Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de08af59-8084-4fb2-82a2-60f8750a873b.roa
File: de08af59-8084-4fb2-82a2-60f8750a873b.roa (raw, json)
Hash identifier: TpaxLsV7u0+KQmcQaVPSILBz2hCv2fElrvNSQSYhniA=
Subject key identifier: BC:AC:16:FF:2C:F8:89:24:37:58:B4:AB:98:ED:32:44:AF:CC:01:01
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 28F4C46FDE0D181AFD57E9DDDB6246777A3EF956
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de08af59-8084-4fb2-82a2-60f8750a873b.roa
Signing time: Tue 28 Feb 2023 00:00:00 +0000
ROA not before: Tue 28 Feb 2023 00:00:00 +0000
ROA not after: Fri 03 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:f4:c4:6f:de:0d:18:1a:fd:57:e9:dd:db:62:46:77:7a:3e:f9:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 28 00:00:00 2023 GMT
Not After : Mar 3 23:59:59 2023 GMT
Subject: serialNumber=1d8ccbfe2e8264e2e0791762dde15da6fb6991b43b429b7c857a3b1e52795b97, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a2:e1:b2:97:33:af:ea:25:33:b8:a5:91:d2:
46:06:83:37:b1:11:6c:a9:1f:ce:17:96:08:cc:b9:
32:1d:cb:3d:a6:2e:ad:6f:e3:d4:91:a2:44:47:76:
5b:08:0c:26:cd:87:90:c4:35:a9:01:93:23:5b:18:
b8:5d:07:09:68:a3:61:4a:24:01:63:3f:33:51:8b:
67:d7:b5:4d:84:27:ad:39:b6:72:c0:b2:8b:e7:83:
05:48:6f:83:d4:a3:76:4d:f9:f9:24:c4:1f:78:7f:
36:27:52:6c:10:69:22:6c:93:1f:3f:30:da:1d:e4:
59:94:df:59:61:75:39:be:95:62:f5:06:90:83:50:
8b:7a:28:eb:06:39:25:02:cc:52:0e:1d:b4:0c:a4:
fb:78:78:b4:69:1a:df:6e:c6:cb:e5:ae:85:05:a9:
23:23:6c:a3:af:bb:8d:12:d5:85:da:16:b8:82:8e:
5a:d1:fa:e2:0f:30:00:47:f2:80:c6:e7:8c:41:88:
5d:91:78:fb:54:3c:c9:3c:73:f9:c8:26:51:23:80:
3d:1e:c0:71:89:87:3f:bd:f3:39:e3:4b:27:0a:d4:
20:01:c5:3c:81:57:af:78:6d:4b:be:70:c2:38:63:
87:94:fe:1c:ca:e9:ed:9b:7e:80:06:1c:08:fd:7f:
26:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AC:16:FF:2C:F8:89:24:37:58:B4:AB:98:ED:32:44:AF:CC:01:01
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de08af59-8084-4fb2-82a2-60f8750a873b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
87:82:6f:ed:2b:46:02:f0:bc:0d:9f:4a:de:9a:92:5d:90:77:
e9:9b:00:5a:b5:71:4d:15:27:99:9c:17:91:d1:f2:12:49:33:
e7:26:74:05:39:83:b0:95:ee:68:38:74:9f:96:8b:f4:0b:dc:
42:a3:e7:a8:17:b0:cd:73:f5:d8:9d:69:3f:be:84:0c:b7:64:
c4:cd:f2:e3:cc:86:57:e8:e1:e1:e4:43:61:f0:4b:58:9e:c6:
91:91:19:75:0f:61:e4:48:e3:54:5d:9b:7a:c2:70:eb:37:9d:
e9:fc:bc:4e:fc:66:a4:6e:1b:c6:e8:a9:10:a3:80:1d:df:e0:
38:01:7f:3c:d2:d1:91:e3:e7:65:b3:b1:cd:f4:ae:3e:ef:56:
e1:f7:ab:38:b9:05:fe:f0:6e:4b:79:6d:01:d3:10:3d:ff:2e:
66:a8:a7:98:99:b1:96:37:b3:cb:5b:e3:d5:59:78:52:da:26:
5a:1a:f3:57:e7:37:3e:e3:b3:0d:7b:69:61:c0:12:cf:82:fd:
3a:b4:19:80:01:d0:29:ec:71:d3:c9:90:64:0a:b7:66:04:78:
78:a9:37:e9:07:32:d9:04:8a:21:04:94:d1:84:88:2e:9b:19:
0c:fd:b3:f6:36:44:9f:46:56:1d:d3:27:6e:8a:1c:76:1e:3b:
a3:5b:2d:be
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUKPTEb94NGBr9V+nd22JGd3o++VYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjI4MDAwMDAwWhcNMjMwMzAzMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMWQ4Y2NiZmUyZTgyNjRlMmUwNzkxNzYyZGRlMTVkYTZm
YjY5OTFiNDNiNDI5YjdjODU3YTNiMWU1Mjc5NWI5NzEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKqi4bKXM6/qJTO4pZHSRgaDN7ERbKkfzheWCMy5Mh3LPaYurW/j
1JGiREd2WwgMJs2HkMQ1qQGTI1sYuF0HCWijYUokAWM/M1GLZ9e1TYQnrTm2csCy
i+eDBUhvg9Sjdk35+STEH3h/NidSbBBpImyTHz8w2h3kWZTfWWF1Ob6VYvUGkINQ
i3oo6wY5JQLMUg4dtAyk+3h4tGka327Gy+WuhQWpIyNso6+7jRLVhdoWuIKOWtH6
4g8wAEfygMbnjEGIXZF4+1Q8yTxz+cgmUSOAPR7AcYmHP73zOeNLJwrUIAHFPIFX
r3htS75wwjhjh5T+HMrp7Zt+gAYcCP1/JukCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBS8rBb/LPiJJDdYtKuY7TJEr8wBATAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZGUwOGFmNTktODA4NC00ZmIyLTgyYTItNjBmODc1MGE4NzNiLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIeCb+0rRgLwvA2f
St6akl2Qd+mbAFq1cU0VJ5mcF5HR8hJJM+cmdAU5g7CV7mg4dJ+Wi/QL3EKj56gX
sM1z9didaT++hAy3ZMTN8uPMhlfo4eHkQ2HwS1iexpGRGXUPYeRI41Rdm3rCcOs3
nen8vE78ZqRuG8boqRCjgB3f4DgBfzzS0ZHj52Wzsc30rj7vVuH3qzi5Bf7wbkt5
bQHTED3/Lmaop5iZsZY3s8tb49VZeFLaJloa81fnNz7jsw17aWHAEs+C/Tq0GYAB
0CnscdPJkGQKt2YEeHipN+kHMtkEiiEElNGEiC6bGQz9s/Y2RJ9GVh3TJ26KHHYe
O6NbLb4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:55 2023 by rpki-client on console-fra.rpki-client.org