Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/e687e63a-9565-4d9e-a68a-984c5dbe2c09.roa
File: e687e63a-9565-4d9e-a68a-984c5dbe2c09.roa (raw, json)
Hash identifier: 7LC9feoVk2sqflPsbUv6qe7rIbRlQRJwlIgeNRZKYjc=
Subject key identifier: 50:EB:96:07:53:C4:09:5C:5D:58:ED:5C:E8:62:15:9B:10:38:45:17
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 481C67578D8373D8090A865079E9FC8352E65D97
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/e687e63a-9565-4d9e-a68a-984c5dbe2c09.roa
Signing time: Mon 20 Mar 2023 00:00:00 +0000
ROA not before: Mon 20 Mar 2023 00:00:00 +0000
ROA not after: Thu 23 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:1c:67:57:8d:83:73:d8:09:0a:86:50:79:e9:fc:83:52:e6:5d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 20 00:00:00 2023 GMT
Not After : Mar 23 23:59:59 2023 GMT
Subject: serialNumber=39dd8685b3cc040fe81aba0501678c846393470a9fce35579fcd8cd88ce87b8e, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:17:73:dc:3d:69:a2:94:17:99:fe:1c:d7:
52:ab:30:c5:9c:2c:31:b4:e1:7a:a2:71:72:b8:40:
75:fc:8e:b7:09:57:fc:c1:52:6e:45:26:9b:94:f8:
66:14:b6:a8:e6:b5:03:ec:4d:4d:64:c1:8c:bf:be:
67:b3:62:87:fd:77:4f:17:ca:69:8f:2d:5b:3e:df:
23:aa:95:4c:da:3d:04:c2:66:26:55:81:00:e1:c5:
ce:5e:c1:1e:36:b8:be:84:3e:1c:12:dc:51:5f:cc:
33:34:d8:4f:6d:b8:97:06:84:ef:5d:63:ff:d1:98:
60:55:6c:3b:c9:64:16:9e:e3:42:fb:07:e9:f6:f4:
fc:fe:e4:5b:f1:bd:8c:2c:18:42:b1:37:0c:86:f9:
31:b0:91:ff:db:6d:82:36:ab:ff:f2:72:1d:77:13:
eb:df:61:38:64:11:6a:98:90:92:51:28:c8:dc:3e:
0c:01:aa:c9:41:69:5f:18:5f:f3:29:cc:2e:0e:f9:
42:91:8f:4e:fc:70:cc:ae:16:6f:bd:f6:5f:ac:a0:
45:05:a2:07:db:d7:69:72:63:49:01:5d:4c:dd:e6:
36:0a:b9:c0:87:5f:b8:4d:56:2e:eb:31:2c:32:e4:
38:55:e0:cb:14:78:d0:0a:10:be:ee:59:e3:e7:34:
21:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EB:96:07:53:C4:09:5C:5D:58:ED:5C:E8:62:15:9B:10:38:45:17
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/e687e63a-9565-4d9e-a68a-984c5dbe2c09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
73:b9:a8:64:0d:ff:cc:6d:96:46:34:95:14:e8:4c:3a:48:9a:
e9:17:43:88:31:09:0b:9e:4c:27:e1:07:ad:e0:e4:f1:c6:8d:
1d:cf:0a:78:12:09:d0:a9:17:ea:78:92:7b:bd:2d:24:35:e4:
7c:8a:b5:8f:61:84:58:26:eb:cd:85:c4:f7:8f:dd:77:79:d1:
bf:36:f6:00:69:8d:ee:58:e1:fe:d6:3d:28:23:f5:3c:50:d6:
41:85:cb:d5:4d:99:88:17:98:9a:a3:c0:46:72:61:7e:c6:5d:
c8:07:36:df:1c:41:12:d4:af:ff:d6:47:5e:15:c3:e2:49:ec:
b5:e3:3d:2b:c7:39:b1:e1:d8:32:d6:f9:9a:bb:c2:0f:d2:05:
ec:bd:30:14:ad:77:78:8a:81:f8:88:91:3a:56:4b:3e:61:6c:
c2:90:e5:94:0a:fd:8e:a4:83:83:67:39:d6:92:fb:f4:85:f3:
f0:7e:b9:70:ec:75:89:6d:c6:99:58:57:13:9e:d8:6f:d1:89:
73:d7:3d:ad:8f:49:1b:84:a8:97:60:b0:72:cb:59:4b:65:d4:
bf:40:23:89:be:26:33:f1:05:9b:d8:92:f8:84:89:68:0f:57:
17:a1:1e:7a:d3:0f:df:9e:61:ed:e7:66:dd:5d:cb:e8:4a:36:
af:17:70:94
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUSBxnV42Dc9gJCoZQeen8g1LmXZcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzIwMDAwMDAwWhcNMjMwMzIzMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMzlkZDg2ODViM2NjMDQwZmU4MWFiYTA1MDE2NzhjODQ2
MzkzNDcwYTlmY2UzNTU3OWZjZDhjZDg4Y2U4N2I4ZTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKRvF3PcPWmilBeZ/hzXUqswxZwsMbTheqJxcrhAdfyOtwlX/MFS
bkUmm5T4ZhS2qOa1A+xNTWTBjL++Z7Nih/13TxfKaY8tWz7fI6qVTNo9BMJmJlWB
AOHFzl7BHja4voQ+HBLcUV/MMzTYT224lwaE711j/9GYYFVsO8lkFp7jQvsH6fb0
/P7kW/G9jCwYQrE3DIb5MbCR/9ttgjar//JyHXcT699hOGQRapiQklEoyNw+DAGq
yUFpXxhf8ynMLg75QpGPTvxwzK4Wb732X6ygRQWiB9vXaXJjSQFdTN3mNgq5wIdf
uE1WLusxLDLkOFXgyxR40AoQvu5Z4+c0IW8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRQ65YHU8QJXF1Y7VzoYhWbEDhFFzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZTY4N2U2M2EtOTU2NS00ZDllLWE2OGEtOTg0YzVkYmUyYzA5LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHO5qGQN/8xtlkY0
lRToTDpImukXQ4gxCQueTCfhB63g5PHGjR3PCngSCdCpF+p4knu9LSQ15HyKtY9h
hFgm682FxPeP3Xd50b829gBpje5Y4f7WPSgj9TxQ1kGFy9VNmYgXmJqjwEZyYX7G
XcgHNt8cQRLUr//WR14Vw+JJ7LXjPSvHObHh2DLW+Zq7wg/SBey9MBStd3iKgfiI
kTpWSz5hbMKQ5ZQK/Y6kg4NnOdaS+/SF8/B+uXDsdYltxplYVxOe2G/RiXPXPa2P
SRuEqJdgsHLLWUtl1L9AI4m+JjPxBZvYkviEiWgPVxehHnrTD9+eYe3nZt1dy+hK
Nq8XcJQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:52 2023 by rpki-client on console-ams.rpki-client.org