Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/ce694745-acd3-45e0-b694-ff99c3c577ca.roa
File: ce694745-acd3-45e0-b694-ff99c3c577ca.roa (raw, json)
Hash identifier: HmBUqfrwnGPIK19peSbf/GYlC8jT8Gn6qm7jwjD99Ic=
Subject key identifier: 66:C5:14:95:30:6D:63:23:16:B3:64:42:DC:FB:C7:A3:8F:C2:E0:8C
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 3988E64DF3D222D084654C9EEEC90E8A3A562EDE
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/ce694745-acd3-45e0-b694-ff99c3c577ca.roa
Signing time: Sun 12 Mar 2023 00:00:00 +0000
ROA not before: Sun 12 Mar 2023 00:00:00 +0000
ROA not after: Wed 15 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:88:e6:4d:f3:d2:22:d0:84:65:4c:9e:ee:c9:0e:8a:3a:56:2e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 12 00:00:00 2023 GMT
Not After : Mar 15 23:59:59 2023 GMT
Subject: serialNumber=f6da81e092b87ffd08836428ecc76449980bf8d7a91c81aca1b603c321c9d442, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cf:9f:94:93:b6:59:b0:6b:6a:80:a0:3c:51:
36:c3:a7:12:b6:d9:02:d3:8f:29:c2:61:4c:df:41:
01:12:79:f2:f8:a6:f5:fc:1e:52:eb:4b:7d:39:2f:
f7:89:f9:00:23:88:ff:6c:4f:6f:c3:99:9f:c2:3b:
78:d4:91:21:d9:2a:f1:fd:16:62:06:59:e6:45:ec:
ab:b1:0c:b4:54:f3:9d:f0:b2:43:e4:6f:9b:29:8c:
44:46:b8:27:11:00:e4:4b:aa:ac:5b:58:62:f5:96:
ec:84:47:a7:fe:6b:65:6c:b8:84:97:ed:1a:13:16:
16:30:e1:8a:a0:17:16:b2:57:6c:1f:00:6f:7b:a5:
c3:52:78:5c:0e:3d:75:6d:79:9d:e5:a8:2e:0b:8b:
59:14:3f:1d:56:7b:e7:69:39:c5:d6:38:bf:8c:78:
10:52:94:b4:ac:e5:88:d8:b5:43:42:3d:bd:b3:b4:
91:b2:57:f8:fb:b7:63:d0:8c:ed:4f:f3:94:2f:9f:
7e:9c:d9:48:c7:79:04:c5:e8:74:11:42:5c:56:46:
50:e7:e9:64:98:9e:44:a6:14:bd:9b:24:fc:c1:4d:
7e:07:d5:b9:5d:28:75:a9:70:af:de:3f:f4:97:02:
8b:45:cc:8c:80:24:e5:a9:09:a3:49:b7:46:6c:92:
d6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C5:14:95:30:6D:63:23:16:B3:64:42:DC:FB:C7:A3:8F:C2:E0:8C
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/ce694745-acd3-45e0-b694-ff99c3c577ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:c8:b9:08:d7:dd:8e:af:d7:a1:f8:f9:62:4b:69:b4:1c:e8:
77:70:5a:5d:47:5d:02:0d:8f:c7:cc:47:c0:b1:90:75:85:e9:
ae:94:e0:d5:1d:62:9d:34:39:fc:19:ff:e5:70:c5:8c:5a:a9:
1d:66:dc:d5:43:c8:3f:49:f1:43:20:ef:f8:1f:c7:41:ea:b6:
9e:d0:b3:13:25:7c:4d:64:26:bf:5a:18:f6:90:c3:3a:d9:bc:
70:b0:7e:8b:85:63:de:0f:53:12:e6:e8:3a:f3:a8:0a:3f:9f:
fc:a7:1c:83:3d:cf:37:a5:fe:cf:7c:a3:70:09:0b:d9:d3:4a:
8b:e2:7c:d4:04:82:49:2b:bc:2a:be:fa:c0:11:85:ec:6f:20:
f0:b4:56:58:2c:7f:89:2a:d1:9c:0a:ca:d4:c7:b1:2d:53:29:
26:de:a9:b1:2c:94:dd:a7:d9:b6:6c:1c:2a:e0:1b:81:95:40:
1c:28:58:20:27:b6:bf:47:6e:72:9b:f5:cd:51:b2:d0:6c:23:
a3:78:82:c4:02:e2:59:84:47:ef:af:5e:d7:03:ff:d5:00:c1:
cd:aa:67:a2:78:86:f7:c3:3c:57:2d:35:d9:06:53:95:d0:7d:
39:d8:0c:f5:b3:f5:71:9f:bc:a4:3e:ef:b2:f2:cc:e7:f8:4b:
91:2c:02:63
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUOYjmTfPSItCEZUye7skOijpWLt4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzEyMDAwMDAwWhcNMjMwMzE1MjM1OTU5
WjCBpTFJMEcGA1UEBRNAZjZkYTgxZTA5MmI4N2ZmZDA4ODM2NDI4ZWNjNzY0NDk5
ODBiZjhkN2E5MWM4MWFjYTFiNjAzYzMyMWM5ZDQ0MjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMnPn5STtlmwa2qAoDxRNsOnErbZAtOPKcJhTN9BARJ58vim9fwe
UutLfTkv94n5ACOI/2xPb8OZn8I7eNSRIdkq8f0WYgZZ5kXsq7EMtFTznfCyQ+Rv
mymMREa4JxEA5EuqrFtYYvWW7IRHp/5rZWy4hJftGhMWFjDhiqAXFrJXbB8Ab3ul
w1J4XA49dW15neWoLguLWRQ/HVZ752k5xdY4v4x4EFKUtKzliNi1Q0I9vbO0kbJX
+Pu3Y9CM7U/zlC+ffpzZSMd5BMXodBFCXFZGUOfpZJieRKYUvZsk/MFNfgfVuV0o
dalwr94/9JcCi0XMjIAk5akJo0m3RmyS1vUCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRmxRSVMG1jIxazZELc+8ejj8LgjDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvY2U2OTQ3NDUtYWNkMy00NWUwLWI2OTQtZmY5OWMzYzU3N2NhLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALzIuQjX3Y6v16H4
+WJLabQc6HdwWl1HXQINj8fMR8CxkHWF6a6U4NUdYp00OfwZ/+VwxYxaqR1m3NVD
yD9J8UMg7/gfx0Hqtp7QsxMlfE1kJr9aGPaQwzrZvHCwfouFY94PUxLm6DrzqAo/
n/ynHIM9zzel/s98o3AJC9nTSovifNQEgkkrvCq++sARhexvIPC0Vlgsf4kq0ZwK
ytTHsS1TKSbeqbEslN2n2bZsHCrgG4GVQBwoWCAntr9HbnKb9c1RstBsI6N4gsQC
4lmER++vXtcD/9UAwc2qZ6J4hvfDPFctNdkGU5XQfTnYDPWz9XGfvKQ+77LyzOf4
S5EsAmM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:53 2023 by rpki-client on console-fra.rpki-client.org