Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/efc779f9-0694-429b-8e9f-63d492a09878.roa
File: efc779f9-0694-429b-8e9f-63d492a09878.roa (raw, json)
Hash identifier: nnYV0huu26vE7iaezANvufQKCnN/glEDZtNFizcgBN0=
Subject key identifier: 23:BB:05:6F:7A:71:C1:41:24:17:F7:F1:54:E0:64:89:30:3A:37:3F
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4C6408851DAE6F28CD2CE69988D25CDC4CAEBB71
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/efc779f9-0694-429b-8e9f-63d492a09878.roa
Signing time: Wed 08 Mar 2023 00:00:00 +0000
ROA not before: Wed 08 Mar 2023 00:00:00 +0000
ROA not after: Sat 11 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:64:08:85:1d:ae:6f:28:cd:2c:e6:99:88:d2:5c:dc:4c:ae:bb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 8 00:00:00 2023 GMT
Not After : Mar 11 23:59:59 2023 GMT
Subject: serialNumber=b86bac6abe98dc7e28f582a1b0b9ccd701e84fdbd2d93949e4271d2d4ca3ce78, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:bd:21:94:16:1a:42:7d:74:42:96:58:71:
be:eb:0a:38:96:d0:ba:37:26:86:4c:78:b4:87:51:
0a:91:48:c6:74:36:6b:35:12:82:88:dd:71:ae:fa:
3f:f0:94:23:6e:e0:e4:c6:4b:a8:6c:2f:53:1d:c7:
80:ac:0c:6b:4a:1d:16:2c:50:10:bf:58:cd:d1:b9:
3b:99:9f:fe:fd:fa:73:59:e7:b9:b2:b4:64:25:36:
80:ff:73:7c:46:3a:08:5b:43:0a:dd:9c:36:d4:dd:
9c:e9:5f:3a:2f:fa:01:73:af:31:a0:46:ac:ed:0b:
f5:46:d0:4e:4c:16:6a:e6:7c:da:c9:b7:e0:a9:34:
24:29:aa:19:21:28:bf:10:70:77:88:8a:75:55:3c:
d1:23:02:69:63:2f:5d:2d:76:c2:79:10:8f:7a:b1:
9f:7c:d0:17:bc:25:ca:ae:09:aa:f2:af:b2:66:eb:
05:c0:d5:0b:72:33:85:0b:03:9f:ef:ab:e7:2e:25:
e0:4d:26:b1:dd:7d:33:65:91:b2:13:ea:c1:8a:fc:
03:d1:24:85:a2:97:74:ee:a0:b8:52:67:bd:11:4e:
e0:de:33:70:0b:65:98:3f:f1:a0:35:dd:1d:70:b0:
29:62:b9:78:c6:d2:db:ce:14:ab:e3:6b:19:9b:66:
f8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BB:05:6F:7A:71:C1:41:24:17:F7:F1:54:E0:64:89:30:3A:37:3F
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/efc779f9-0694-429b-8e9f-63d492a09878.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
55:22:a5:fc:2a:d5:81:7f:c7:f9:50:8a:db:84:dc:83:cd:bd:
14:a4:97:d3:cc:4b:c0:69:a2:ee:61:72:9c:bb:b9:f1:95:04:
05:71:ae:a9:b8:a9:b8:9d:c3:6f:a5:df:d0:b4:58:d3:7c:21:
bd:13:da:df:ef:c3:24:53:38:d6:4a:bc:29:4b:43:69:c5:ea:
f6:ca:e0:df:98:87:30:40:be:82:2f:3a:00:e8:4d:d1:78:06:
ea:76:0d:a7:7f:a4:6f:c0:fa:a6:e7:52:e2:b4:6e:f9:2d:91:
b0:c0:ad:b3:29:a3:e5:af:77:e7:41:17:d9:6a:8a:de:79:95:
b1:96:c1:3c:46:97:79:1e:4d:3d:b2:2f:ce:03:86:11:f1:d8:
f8:96:13:43:ef:a6:42:a9:c7:ed:9d:70:12:c0:7d:02:54:16:
a3:3b:0e:0a:24:8e:03:fb:63:b2:ef:ea:dc:0e:86:bb:6e:d9:
9a:c5:6c:54:10:ce:12:69:d1:e7:73:f4:51:5d:dd:66:b9:a1:
cd:d2:15:07:42:81:51:f2:84:74:a1:7b:c1:1d:95:bd:fe:0f:
d5:c4:a0:2b:1e:9f:05:62:d6:1b:c9:4e:5e:36:bb:ca:dc:b8:
71:f6:97:da:e1:81:1d:a1:ff:15:0d:28:d6:be:d9:81:61:a0:
7f:d8:4b:de
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUTGQIhR2ubyjNLOaZiNJc3Eyuu3EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzA4MDAwMDAwWhcNMjMwMzExMjM1OTU5
WjCBpTFJMEcGA1UEBRNAYjg2YmFjNmFiZTk4ZGM3ZTI4ZjU4MmExYjBiOWNjZDcw
MWU4NGZkYmQyZDkzOTQ5ZTQyNzFkMmQ0Y2EzY2U3ODEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALlHvSGUFhpCfXRCllhxvusKOJbQujcmhkx4tIdRCpFIxnQ2azUS
gojdca76P/CUI27g5MZLqGwvUx3HgKwMa0odFixQEL9YzdG5O5mf/v36c1nnubK0
ZCU2gP9zfEY6CFtDCt2cNtTdnOlfOi/6AXOvMaBGrO0L9UbQTkwWauZ82sm34Kk0
JCmqGSEovxBwd4iKdVU80SMCaWMvXS12wnkQj3qxn3zQF7wlyq4JqvKvsmbrBcDV
C3IzhQsDn++r5y4l4E0msd19M2WRshPqwYr8A9EkhaKXdO6guFJnvRFO4N4zcAtl
mD/xoDXdHXCwKWK5eMbS284Uq+NrGZtm+KUCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQjuwVvenHBQSQX9/FU4GSJMDo3PzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZWZjNzc5ZjktMDY5NC00MjliLThlOWYtNjNkNDkyYTA5ODc4LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFUipfwq1YF/x/lQ
ituE3IPNvRSkl9PMS8Bpou5hcpy7ufGVBAVxrqm4qbidw2+l39C0WNN8Ib0T2t/v
wyRTONZKvClLQ2nF6vbK4N+YhzBAvoIvOgDoTdF4Bup2Dad/pG/A+qbnUuK0bvkt
kbDArbMpo+Wvd+dBF9lqit55lbGWwTxGl3keTT2yL84DhhHx2PiWE0PvpkKpx+2d
cBLAfQJUFqM7DgokjgP7Y7Lv6twOhrtu2ZrFbFQQzhJp0edz9FFd3Wa5oc3SFQdC
gVHyhHShe8Edlb3+D9XEoCsenwVi1hvJTl42u8rcuHH2l9rhgR2h/xUNKNa+2YFh
oH/YS94=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:52 2023 by rpki-client on console-ams.rpki-client.org