Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de9b7a3d-c651-407f-b152-940655467edc.roa
File: de9b7a3d-c651-407f-b152-940655467edc.roa (raw, json)
Hash identifier: afF5Appcounrtb5s0ts1njMtKZ3CX0cVVpvO/pUW8No=
Subject key identifier: CA:CC:FB:82:E0:33:B5:A5:C0:13:A6:41:3C:2E:21:1C:91:72:64:DB
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 653DAAAA93DDDD27D061305BA275660134400D0F
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de9b7a3d-c651-407f-b152-940655467edc.roa
Signing time: Wed 15 Feb 2023 00:00:00 +0000
ROA not before: Wed 15 Feb 2023 00:00:00 +0000
ROA not after: Sat 18 Feb 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:3d:aa:aa:93:dd:dd:27:d0:61:30:5b:a2:75:66:01:34:40:0d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Feb 15 00:00:00 2023 GMT
Not After : Feb 18 23:59:59 2023 GMT
Subject: serialNumber=0be643a34d7036a164801090e9492ef93ba75c2a39b076d56bc89bd8302b2eb5, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d6:6a:42:dd:d0:f3:0c:e2:d6:42:e8:58:ee:
9f:2d:16:9e:41:74:23:77:1f:6d:4d:83:f7:45:5c:
02:91:28:66:f1:b0:84:b3:db:b6:9e:83:89:1a:ee:
d8:d4:5b:60:1f:61:3d:49:e5:6a:5d:29:c7:48:da:
d1:28:29:91:7d:f4:48:cb:2f:7b:02:d5:f9:f9:d9:
6d:ca:17:56:6d:58:da:06:55:df:04:b9:5b:c4:65:
10:0a:27:da:e4:21:48:84:d7:d2:e4:fa:51:1d:af:
4f:df:cb:ad:8c:70:b4:58:55:a1:53:b1:32:e7:f4:
b9:2a:0f:20:88:14:de:93:bd:d7:39:5b:18:85:f4:
8e:0d:57:8c:cf:6e:2a:91:ae:a3:38:43:8f:d9:53:
c9:0b:2b:71:ed:a5:80:21:09:0b:9b:33:6f:c9:58:
11:88:14:46:ee:19:92:6d:0c:20:94:da:44:10:a2:
3a:ea:0c:91:f7:53:b4:04:d0:06:c1:87:3b:ad:66:
cf:61:8f:b3:40:d6:b9:54:4b:ea:8b:d7:06:bf:e9:
84:f3:22:2e:58:ec:6e:d7:f0:f1:3d:63:16:0c:9c:
ac:5f:fb:0a:14:c0:3d:f3:60:63:4e:ba:96:4a:79:
02:b8:15:80:a1:85:69:cc:30:86:b1:66:c3:9b:64:
1f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CC:FB:82:E0:33:B5:A5:C0:13:A6:41:3C:2E:21:1C:91:72:64:DB
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/de9b7a3d-c651-407f-b152-940655467edc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e9:b3:79:02:2d:6e:87:6c:a2:97:2d:5e:41:8a:58:27:fc:
e1:32:ad:b8:43:e8:8c:1b:93:d3:65:08:35:8d:de:cb:ff:aa:
d8:2c:78:c8:03:e3:3e:24:45:21:b5:38:ee:a5:6a:11:ae:a4:
0d:04:8a:33:b9:4e:e2:a1:41:ce:95:31:86:34:d1:4d:24:f0:
13:09:c6:54:d8:99:60:07:14:55:e8:7b:02:7b:3a:68:df:1d:
c2:f4:fa:05:24:d1:62:c2:08:d6:6d:aa:55:47:02:9b:21:04:
c2:09:79:c1:48:6b:f8:4d:a2:ab:ec:f3:0b:63:14:e8:e5:63:
08:db:40:7a:f3:e2:68:8d:76:f6:f3:55:23:13:18:99:e1:d7:
cb:86:94:04:b3:29:5b:cc:8b:d3:e4:6e:c8:df:83:5e:14:b8:
01:a5:46:b5:29:28:f6:b9:3d:d1:52:c0:2e:6e:83:3f:62:b7:
e9:93:4b:65:33:74:b9:08:1c:62:23:f7:c6:2c:8a:0a:68:89:
3a:fc:db:15:7e:7d:7c:7d:7e:8e:2f:49:ab:20:7f:8d:8c:33:
ec:b1:9e:21:f2:b9:4d:fc:53:94:0d:9d:8b:ec:d3:51:b1:72:
68:ec:fb:5a:5e:55:f7:a7:d2:83:21:cb:27:81:6d:65:06:f5:
a8:b9:71:f3
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUZT2qqpPd3SfQYTBbonVmATRADQ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMjE1MDAwMDAwWhcNMjMwMjE4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMGJlNjQzYTM0ZDcwMzZhMTY0ODAxMDkwZTk0OTJlZjkz
YmE3NWMyYTM5YjA3NmQ1NmJjODliZDgzMDJiMmViNTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMjWakLd0PMM4tZC6Fjuny0WnkF0I3cfbU2D90VcApEoZvGwhLPb
tp6DiRru2NRbYB9hPUnlal0px0ja0SgpkX30SMsvewLV+fnZbcoXVm1Y2gZV3wS5
W8RlEAon2uQhSITX0uT6UR2vT9/LrYxwtFhVoVOxMuf0uSoPIIgU3pO91zlbGIX0
jg1XjM9uKpGuozhDj9lTyQsrce2lgCEJC5szb8lYEYgURu4Zkm0MIJTaRBCiOuoM
kfdTtATQBsGHO61mz2GPs0DWuVRL6ovXBr/phPMiLljsbtfw8T1jFgycrF/7ChTA
PfNgY066lkp5ArgVgKGFacwwhrFmw5tkH2UCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTKzPuC4DO1pcATpkE8LiEckXJk2zAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZGU5YjdhM2QtYzY1MS00MDdmLWIxNTItOTQwNjU1NDY3ZWRjLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHrps3kCLW6HbKKX
LV5Bilgn/OEyrbhD6Iwbk9NlCDWN3sv/qtgseMgD4z4kRSG1OO6lahGupA0EijO5
TuKhQc6VMYY00U0k8BMJxlTYmWAHFFXoewJ7OmjfHcL0+gUk0WLCCNZtqlVHApsh
BMIJecFIa/hNoqvs8wtjFOjlYwjbQHrz4miNdvbzVSMTGJnh18uGlASzKVvMi9Pk
bsjfg14UuAGlRrUpKPa5PdFSwC5ugz9it+mTS2UzdLkIHGIj98YsigpoiTr82xV+
fXx9fo4vSasgf42MM+yxniHyuU38U5QNnYvs01Gxcmjs+1peVfen0oMhyyeBbWUG
9ai5cfM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:55 2023 by rpki-client on console-fra.rpki-client.org