Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/02f9262c-b771-4298-b07e-bbf826ff45b8.roa
File: 02f9262c-b771-4298-b07e-bbf826ff45b8.roa (raw, json)
Hash identifier: 8PnD4RS+sRBPrtKT0zwJ3gxLSjtCNcvdNe4OdLNugeM=
Subject key identifier: 92:A0:5A:11:CD:83:0F:F3:D1:78:7C:B1:70:98:87:1B:DC:41:EE:1C
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4B82853D759181DA21341A596FA5079A8E7A1D49
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/02f9262c-b771-4298-b07e-bbf826ff45b8.roa
Signing time: Sat 25 May 2024 00:00:00 +0000
ROA not before: Sat 25 May 2024 00:00:00 +0000
ROA not after: Sat 29 Jun 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:82:85:3d:75:91:81:da:21:34:1a:59:6f:a5:07:9a:8e:7a:1d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: May 25 00:00:00 2024 GMT
Not After : Jun 29 23:59:59 2024 GMT
Subject: serialNumber=186a10c69eab0593a778d274441a67c482b591344e097620e1d6d02b245dd821, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:05:a8:3f:0e:35:c5:c5:a2:bf:9f:c6:ff:2b:
b6:b3:ea:2f:12:d5:63:dc:b4:01:fd:d9:af:1c:0f:
97:13:6b:1d:9c:79:0d:92:28:3b:eb:34:0a:7c:40:
c4:ad:c8:a7:db:45:05:d1:28:9d:d0:52:11:8b:57:
9c:71:e3:22:02:5b:7d:39:a3:05:21:31:fe:f6:39:
93:47:dc:01:f1:66:55:f0:89:a1:2f:d4:06:09:d0:
d7:ea:df:09:c0:e6:ce:9a:1a:21:5f:13:cb:17:ab:
a8:c0:e6:c3:51:1d:d3:01:62:dc:7b:f0:cb:c5:00:
51:5d:6c:84:2a:7f:af:2e:32:3a:c8:7f:7a:51:06:
11:e6:74:67:66:80:cc:b1:4d:98:39:24:68:92:a9:
a9:b5:65:ba:39:a9:db:f4:55:fc:e7:42:23:85:19:
3a:86:b2:78:40:7c:ef:80:26:7f:c7:b4:8b:15:0c:
b9:6d:fc:e8:10:ac:dd:3c:5f:d8:5a:ab:00:d9:2d:
97:93:73:67:7c:ba:dd:46:8f:1f:28:f5:db:52:f2:
26:4d:d2:4a:cd:2e:b7:83:32:d6:62:2d:59:57:84:
d0:54:d4:2c:3b:c7:1a:72:7d:8b:b6:c4:1e:c4:fb:
f0:c5:60:95:27:8e:6e:6d:08:f9:bc:a7:f2:e1:b3:
71:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A0:5A:11:CD:83:0F:F3:D1:78:7C:B1:70:98:87:1B:DC:41:EE:1C
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/02f9262c-b771-4298-b07e-bbf826ff45b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:cb:59:fd:bf:2b:54:19:35:5c:9e:d6:b3:46:d6:08:e8:ad:
f1:1b:ba:49:e2:08:d9:7a:91:dd:3e:1b:72:45:8f:1e:d0:b8:
11:bf:6b:a7:4e:e4:5b:33:de:a9:2a:36:99:ea:ec:b0:33:11:
e7:eb:0b:fa:c8:a1:21:e5:e1:72:0b:f7:2f:b9:5b:3e:ab:7a:
54:fd:47:ae:0f:ad:df:73:41:62:02:02:ab:d3:7e:c9:c2:d8:
51:77:1d:8a:b9:c0:02:bd:46:fe:80:50:4e:df:f4:b7:f3:63:
a2:93:e0:a7:17:c0:97:f6:70:86:c1:df:f7:ad:ef:1c:a7:43:
b5:15:f7:35:5b:97:b6:a5:7b:d4:9b:cc:e3:1f:f0:1f:6c:47:
1f:6c:23:23:8c:1d:17:5e:81:bf:7b:51:f0:6f:90:95:24:5d:
27:5d:67:90:46:08:f9:ee:66:be:3d:d3:09:ac:3d:94:52:cf:
d4:56:d7:44:73:cf:29:2e:38:2c:aa:80:37:1b:de:a9:a2:a9:
49:15:e2:0d:92:66:ef:23:86:86:57:7b:ad:01:10:aa:a0:0c:
14:f4:f6:12:51:0c:0d:23:ea:1d:2a:a7:9d:08:52:4c:90:8d:
8d:4b:b8:65:b3:2f:77:8a:28:fb:bb:e6:25:33:70:2f:8d:5c:
ab:31:51:bc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS4KFPXWRgdohNBpZb6UHmo56HUkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTI1MDAwMDAwWhcNMjQwNjI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxODZhMTBjNjllYWIwNTkzYTc3OGQyNzQ0NDFhNjdjNDgy
YjU5MTM0NGUwOTc2MjBlMWQ2ZDAyYjI0NWRkODIxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbBag/DjXFxaK/n8b/K7az6i8S1WPctAH92a8cD5cTax2c
eQ2SKDvrNAp8QMStyKfbRQXRKJ3QUhGLV5xx4yICW305owUhMf72OZNH3AHxZlXw
iaEv1AYJ0Nfq3wnA5s6aGiFfE8sXq6jA5sNRHdMBYtx78MvFAFFdbIQqf68uMjrI
f3pRBhHmdGdmgMyxTZg5JGiSqam1Zbo5qdv0VfznQiOFGTqGsnhAfO+AJn/HtIsV
DLlt/OgQrN08X9haqwDZLZeTc2d8ut1Gjx8o9dtS8iZN0krNLreDMtZiLVlXhNBU
1Cw7xxpyfYu2xB7E+/DFYJUnjm5tCPm8p/Lhs3HJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkqBaEc2DD/PReHyxcJiHG9xB7hwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzAyZjkyNjJjLWI3NzEtNDI5OC1iMDdlLWJiZjgyNmZmNDViOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA/LWf2/K1QZNVye1rNG1gjorfEb
ukniCNl6kd0+G3JFjx7QuBG/a6dO5Fsz3qkqNpnq7LAzEefrC/rIoSHl4XIL9y+5
Wz6relT9R64Prd9zQWICAqvTfsnC2FF3HYq5wAK9Rv6AUE7f9LfzY6KT4KcXwJf2
cIbB3/et7xynQ7UV9zVbl7ale9SbzOMf8B9sRx9sIyOMHRdegb97UfBvkJUkXSdd
Z5BGCPnuZr490wmsPZRSz9RW10RzzykuOCyqgDcb3qmiqUkV4g2SZu8jhoZXe60B
EKqgDBT09hJRDA0j6h0qp50IUkyQjY1LuGWzL3eKKPu75iUzcC+NXKsxUbw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:51:26 2025 by rpki-client