Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/f4229f05-0047-4ae1-9f49-b7c60d336476.roa
File: f4229f05-0047-4ae1-9f49-b7c60d336476.roa (raw, json)
Hash identifier: 3bRDucMeDVoDRzj459h8r6OGJDcWkXUzJS1c8iqFtMs=
Subject key identifier: 87:C4:91:97:93:94:05:C7:94:83:F1:15:03:6D:13:36:61:B6:6B:85
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 16E4920A8F6792B91410AF5791BC12EEFC435951
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/f4229f05-0047-4ae1-9f49-b7c60d336476.roa
Signing time: Fri 07 Apr 2023 00:00:00 +0000
ROA not before: Fri 07 Apr 2023 00:00:00 +0000
ROA not after: Mon 10 Apr 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e4:92:0a:8f:67:92:b9:14:10:af:57:91:bc:12:ee:fc:43:59:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Apr 7 00:00:00 2023 GMT
Not After : Apr 10 23:59:59 2023 GMT
Subject: serialNumber=78047319ce582ce7158183caed48179013772d3a266ea4281f0965a660d3d8c6, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:25:a7:52:ac:fe:05:e5:aa:d9:7a:34:1a:a6:
fe:9f:17:84:d0:68:97:f3:80:ea:cf:9a:56:e9:62:
4f:9b:f8:e4:e9:7c:90:39:db:06:2f:31:98:b1:b4:
24:40:3f:80:bd:30:0a:a2:d6:2b:03:c1:49:e2:ed:
39:2e:9b:2c:1e:dd:60:94:ef:c2:49:18:e4:56:5b:
69:fe:b6:12:32:03:06:b6:0d:25:a7:8e:b6:11:18:
43:68:5c:27:27:0e:e8:13:2f:9b:94:c4:09:78:8f:
94:82:59:d1:65:5c:75:74:66:58:d1:df:84:7e:97:
50:81:3b:88:bc:d4:79:b7:dd:ce:ec:67:88:42:6f:
de:a0:60:76:a1:aa:45:3f:9f:43:8d:81:73:7a:ec:
57:64:73:6c:b3:aa:4a:c6:df:4a:02:26:9b:55:9d:
65:ab:02:c1:84:c7:4d:58:1a:2e:81:a6:c6:7b:44:
23:4e:bc:85:e8:9b:11:4d:c1:de:a2:07:7c:c3:be:
f4:f4:84:6b:b9:2c:34:20:78:db:bc:48:5e:0c:2a:
da:5f:2e:71:29:3d:32:09:a0:f0:23:0c:26:6a:bd:
28:d6:c2:65:91:34:41:10:f4:9b:02:a6:48:40:2c:
0b:91:89:b2:42:3b:2d:34:d3:f3:a1:e4:87:e6:31:
37:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C4:91:97:93:94:05:C7:94:83:F1:15:03:6D:13:36:61:B6:6B:85
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/f4229f05-0047-4ae1-9f49-b7c60d336476.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
24:48:c4:8f:c4:3f:98:47:ed:72:36:4c:fa:63:e3:d0:41:03:
fa:f6:e5:8a:92:c4:f3:31:d9:7e:2d:e4:c0:eb:52:54:0d:6f:
1a:86:c8:f3:d4:fa:8b:d7:c3:ae:b3:19:ab:be:2c:e4:9e:aa:
62:d3:36:64:2f:42:2b:67:b7:b0:66:24:0c:ce:56:eb:ca:bb:
61:dc:ff:f4:6d:24:0f:e6:1c:e2:44:c2:55:1d:e8:a7:78:18:
14:ce:18:7b:26:28:e7:a4:5e:b6:a9:bb:d3:ed:0f:d8:2b:d8:
ec:59:7f:22:9d:6a:38:8f:0e:85:97:85:9b:4f:f7:85:16:5a:
ed:c5:17:23:9b:97:bf:54:0b:a1:3f:7e:6e:83:83:bd:ad:b3:
67:89:12:03:7c:29:5a:4a:25:88:56:cf:93:ea:98:2f:d7:d3:
23:ba:77:13:14:64:42:7e:19:6b:ed:09:d2:9f:74:72:2c:0d:
5d:b5:bb:6f:d7:ee:f5:9f:6a:f5:a3:41:40:0c:d2:fd:dc:3c:
0e:26:59:f2:6e:6b:06:61:54:c8:7d:5f:39:c1:52:78:ad:92:
b0:bf:0d:89:70:77:89:22:d2:ba:92:3b:69:c9:e4:69:31:7d:
0d:c2:31:04:ca:e9:8a:da:70:30:66:a7:57:fb:32:45:51:9d:
71:8d:59:fd
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUFuSSCo9nkrkUEK9XkbwS7vxDWVEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNDA3MDAwMDAwWhcNMjMwNDEwMjM1OTU5
WjCBpTFJMEcGA1UEBRNANzgwNDczMTljZTU4MmNlNzE1ODE4M2NhZWQ0ODE3OTAx
Mzc3MmQzYTI2NmVhNDI4MWYwOTY1YTY2MGQzZDhjNjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANAlp1Ks/gXlqtl6NBqm/p8XhNBol/OA6s+aVuliT5v45Ol8kDnb
Bi8xmLG0JEA/gL0wCqLWKwPBSeLtOS6bLB7dYJTvwkkY5FZbaf62EjIDBrYNJaeO
thEYQ2hcJycO6BMvm5TECXiPlIJZ0WVcdXRmWNHfhH6XUIE7iLzUebfdzuxniEJv
3qBgdqGqRT+fQ42Bc3rsV2RzbLOqSsbfSgImm1WdZasCwYTHTVgaLoGmxntEI068
heibEU3B3qIHfMO+9PSEa7ksNCB427xIXgwq2l8ucSk9Mgmg8CMMJmq9KNbCZZE0
QRD0mwKmSEAsC5GJskI7LTTT86Hkh+YxN/0CAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBSHxJGXk5QFx5SD8RUDbRM2YbZrhTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZjQyMjlmMDUtMDA0Ny00YWUxLTlmNDktYjdjNjBkMzM2NDc2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACRIxI/EP5hH7XI2
TPpj49BBA/r25YqSxPMx2X4t5MDrUlQNbxqGyPPU+ovXw66zGau+LOSeqmLTNmQv
Qitnt7BmJAzOVuvKu2Hc//RtJA/mHOJEwlUd6Kd4GBTOGHsmKOekXrapu9PtD9gr
2OxZfyKdajiPDoWXhZtP94UWWu3FFyObl79UC6E/fm6Dg72ts2eJEgN8KVpKJYhW
z5PqmC/X0yO6dxMUZEJ+GWvtCdKfdHIsDV21u2/X7vWfavWjQUAM0v3cPA4mWfJu
awZhVMh9XznBUnitkrC/DYlwd4ki0rqSO2nJ5GkxfQ3CMQTK6YracDBmp1f7MkVR
nXGNWf0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:53 2023 by rpki-client on console-ams.rpki-client.org