Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/faf9d4a8-7b5d-483c-9425-cb919b56d055.roa
File: faf9d4a8-7b5d-483c-9425-cb919b56d055.roa (raw, json)
Hash identifier: u1ST/zkUHLUW75QLqKskZy8N8120/oe59xrJFmre8tw=
Subject key identifier: 51:4E:21:8C:4B:37:37:DF:50:75:59:EF:79:B3:41:41:E0:90:F2:BC
Certificate issuer: /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial: 33D6A49465E2C400233C6997DD9D9FA52DB29ACD
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/faf9d4a8-7b5d-483c-9425-cb919b56d055.roa
Signing time: Thu 09 Mar 2023 00:00:00 +0000
ROA not before: Thu 09 Mar 2023 00:00:00 +0000
ROA not after: Sun 12 Mar 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d6:a4:94:65:e2:c4:00:23:3c:69:97:dd:9d:9f:a5:2d:b2:9a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Validity
Not Before: Mar 9 00:00:00 2023 GMT
Not After : Mar 12 23:59:59 2023 GMT
Subject: serialNumber=475f49dbc760597fd476852b0a69a5c7a4166421cbf680534e197b11fe0e6616, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:80:29:a7:86:09:e6:82:8a:c9:1b:47:d5:2a:
4a:60:25:a7:53:36:72:fa:25:dd:f9:e2:b1:0b:a5:
36:50:80:b4:f0:9a:a3:51:c0:01:64:b3:77:4f:3f:
aa:7a:58:05:0b:e9:d5:21:9e:c4:da:91:1c:8e:b3:
02:61:69:02:45:b3:6f:64:35:ba:99:21:e1:1b:a4:
61:81:be:8f:74:5a:b9:dc:00:99:7a:98:49:e7:b6:
56:53:1b:fd:3e:77:f4:7e:fb:64:82:b8:fc:b8:75:
41:e5:1f:66:61:69:87:d6:77:11:cb:cd:ad:2b:3d:
85:3f:55:a1:34:53:2b:54:f0:b0:53:ca:22:f7:27:
69:e3:67:3e:e9:42:7a:1f:96:61:14:dc:0b:09:cd:
bd:6f:ac:9c:fc:fb:61:97:ff:54:f7:5a:3b:b7:e7:
ff:95:85:1c:68:c1:ff:65:42:33:a0:cd:93:16:23:
a9:73:39:4b:a9:37:d2:67:ac:31:fd:f5:aa:b9:0a:
03:24:43:a5:76:7a:af:1c:9c:7a:90:a3:a5:02:aa:
30:2c:9b:7f:06:bf:74:bd:54:1d:e8:46:f2:b4:f3:
a1:fa:b5:12:8b:13:a4:c0:cf:47:27:08:66:b5:1f:
9a:61:a6:78:f7:26:90:ce:a6:d5:2d:30:8c:28:5b:
c7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:4E:21:8C:4B:37:37:DF:50:75:59:EF:79:B3:41:41:E0:90:F2:BC
X509v3 Authority Key Identifier:
keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/faf9d4a8-7b5d-483c-9425-cb919b56d055.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:01:3e:c9:85:9d:5a:a2:6c:67:93:3c:af:a1:2a:d8:e5:db:
26:0e:73:a3:f0:01:22:b1:12:f3:a6:7a:e6:ef:ec:b0:af:15:
cb:4b:40:2f:46:c8:7e:60:1b:3e:82:51:83:b5:bf:cc:9c:1a:
8b:c4:b4:76:31:2d:da:08:62:32:72:cc:41:ab:94:e4:1d:25:
e8:30:e2:d3:63:8d:51:b4:23:3f:cf:46:25:3a:d1:d9:d6:bf:
19:34:2c:a6:70:44:2e:64:68:26:14:a3:b1:87:8a:62:3f:16:
51:66:eb:e5:05:c8:ab:1d:9d:2a:a6:72:d5:ff:f6:bb:3a:6a:
6c:19:96:59:09:1a:6c:67:b0:5b:30:70:77:c8:27:8c:07:c5:
c3:ff:c8:bf:09:5e:ce:08:bf:62:40:9b:ab:79:ca:36:f1:60:
b7:be:e8:9d:50:da:7c:25:77:fc:88:1c:f6:71:02:2c:78:02:
df:5a:ba:4c:6d:65:9c:33:49:9b:21:70:2e:11:97:42:37:f2:
85:a3:82:69:4d:f5:22:5d:2c:e9:0e:1e:e2:b3:d4:e3:32:db:
5d:7f:82:c2:20:32:df:85:b9:a8:79:b5:e9:e2:3d:e4:3b:a8:
e8:cb:fd:60:ea:ae:da:ab:3d:18:f0:1e:d2:0e:6e:27:49:cc:
f1:0b:e2:95
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUM9aklGXixAAjPGmX3Z2fpS2yms0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwMzA5MDAwMDAwWhcNMjMwMzEyMjM1OTU5
WjCBpTFJMEcGA1UEBRNANDc1ZjQ5ZGJjNzYwNTk3ZmQ0NzY4NTJiMGE2OWE1Yzdh
NDE2NjQyMWNiZjY4MDUzNGUxOTdiMTFmZTBlNjYxNjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL2AKaeGCeaCiskbR9UqSmAlp1M2cvol3fnisQulNlCAtPCao1HA
AWSzd08/qnpYBQvp1SGexNqRHI6zAmFpAkWzb2Q1upkh4RukYYG+j3RaudwAmXqY
See2VlMb/T539H77ZIK4/Lh1QeUfZmFph9Z3EcvNrSs9hT9VoTRTK1TwsFPKIvcn
aeNnPulCeh+WYRTcCwnNvW+snPz7YZf/VPdaO7fn/5WFHGjB/2VCM6DNkxYjqXM5
S6k30mesMf31qrkKAyRDpXZ6rxycepCjpQKqMCybfwa/dL1UHehG8rTzofq1EosT
pMDPRycIZrUfmmGmePcmkM6m1S0wjChbxycCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRRTiGMSzc331B1We95s0FB4JDyvDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZmFmOWQ0YTgtN2I1ZC00ODNjLTk0MjUtY2I5MTliNTZkMDU1LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKEBPsmFnVqibGeT
PK+hKtjl2yYOc6PwASKxEvOmeubv7LCvFctLQC9GyH5gGz6CUYO1v8ycGovEtHYx
LdoIYjJyzEGrlOQdJegw4tNjjVG0Iz/PRiU60dnWvxk0LKZwRC5kaCYUo7GHimI/
FlFm6+UFyKsdnSqmctX/9rs6amwZllkJGmxnsFswcHfIJ4wHxcP/yL8JXs4Iv2JA
m6t5yjbxYLe+6J1Q2nwld/yIHPZxAix4At9aukxtZZwzSZshcC4Rl0I38oWjgmlN
9SJdLOkOHuKz1OMy211/gsIgMt+Fuah5teniPeQ7qOjL/WDqrtqrPRjwHtIObidJ
zPEL4pU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:53 2023 by rpki-client on console-ams.rpki-client.org