0txIf4OIaXp6ELH7/M5QjT2e8t6B0FpsdjyXsd07Qq1
nxi0+hs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:53 2023 by rpki-client on console-fra.rpki-client.org