Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/f09ef98f-960b-4e21-8b21-5d0dd862bcc1.roa
File: f09ef98f-960b-4e21-8b21-5d0dd862bcc1.roa (raw, json)
Hash identifier: w4Qrq8I/ZFm9a7cNeTSZXTMauZJ74reDV76fMy+OM6Q=
Subject key identifier: CD:56:B3:31:09:2C:9A:21:74:6A:43:06:87:32:43:87:6B:90:34:56
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 4EB166CB95BAA69F04BCB75ECF43AD492CA7FEC4
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/f09ef98f-960b-4e21-8b21-5d0dd862bcc1.roa
Signing time: Wed 31 May 2023 00:00:00 +0000
ROA not before: Wed 31 May 2023 00:00:00 +0000
ROA not after: Sat 03 Jun 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:b1:66:cb:95:ba:a6:9f:04:bc:b7:5e:cf:43:ad:49:2c:a7:fe:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: May 31 00:00:00 2023 GMT
Not After : Jun 3 23:59:59 2023 GMT
Subject: serialNumber=36bb9c4ccac23726cbf1e7cc319093b0963917c59443c8d360efee321d0e4466, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5e:23:15:97:2a:4c:56:c8:05:69:be:ff:f0:
93:03:33:c8:bc:95:eb:0a:c9:e7:c9:41:69:6f:26:
8c:79:a1:95:3c:53:68:d9:7a:03:97:32:43:ed:75:
88:b0:99:ed:63:a6:53:65:12:80:c5:1a:87:54:99:
4d:3c:92:f9:e7:95:57:ba:49:52:22:80:10:2f:72:
82:a1:b9:c2:e2:19:ab:ae:52:30:de:2a:50:56:36:
dd:fe:f5:0f:f8:6b:eb:71:52:bf:c6:dc:89:81:ed:
28:fa:49:f1:97:e1:5c:20:f7:31:5e:77:04:f8:e9:
f8:ea:1c:48:86:f4:e0:a1:c6:4e:a9:6c:68:f6:8a:
1a:9a:ab:8a:65:95:c5:81:81:2e:90:ba:29:31:58:
9e:7d:4f:1e:5f:6f:f7:74:11:0e:ce:35:af:9e:8f:
90:e2:9c:11:0c:17:fa:e8:ac:38:61:32:89:ca:ba:
72:84:5a:6e:6c:b9:8b:f4:60:b2:c9:3a:3d:47:be:
95:ff:24:c0:bf:8b:af:89:28:be:3a:83:87:09:97:
28:8c:ca:07:16:ec:03:fa:91:f4:34:b7:ea:4f:34:
8a:d5:46:a4:42:5d:41:2d:a1:42:e9:76:03:0e:e3:
d9:3a:cd:65:70:f0:42:bd:15:26:7a:db:a7:60:62:
04:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:56:B3:31:09:2C:9A:21:74:6A:43:06:87:32:43:87:6B:90:34:56
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/f09ef98f-960b-4e21-8b21-5d0dd862bcc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:5c:b9:64:cc:05:60:3f:ae:73:fc:51:85:f2:58:a7:4c:a6:
9f:04:d4:26:84:43:ec:0e:5b:9f:1a:ec:71:d3:e4:fa:0e:b5:
89:5d:42:87:17:c4:ef:d4:f4:e3:ec:4a:fe:8c:6d:bb:a1:26:
98:6e:eb:7e:2e:db:6d:3d:87:f1:fe:99:43:4c:05:e4:78:3e:
38:1b:a6:4e:bb:b6:e4:c2:b9:83:38:4c:f0:60:bf:c8:1a:b0:
a5:9f:74:f0:05:78:80:e7:46:a8:3f:7d:4d:3b:b0:56:79:93:
6c:2c:ba:9d:01:f0:2e:c3:a4:a5:06:66:77:7b:da:55:c8:e6:
f7:aa:0c:28:1f:de:2b:56:69:12:24:9c:60:42:9d:44:86:c8:
c9:d0:5e:aa:4d:11:60:95:be:fe:90:64:31:6e:f8:ce:df:f6:
8e:2b:80:eb:71:d1:e4:6a:14:cf:de:c0:ca:5f:a3:c6:10:d2:
3d:fe:c3:e4:50:6f:62:16:67:c1:30:cc:9b:9f:d7:ef:9b:83:
28:67:65:f1:ff:85:d6:d0:14:5f:f9:be:8b:62:85:ba:12:99:
d1:28:29:b8:6d:d4:40:de:49:4c:bd:1d:8f:2b:d0:e3:40:19:
df:55:35:ee:5d:79:0f:7b:15:18:ab:6c:f9:ac:89:66:e7:70:
60:d4:61:f8
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUTrFmy5W6pp8EvLdez0OtSSyn/sQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNTMxMDAwMDAwWhcNMjMwNjAzMjM1OTU5
WjCBpTFJMEcGA1UEBRNAMzZiYjljNGNjYWMyMzcyNmNiZjFlN2NjMzE5MDkzYjA5
NjM5MTdjNTk0NDNjOGQzNjBlZmVlMzIxZDBlNDQ2NjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM5eIxWXKkxWyAVpvv/wkwMzyLyV6wrJ58lBaW8mjHmhlTxTaNl6
A5cyQ+11iLCZ7WOmU2USgMUah1SZTTyS+eeVV7pJUiKAEC9ygqG5wuIZq65SMN4q
UFY23f71D/hr63FSv8bciYHtKPpJ8ZfhXCD3MV53BPjp+OocSIb04KHGTqlsaPaK
GpqrimWVxYGBLpC6KTFYnn1PHl9v93QRDs41r56PkOKcEQwX+uisOGEyicq6coRa
bmy5i/Rgssk6PUe+lf8kwL+Lr4kovjqDhwmXKIzKBxbsA/qR9DS36k80itVGpEJd
QS2hQul2Aw7j2TrNZXDwQr0VJnrbp2BiBA8CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTNVrMxCSyaIXRqQwaHMkOHa5A0VjAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZjA5ZWY5OGYtOTYwYi00ZTIxLThiMjEtNWQwZGQ4NjJiY2MxLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD1cuWTMBWA/rnP8
UYXyWKdMpp8E1CaEQ+wOW58a7HHT5PoOtYldQocXxO/U9OPsSv6MbbuhJphu634u
2209h/H+mUNMBeR4Pjgbpk67tuTCuYM4TPBgv8gasKWfdPAFeIDnRqg/fU07sFZ5
k2wsup0B8C7DpKUGZnd72lXI5veqDCgf3itWaRIknGBCnUSGyMnQXqpNEWCVvv6Q
ZDFu+M7f9o4rgOtx0eRqFM/ewMpfo8YQ0j3+w+RQb2IWZ8EwzJuf1++bgyhnZfH/
hdbQFF/5votihboSmdEoKbht1EDeSUy9HY8r0ONAGd9VNe5deQ97FRirbPmsiWbn
cGDUYfg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:55 2023 by rpki-client on console-fra.rpki-client.org