Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de50f02e-e815-4e54-9cfa-aa95853c5631.roa
File: de50f02e-e815-4e54-9cfa-aa95853c5631.roa (raw, json)
Hash identifier: 6TPiJkAXIJPV7+WsHWi5pD2UcdrvbxB1kgcgRGm+jqs=
Subject key identifier: BA:C9:9A:9A:E0:E1:58:1D:D6:C0:1F:57:39:F2:AC:70:B1:17:C7:3B
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 3969A30248260A1C38271EA954443815D1322C23
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de50f02e-e815-4e54-9cfa-aa95853c5631.roa
Signing time: Sat 25 Mar 2023 00:00:00 +0000
ROA not before: Sat 25 Mar 2023 00:00:00 +0000
ROA not after: Tue 28 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:69:a3:02:48:26:0a:1c:38:27:1e:a9:54:44:38:15:d1:32:2c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 25 00:00:00 2023 GMT
Not After : Mar 28 23:59:59 2023 GMT
Subject: serialNumber=b75eeaf1416e6a9600a453ecef758168f85f005a0ae026674a54dc88774c65aa, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:63:8c:21:59:36:2b:66:4a:a3:73:c9:64:d1:
39:8e:cd:bf:bc:3c:04:6a:f9:3a:64:27:4e:e6:1f:
2b:48:9c:92:06:2d:dc:b6:7f:2d:43:f2:35:30:38:
30:02:54:04:17:22:f3:b1:15:89:70:0b:05:bb:46:
ed:c2:0e:58:8f:b4:9a:92:87:9d:40:9d:a6:9c:3a:
07:0f:d3:f6:66:fd:0e:ea:15:74:f2:54:b8:7e:c2:
63:e2:d0:55:0b:f0:9c:33:b9:4f:98:60:1f:67:9d:
43:13:fa:c4:c5:ce:5f:db:d4:b8:53:5e:17:41:c1:
9b:d5:d5:e3:79:ec:6e:c7:c5:7f:f7:23:0f:da:be:
78:bf:59:08:96:f1:69:77:a7:4a:a7:f7:c7:be:53:
55:76:86:64:24:98:95:f7:d6:85:75:b1:36:7d:70:
e7:96:d0:09:07:cc:bd:c0:bc:58:08:22:01:db:44:
e4:fa:88:72:27:23:33:cc:16:db:3a:0d:a9:68:b3:
a0:b9:6f:a2:98:74:66:da:df:33:89:9f:b5:23:5f:
d2:ba:9f:b8:33:31:77:d3:af:7a:43:4c:ef:2a:5d:
23:a8:3a:d5:d4:d1:73:e6:db:63:24:1a:c8:c8:b6:
1c:1c:5c:81:be:98:d5:7b:f4:fa:a2:44:e9:c3:f1:
47:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C9:9A:9A:E0:E1:58:1D:D6:C0:1F:57:39:F2:AC:70:B1:17:C7:3B
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de50f02e-e815-4e54-9cfa-aa95853c5631.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:d2:d8:86:e8:39:a3:d8:c6:22:a8:ed:57:b0:37:44:8c:c6:
0c:1f:15:27:e8:a0:a2:2b:58:26:2b:94:a7:be:39:ef:60:21:
ac:a1:17:5c:6d:dd:b1:2c:19:07:ba:fe:f5:49:51:0a:51:3c:
02:40:08:92:d4:ac:9c:15:51:6c:11:8c:bd:d5:68:3f:e2:f7:
d9:b7:b3:9a:2f:68:62:9c:ea:15:32:d3:2e:8d:cf:32:b3:92:
fb:12:e5:93:cb:86:38:cd:e5:5b:35:7b:59:ed:5e:a0:7a:b3:
de:15:42:dd:81:3e:53:20:dc:d1:dc:f9:63:f0:8d:e8:bb:6a:
b6:ec:d8:6f:52:84:42:fa:0b:34:f0:b3:3d:78:20:6d:9e:b1:
a4:97:89:2e:c1:5c:3c:6c:44:22:c6:d8:96:81:20:c7:fa:54:
d9:bc:73:d2:f2:49:43:7b:e1:cd:f6:87:63:8d:54:e1:89:a9:
f6:15:8f:74:25:69:bb:00:9c:9c:47:2e:4b:e8:94:16:da:e3:
e7:c2:75:72:7a:df:42:a5:e2:6c:a4:f9:c2:b5:9d:a4:0d:ff:
cc:9f:c6:fb:93:04:3e:58:21:ca:2a:aa:31:62:0c:17:bc:b8:
ad:71:70:c4:9f:f7:e6:07:32:58:ca:8c:39:5d:d7:2b:78:96:
ee:64:6a:6d
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUOWmjAkgmChw4Jx6pVEQ4FdEyLCMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzI1MDAwMDAwWhcNMjMwMzI4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYjc1ZWVhZjE0MTZlNmE5NjAwYTQ1M2VjZWY3NTgxNjhm
ODVmMDA1YTBhZTAyNjY3NGE1NGRjODg3NzRjNjVhYTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMhjjCFZNitmSqNzyWTROY7Nv7w8BGr5OmQnTuYfK0ickgYt3LZ/
LUPyNTA4MAJUBBci87EViXALBbtG7cIOWI+0mpKHnUCdppw6Bw/T9mb9DuoVdPJU
uH7CY+LQVQvwnDO5T5hgH2edQxP6xMXOX9vUuFNeF0HBm9XV43nsbsfFf/cjD9q+
eL9ZCJbxaXenSqf3x75TVXaGZCSYlffWhXWxNn1w55bQCQfMvcC8WAgiAdtE5PqI
cicjM8wW2zoNqWizoLlvoph0ZtrfM4mftSNf0rqfuDMxd9OvekNM7ypdI6g61dTR
c+bbYyQayMi2HBxcgb6Y1Xv0+qJE6cPxRzMCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBS6yZqa4OFYHdbAH1c58qxwsRfHOzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZGU1MGYwMmUtZTgxNS00ZTU0LTljZmEtYWE5NTg1M2M1NjMxLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAMjS2IboOaPYxiKo
7VewN0SMxgwfFSfooKIrWCYrlKe+Oe9gIayhF1xt3bEsGQe6/vVJUQpRPAJACJLU
rJwVUWwRjL3VaD/i99m3s5ovaGKc6hUy0y6NzzKzkvsS5ZPLhjjN5Vs1e1ntXqB6
s94VQt2BPlMg3NHc+WPwjei7arbs2G9ShEL6CzTwsz14IG2esaSXiS7BXDxsRCLG
2JaBIMf6VNm8c9LySUN74c32h2ONVOGJqfYVj3QlabsAnJxHLkvolBba4+fCdXJ6
30Kl4myk+cK1naQN/8yfxvuTBD5YIcoqqjFiDBe8uK1xcMSf9+YHMljKjDld1yt4
lu5kam0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:55 2023 by rpki-client on console-fra.rpki-client.org