Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0375aee3-105e-4e3c-9494-536dfd15400e.roa
File: 0375aee3-105e-4e3c-9494-536dfd15400e.roa (raw, json)
Hash identifier: k8H+PIw55BAbDwybUqCruB3lRPrMH0c9B+TvVIONtv8=
Subject key identifier: EB:55:E0:28:82:67:19:71:5D:C4:01:D7:56:82:41:73:E6:58:9A:7F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0C1E99A23186AEFBF588F3D782C9EAB4551D7849
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0375aee3-105e-4e3c-9494-536dfd15400e.roa
Signing time: Wed 10 Jul 2024 00:00:00 +0000
ROA not before: Wed 10 Jul 2024 00:00:00 +0000
ROA not after: Wed 14 Aug 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:1e:99:a2:31:86:ae:fb:f5:88:f3:d7:82:c9:ea:b4:55:1d:78:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 10 00:00:00 2024 GMT
Not After : Aug 14 23:59:59 2024 GMT
Subject: serialNumber=8c582c2312f6638e52ed7ef901eb87a0b834749ced902a89042ec920956700a9, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:18:61:0d:fc:6d:53:51:23:79:b9:db:7a:e4:
80:ec:06:61:87:4e:90:fd:9f:ba:72:0d:1a:fe:2e:
63:97:67:10:23:90:68:1c:ef:49:29:64:e7:47:fd:
cd:73:18:4f:94:32:0a:49:f8:a5:fd:8f:48:6a:f5:
3c:c6:db:a3:eb:5d:95:0b:47:65:93:8e:9e:e6:01:
bf:ee:94:35:41:42:fa:d0:ba:cb:b2:0c:3e:00:25:
ec:1b:8d:85:19:04:39:f8:20:d8:6f:fa:17:96:e9:
14:87:ca:9f:60:9c:d9:01:a1:89:99:66:53:b8:3b:
a6:21:5f:c6:1d:5a:2d:d9:07:a8:3e:41:65:5e:b1:
61:87:67:5c:4a:04:c7:56:e4:16:9a:ca:bb:8a:cd:
49:d0:4d:fc:52:ac:d6:c4:be:eb:b5:65:28:5c:13:
ab:ea:ce:45:b6:47:a3:eb:4c:35:e1:e2:5d:5f:8c:
50:2e:86:66:a1:e9:92:67:e4:99:33:00:b4:89:fd:
d5:2c:53:a8:70:e8:ea:51:03:86:a8:2b:c1:50:0c:
41:d7:39:a3:c9:48:6a:8b:6d:5f:30:7e:2b:98:2e:
dc:99:34:a1:b2:d1:82:03:d2:37:04:85:13:7c:05:
c3:a9:64:ea:b9:6b:6f:b4:3d:8a:e9:9b:f1:fa:e6:
53:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:55:E0:28:82:67:19:71:5D:C4:01:D7:56:82:41:73:E6:58:9A:7F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0375aee3-105e-4e3c-9494-536dfd15400e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b7:d1:b2:60:e5:98:dd:ad:2d:80:e9:de:39:76:97:17:72:
fc:ae:cf:2d:0e:e1:1b:c2:41:6a:c2:fc:cf:59:14:f3:fa:7b:
c3:97:3d:a7:9d:d2:63:5e:f9:14:d7:f2:f1:8b:47:39:5a:8d:
a4:2f:66:ff:cd:98:77:93:5a:1c:5e:1c:11:17:7a:f1:a7:3d:
1f:e1:0d:cd:ab:ac:23:bf:52:07:43:42:a9:ac:b3:db:05:00:
16:1d:59:36:b8:65:2a:c9:cb:ac:90:31:4a:37:5f:c9:87:f9:
0d:2a:06:6f:a5:b2:59:85:31:98:8f:ee:31:0a:46:a1:3d:c4:
7e:49:57:fc:4d:36:36:5e:1d:87:a1:0b:1c:95:68:55:b0:fc:
2b:7f:be:2d:56:0d:1e:38:57:f0:01:60:96:46:3d:a6:0b:4e:
10:18:f8:ab:68:59:4e:be:a2:5d:83:7e:38:bf:81:6f:3d:91:
11:0f:7a:c6:f6:a4:d9:35:be:a0:d2:6b:c7:b7:06:92:3a:98:
69:b5:e6:63:14:53:05:da:17:9a:ff:c5:14:92:68:20:72:f5:
fe:a4:a0:a6:77:bd:44:88:d7:a4:c2:4c:0a:ed:41:1a:30:62:
ce:51:fa:7e:22:80:65:64:c6:b5:45:17:0a:ee:01:a6:0c:a0:
03:51:42:6b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDB6ZojGGrvv1iPPXgsnqtFUdeEkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzEwMDAwMDAwWhcNMjQwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzU4MmMyMzEyZjY2MzhlNTJlZDdlZjkwMWViODdhMGI4
MzQ3NDljZWQ5MDJhODkwNDJlYzkyMDk1NjcwMGE5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRGGEN/G1TUSN5udt65IDsBmGHTpD9n7pyDRr+LmOXZxAj
kGgc70kpZOdH/c1zGE+UMgpJ+KX9j0hq9TzG26PrXZULR2WTjp7mAb/ulDVBQvrQ
usuyDD4AJewbjYUZBDn4INhv+heW6RSHyp9gnNkBoYmZZlO4O6YhX8YdWi3ZB6g+
QWVesWGHZ1xKBMdW5BaayruKzUnQTfxSrNbEvuu1ZShcE6vqzkW2R6PrTDXh4l1f
jFAuhmah6ZJn5JkzALSJ/dUsU6hw6OpRA4aoK8FQDEHXOaPJSGqLbV8wfiuYLtyZ
NKGy0YID0jcEhRN8BcOpZOq5a2+0PYrpm/H65lOtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU61XgKIJnGXFdxAHXVoJBc+ZYmn8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzAzNzVhZWUzLTEwNWUtNGUzYy05NDk0LTUzNmRmZDE1NDAwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHS30bJg5ZjdrS2A6d45dpcXcvyu
zy0O4RvCQWrC/M9ZFPP6e8OXPaed0mNe+RTX8vGLRzlajaQvZv/NmHeTWhxeHBEX
evGnPR/hDc2rrCO/UgdDQqmss9sFABYdWTa4ZSrJy6yQMUo3X8mH+Q0qBm+lslmF
MZiP7jEKRqE9xH5JV/xNNjZeHYehCxyVaFWw/Ct/vi1WDR44V/ABYJZGPaYLThAY
+KtoWU6+ol2Dfji/gW89kREPesb2pNk1vqDSa8e3BpI6mGm15mMUUwXaF5r/xRSS
aCBy9f6koKZ3vUSI16TCTArtQRowYs5R+n4igGVkxrVFFwruAaYMoANRQms=
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:08:34 2025 by rpki-client