Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/e8db14a1-4c0f-4da5-8162-571f37ce6ad8.roa
File: e8db14a1-4c0f-4da5-8162-571f37ce6ad8.roa (raw, json)
Hash identifier: WQsnKGo+eM2+k4c6T5uGl5qNKQp9W3zH7gFynNcVy+0=
Subject key identifier: D3:60:68:9F:23:F6:23:7C:12:8E:81:8D:37:C0:F5:2C:1E:F5:C6:6F
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 2437341975ED7E6C7CBD750FE864397FFD04E355
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/e8db14a1-4c0f-4da5-8162-571f37ce6ad8.roa
Signing time: Sun 05 Mar 2023 00:00:00 +0000
ROA not before: Sun 05 Mar 2023 00:00:00 +0000
ROA not after: Wed 08 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:37:34:19:75:ed:7e:6c:7c:bd:75:0f:e8:64:39:7f:fd:04:e3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 5 00:00:00 2023 GMT
Not After : Mar 8 23:59:59 2023 GMT
Subject: serialNumber=af238b141c77a6e2daf2c13c95df4786ec16eaf3653086a91efba8f8264c38a6, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:84:53:6b:93:73:7e:9f:10:d7:20:8c:16:8d:
d2:7f:3e:3b:3f:1a:04:2c:fc:bf:6b:05:58:30:ab:
be:b7:91:b1:e5:6b:0a:47:b7:c8:fe:ad:f5:de:33:
a9:0f:f3:36:50:57:a1:50:c7:a1:6d:8d:3c:07:ff:
ab:fa:e4:f8:8f:f4:54:1e:91:1e:bd:a6:73:7b:56:
d7:5f:3e:3b:73:9b:84:1b:55:58:dd:81:f0:f2:79:
97:f3:be:bf:13:2a:13:99:9e:98:ad:46:c6:5e:0f:
8b:58:32:15:57:37:f5:a0:84:07:4c:0a:39:e2:65:
6f:80:34:14:73:8b:7a:56:94:94:89:53:6f:0b:5c:
4e:44:59:a0:64:6a:0f:c9:e3:32:d2:41:33:81:12:
b3:61:e8:4f:64:20:64:13:14:1f:e3:51:21:26:a2:
1c:dd:60:a6:6f:43:d7:19:35:f4:13:79:64:36:5b:
92:6f:0f:49:67:aa:98:3a:ce:f5:00:d9:6a:df:22:
3f:cd:ed:2b:71:08:a4:bc:33:80:1e:39:fd:06:54:
95:b3:c3:de:f9:7d:1e:bb:51:35:27:f6:c3:a4:cd:
9c:5f:82:4c:f3:e7:0b:96:4e:ba:d9:15:07:1d:df:
bc:bf:11:bc:80:48:7d:4e:22:e1:6e:75:11:2b:97:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:60:68:9F:23:F6:23:7C:12:8E:81:8D:37:C0:F5:2C:1E:F5:C6:6F
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/e8db14a1-4c0f-4da5-8162-571f37ce6ad8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f9:d9:ab:73:cb:0d:04:a6:90:a3:7e:ff:a8:fc:c5:75:93:
f2:b0:9f:9e:e7:63:05:8c:61:ac:ac:97:6d:8c:50:88:bc:c2:
b1:80:84:5f:af:6f:dd:23:2e:21:f0:af:23:6f:84:9c:14:02:
00:94:22:0c:09:7c:28:3f:a7:db:73:01:a3:3b:5b:b6:6a:05:
f3:54:43:91:f0:cf:d0:89:d5:2f:ca:a5:9c:83:02:5d:79:8b:
8b:2b:6a:f8:73:a0:7b:ed:f2:a4:ba:45:77:04:b0:cc:d6:a9:
03:a9:08:69:43:3c:7a:f0:76:e4:a0:f2:96:24:d2:d7:12:07:
06:bc:05:6e:91:ee:c4:96:03:4e:33:9f:8c:6e:fd:0c:24:72:
46:7b:0d:b4:66:1e:4f:ab:dd:61:d7:77:19:25:15:78:1c:13:
fc:87:d8:f1:a6:c0:32:69:40:12:2c:2b:fe:94:4a:4a:ea:fb:
e6:3c:19:b4:41:fd:d8:85:cc:69:dd:8f:47:a9:9a:70:66:13:
80:cd:70:56:6a:64:4d:57:1c:85:3e:89:49:41:dd:b6:73:68:
c2:6e:bc:12:f1:09:33:74:e0:79:4d:5a:f2:e5:ae:1a:a0:5e:
c5:2e:b7:2c:d8:af:d4:53:18:41:ec:e3:f9:fd:16:57:5d:d8:
b0:57:4f:59
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUJDc0GXXtfmx8vXUP6GQ5f/0E41UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzA1MDAwMDAwWhcNMjMwMzA4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYWYyMzhiMTQxYzc3YTZlMmRhZjJjMTNjOTVkZjQ3ODZl
YzE2ZWFmMzY1MzA4NmE5MWVmYmE4ZjgyNjRjMzhhNjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAI+EU2uTc36fENcgjBaN0n8+Oz8aBCz8v2sFWDCrvreRseVrCke3
yP6t9d4zqQ/zNlBXoVDHoW2NPAf/q/rk+I/0VB6RHr2mc3tW118+O3ObhBtVWN2B
8PJ5l/O+vxMqE5memK1Gxl4Pi1gyFVc39aCEB0wKOeJlb4A0FHOLelaUlIlTbwtc
TkRZoGRqD8njMtJBM4ESs2HoT2QgZBMUH+NRISaiHN1gpm9D1xk19BN5ZDZbkm8P
SWeqmDrO9QDZat8iP83tK3EIpLwzgB45/QZUlbPD3vl9HrtRNSf2w6TNnF+CTPPn
C5ZOutkVBx3fvL8RvIBIfU4i4W51ESuXIBECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTTYGifI/YjfBKOgY03wPUsHvXGbzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZThkYjE0YTEtNGMwZi00ZGE1LTgxNjItNTcxZjM3Y2U2YWQ4LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFL52atzyw0EppCj
fv+o/MV1k/Kwn57nYwWMYaysl22MUIi8wrGAhF+vb90jLiHwryNvhJwUAgCUIgwJ
fCg/p9tzAaM7W7ZqBfNUQ5Hwz9CJ1S/KpZyDAl15i4sravhzoHvt8qS6RXcEsMzW
qQOpCGlDPHrwduSg8pYk0tcSBwa8BW6R7sSWA04zn4xu/QwkckZ7DbRmHk+r3WHX
dxklFXgcE/yH2PGmwDJpQBIsK/6USkrq++Y8GbRB/diFzGndj0epmnBmE4DNcFZq
ZE1XHIU+iUlB3bZzaMJuvBLxCTN04HlNWvLlrhqgXsUutyzYr9RTGEHs4/n9Fldd
2LBXT1k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:55 2023 by rpki-client on console-fra.rpki-client.org