Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/d5d230ab-aa47-42fc-b172-85f2db13055d.roa
File: d5d230ab-aa47-42fc-b172-85f2db13055d.roa (raw, json)
Hash identifier: ljaPKNTHVJpdiOLBcv4oEHNdO7KNbtLKxWzOVes0UV0=
Subject key identifier: 61:47:1B:8A:1F:F6:D6:C0:34:E8:B3:A6:29:2B:ED:2B:24:8D:2B:F2
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 0ED53ECAF003973AC05103E757109E98C4EBA00A
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/d5d230ab-aa47-42fc-b172-85f2db13055d.roa
Signing time: Fri 03 Mar 2023 00:00:00 +0000
ROA not before: Fri 03 Mar 2023 00:00:00 +0000
ROA not after: Mon 06 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:d5:3e:ca:f0:03:97:3a:c0:51:03:e7:57:10:9e:98:c4:eb:a0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 3 00:00:00 2023 GMT
Not After : Mar 6 23:59:59 2023 GMT
Subject: serialNumber=7fce9670d5c8c4653071df3d51f457406775df27b36aed8cdf0ef5c47b8dfe96, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9d:f3:18:e4:cf:49:67:3c:52:da:56:69:22:
d7:fd:42:9c:77:7d:10:0b:7b:c7:d3:d5:73:26:b2:
91:37:9d:10:cf:59:95:55:1a:ed:1f:d2:07:cb:ff:
34:f2:2c:a0:42:76:58:c2:e5:68:50:47:e2:35:5e:
cf:67:e0:4c:e9:ff:bb:89:40:a2:f3:fe:70:5c:c6:
47:7f:9c:3b:ad:e1:b2:6b:ec:f7:ae:7c:75:0c:21:
8a:33:77:25:c1:0e:f1:28:fe:6f:8e:98:26:45:40:
7c:8a:2f:28:bc:4b:60:00:39:d3:bb:fe:d9:50:16:
85:d1:bb:f8:86:dc:f3:77:c9:f4:9e:1e:8b:e9:06:
48:4e:10:50:d9:df:ba:4a:3c:da:36:18:d2:1b:f6:
4e:b0:38:08:da:a1:42:b2:77:db:b2:95:ec:5f:a3:
8e:cd:76:ae:4f:82:d2:a3:f7:94:33:4d:90:32:31:
3e:cd:7b:52:47:02:a6:c8:a9:5a:54:71:33:4c:8c:
09:b0:ba:81:f2:86:a0:32:16:76:12:dc:c8:2b:c4:
a4:b7:c4:a3:7e:5a:96:47:b4:76:c2:97:3a:21:cf:
01:cd:89:49:ba:92:7d:e8:ed:64:e3:2a:ca:d4:67:
6d:3c:4a:1e:1f:a0:b8:25:cf:60:be:eb:f1:ba:be:
c1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:47:1B:8A:1F:F6:D6:C0:34:E8:B3:A6:29:2B:ED:2B:24:8D:2B:F2
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/d5d230ab-aa47-42fc-b172-85f2db13055d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
33:d8:47:6b:36:6a:12:56:68:34:24:24:5f:0e:09:2d:74:df:
5a:e3:19:0b:84:bc:0c:c1:8b:b4:d3:bb:4e:95:dc:ef:f3:fe:
f0:e9:a4:63:ef:2c:bb:76:95:74:c9:9d:27:03:9d:d6:ba:7d:
bc:54:7e:85:da:b7:af:ab:f5:3e:7a:c5:dd:22:ff:2d:e8:71:
c8:70:f0:86:38:eb:46:59:13:96:dc:d8:29:91:e0:c4:54:ff:
b2:1e:dc:06:1d:72:0a:c0:ee:23:4b:c0:26:56:16:a4:fa:9e:
4a:85:64:ce:cc:60:42:d7:da:15:36:0f:19:24:0f:29:b6:50:
ba:1b:16:ea:d2:6c:66:89:2d:ab:88:d8:35:c8:ee:2c:d6:c1:
26:b7:0c:67:1a:4b:4c:6f:fe:31:d9:65:af:ad:fb:76:2e:22:
83:88:32:61:27:ad:a4:9d:12:81:75:bc:48:78:af:11:fb:33:
3a:3b:ee:be:d9:34:90:90:ad:fc:99:9c:a7:83:e4:81:d8:83:
6b:99:17:35:37:cd:27:4f:30:92:02:7b:81:da:ff:8d:86:de:
d4:31:2a:a9:5e:cf:dc:98:ca:10:4c:81:0c:7c:c6:99:03:f3:
20:4b:d6:a2:77:53:f5:49:7a:f2:7c:de:a7:0a:e0:5e:f7:8f:
75:cb:34:81
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUDtU+yvADlzrAUQPnVxCemMTroAowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzAzMDAwMDAwWhcNMjMwMzA2MjM1OTU5
WjCBpTFJMEcGA1UEBRNAN2ZjZTk2NzBkNWM4YzQ2NTMwNzFkZjNkNTFmNDU3NDA2
Nzc1ZGYyN2IzNmFlZDhjZGYwZWY1YzQ3YjhkZmU5NjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJmd8xjkz0lnPFLaVmki1/1CnHd9EAt7x9PVcyaykTedEM9ZlVUa
7R/SB8v/NPIsoEJ2WMLlaFBH4jVez2fgTOn/u4lAovP+cFzGR3+cO63hsmvs9658
dQwhijN3JcEO8Sj+b46YJkVAfIovKLxLYAA507v+2VAWhdG7+Ibc83fJ9J4ei+kG
SE4QUNnfuko82jYY0hv2TrA4CNqhQrJ327KV7F+jjs12rk+C0qP3lDNNkDIxPs17
UkcCpsipWlRxM0yMCbC6gfKGoDIWdhLcyCvEpLfEo35alke0dsKXOiHPAc2JSbqS
fejtZOMqytRnbTxKHh+guCXPYL7r8bq+wZECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRhRxuKH/bWwDTos6YpK+0rJI0r8jAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZDVkMjMwYWItYWE0Ny00MmZjLWIxNzItODVmMmRiMTMwNTVkLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADPYR2s2ahJWaDQk
JF8OCS1031rjGQuEvAzBi7TTu06V3O/z/vDppGPvLLt2lXTJnScDnda6fbxUfoXa
t6+r9T56xd0i/y3occhw8IY460ZZE5bc2CmR4MRU/7Ie3AYdcgrA7iNLwCZWFqT6
nkqFZM7MYELX2hU2DxkkDym2ULobFurSbGaJLauI2DXI7izWwSa3DGcaS0xv/jHZ
Za+t+3YuIoOIMmEnraSdEoF1vEh4rxH7Mzo77r7ZNJCQrfyZnKeD5IHYg2uZFzU3
zSdPMJICe4Ha/42G3tQxKqlez9yYyhBMgQx8xpkD8yBL1qJ3U/VJevJ83qcK4F73
j3XLNIE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:54 2023 by rpki-client on console-fra.rpki-client.org