Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06b3a4b5-9c31-420a-a353-3becf63a4c00.roa
File: 06b3a4b5-9c31-420a-a353-3becf63a4c00.roa (raw, json)
Hash identifier: FHwlQpc3letM7kFO49pjiafTi4vN2k5Nx5O2U+x6z0M=
Subject key identifier: 7D:C7:99:F5:DA:9E:33:49:A2:E7:DF:E2:34:1B:14:0A:BE:9F:5B:92
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4C07C7CC00B7F98701A287560E0B7A8A33BE513F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06b3a4b5-9c31-420a-a353-3becf63a4c00.roa
Signing time: Mon 29 Jul 2024 00:00:00 +0000
ROA not before: Mon 29 Jul 2024 00:00:00 +0000
ROA not after: Mon 02 Sep 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:07:c7:cc:00:b7:f9:87:01:a2:87:56:0e:0b:7a:8a:33:be:51:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 29 00:00:00 2024 GMT
Not After : Sep 2 23:59:59 2024 GMT
Subject: serialNumber=2c876a2e8b0fb260298f427f1e9cf600b699c70ac248a791699ca67f0210328d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3b:08:24:d9:e6:92:2c:05:70:2e:70:b5:1a:
74:4a:da:14:6d:f2:c7:6a:16:83:60:ff:4c:d5:e9:
ec:9d:30:64:e8:a7:58:8e:da:a9:95:e6:c7:12:3b:
0d:3f:bd:b5:e0:80:95:bd:be:bd:94:88:48:f4:c0:
b8:db:63:e5:3e:64:c2:3c:45:f6:6d:d8:49:65:d2:
2c:a2:02:7c:18:ff:8a:15:52:9c:b4:d7:60:a8:10:
f1:64:03:0d:5e:bf:b7:36:10:ee:88:62:b2:8e:25:
35:15:a8:1b:69:02:32:71:c4:c3:47:9b:8a:78:8c:
4d:7c:cd:cc:e4:77:58:93:fd:30:93:84:22:f1:ff:
ee:80:a8:9a:f5:e9:53:7b:ee:a1:17:41:ad:9a:97:
89:4b:1c:01:e2:a6:5c:82:de:8e:2a:1e:11:3e:1c:
60:08:02:41:c4:1f:7b:48:44:ea:f6:2d:7e:cd:53:
c2:59:63:9f:55:72:65:1a:e6:dc:23:15:70:c4:90:
97:12:e8:7b:85:bc:a2:21:85:e7:df:a0:ff:fc:b6:
89:b8:12:24:22:f1:cb:31:77:ac:68:a7:b0:a3:39:
e8:62:e2:3a:c8:fc:b2:be:32:50:76:ae:70:ab:e3:
e7:f2:0c:de:fd:ed:fe:da:29:35:6d:5f:88:4c:53:
f0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C7:99:F5:DA:9E:33:49:A2:E7:DF:E2:34:1B:14:0A:BE:9F:5B:92
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06b3a4b5-9c31-420a-a353-3becf63a4c00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:33:94:0d:00:4e:09:b7:49:f6:2e:88:5c:5b:93:ac:fa:86:
62:72:5b:a8:1f:2d:9d:d1:39:ea:ba:cd:10:1f:33:41:f4:d9:
09:80:97:49:0a:c4:11:e5:19:1a:3b:19:ce:7e:48:97:d6:aa:
19:00:92:2b:fc:7f:40:5b:a7:dc:3e:df:a6:50:33:5a:e4:4b:
31:0f:74:90:5c:6e:73:61:74:1e:89:00:7f:df:c7:8f:d5:39:
12:27:bd:7b:f3:63:41:43:aa:36:8e:1d:b0:85:c1:16:46:92:
c0:a3:ae:d2:ff:57:4c:d8:a9:4b:f5:a1:0f:57:01:b7:c8:37:
5d:f1:23:83:ab:5d:f4:84:75:f8:d3:9c:5f:53:92:a0:18:28:
00:69:c8:67:ef:54:a1:fa:2d:37:26:48:e7:a7:d1:d8:f5:97:
04:5b:eb:a7:88:f2:35:12:48:d3:07:7f:09:85:41:53:71:e8:
db:7d:a6:82:92:70:21:e6:0a:9e:09:eb:79:2f:f8:5c:5a:a2:
06:02:fc:c2:e6:0f:cb:15:aa:6c:24:7b:5c:53:8b:5e:da:46:
15:df:e4:06:9d:1e:66:6f:be:60:be:1f:a2:69:ea:ae:ab:1e:
cd:2c:cf:42:47:8c:36:ad:b8:8c:06:c8:39:46:4c:6d:77:16:
a4:10:a8:24
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTAfHzAC3+YcBoodWDgt6ijO+UT8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzI5MDAwMDAwWhcNMjQwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYzg3NmEyZThiMGZiMjYwMjk4ZjQyN2YxZTljZjYwMGI2
OTljNzBhYzI0OGE3OTE2OTljYTY3ZjAyMTAzMjhkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdOwgk2eaSLAVwLnC1GnRK2hRt8sdqFoNg/0zV6eydMGTo
p1iO2qmV5scSOw0/vbXggJW9vr2UiEj0wLjbY+U+ZMI8RfZt2Ell0iyiAnwY/4oV
Upy012CoEPFkAw1ev7c2EO6IYrKOJTUVqBtpAjJxxMNHm4p4jE18zczkd1iT/TCT
hCLx/+6AqJr16VN77qEXQa2al4lLHAHiplyC3o4qHhE+HGAIAkHEH3tIROr2LX7N
U8JZY59VcmUa5twjFXDEkJcS6HuFvKIhheffoP/8tom4EiQi8csxd6xop7CjOehi
4jrI/LK+MlB2rnCr4+fyDN797f7aKTVtX4hMU/AtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfceZ9dqeM0mi59/iNBsUCr6fW5IwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA2YjNhNGI1LTljMzEtNDIwYS1hMzUzLTNiZWNmNjNhNGMwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABszlA0ATgm3SfYuiFxbk6z6hmJy
W6gfLZ3ROeq6zRAfM0H02QmAl0kKxBHlGRo7Gc5+SJfWqhkAkiv8f0Bbp9w+36ZQ
M1rkSzEPdJBcbnNhdB6JAH/fx4/VORInvXvzY0FDqjaOHbCFwRZGksCjrtL/V0zY
qUv1oQ9XAbfIN13xI4OrXfSEdfjTnF9TkqAYKABpyGfvVKH6LTcmSOen0dj1lwRb
66eI8jUSSNMHfwmFQVNx6Nt9poKScCHmCp4J63kv+FxaogYC/MLmD8sVqmwke1xT
i17aRhXf5AadHmZvvmC+H6Jp6q6rHs0sz0JHjDatuIwGyDlGTG13FqQQqCQ=
-----END CERTIFICATE-----
Generated at Mon Jun 16 17:43:06 2025 by rpki-client