Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/092d34c9-c699-44e4-b183-79623cb486ff.roa
File: 092d34c9-c699-44e4-b183-79623cb486ff.roa (raw, json)
Hash identifier: tXLjayhCRzTedWFMdv6OVAhqT6O82aAHupQo74cmNy8=
Subject key identifier: 3E:A7:6C:73:EF:AB:CB:D4:19:01:5D:D7:03:D1:A0:33:25:D3:C1:77
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5327CE9E4C08D2413DFC50F830AC42975B1B5ABB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/092d34c9-c699-44e4-b183-79623cb486ff.roa
Signing time: Tue 11 Feb 2025 00:00:00 +0000
ROA not before: Tue 11 Feb 2025 00:00:00 +0000
ROA not after: Tue 18 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:27:ce:9e:4c:08:d2:41:3d:fc:50:f8:30:ac:42:97:5b:1b:5a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 11 00:00:00 2025 GMT
Not After : Mar 18 23:59:59 2025 GMT
Subject: serialNumber=bcd44ad58587fcf5c3e0a0c600677a69db9d6779ea1e5dc77a0b945e606a611c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:9b:af:03:67:5f:9b:08:65:40:bd:77:cb:
3d:68:0e:b1:5a:50:08:1b:27:b8:bd:2f:12:6a:a1:
85:5c:1b:4c:03:1f:11:89:20:4a:34:48:34:c0:a6:
e8:a5:99:3d:7f:2d:f1:07:6b:8e:7b:d1:7e:47:5d:
7a:87:64:ed:84:ba:b0:e3:4f:15:13:43:4d:78:27:
8a:c9:8e:a5:71:d5:66:f3:56:a9:37:b6:ac:d1:c9:
04:14:59:25:99:59:6c:45:c1:32:c5:d2:79:14:0f:
cc:b8:aa:63:66:4f:1f:8f:01:b3:fc:5a:5a:37:42:
9c:fd:3e:9e:46:98:2f:80:58:85:fb:48:eb:6b:d6:
5a:8e:26:2c:39:eb:68:2b:b0:f3:12:13:62:b6:2f:
98:1b:5d:bf:38:15:01:ae:8f:3e:68:f5:bb:92:75:
72:42:cf:45:d9:3d:0f:7e:60:2c:f2:9e:5c:4d:9c:
f8:a8:d0:ec:d9:d6:48:31:a8:f5:33:c6:be:7b:b0:
a3:c7:67:04:5d:5f:23:c6:ef:98:a1:0d:f2:d4:06:
5f:89:c3:1e:6e:70:90:8e:f8:fd:83:1b:41:df:5f:
9a:41:c0:e9:26:8b:b2:9e:1c:18:ef:1b:01:43:ce:
ef:cc:32:1b:d5:d7:13:8b:fd:e4:48:be:e9:e8:27:
f5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A7:6C:73:EF:AB:CB:D4:19:01:5D:D7:03:D1:A0:33:25:D3:C1:77
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/092d34c9-c699-44e4-b183-79623cb486ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
92:80:27:03:23:f0:1f:59:3e:3c:eb:54:86:66:8a:df:01:d4:
bb:af:5e:a1:7d:71:8c:cd:1c:12:62:8c:e7:44:b6:b7:d3:cd:
d2:ad:33:22:ca:51:04:3a:61:09:95:3b:f3:15:61:07:4c:f8:
7a:92:5a:c0:c0:4d:fd:00:b6:e9:f4:af:67:3f:b2:86:20:98:
22:32:4e:09:79:35:6c:62:8f:4c:07:fe:f3:de:92:4a:d1:0b:
68:51:f1:aa:8e:c8:58:73:9a:e2:57:d4:8a:04:60:99:0c:d9:
29:af:93:fd:cf:a4:fc:e5:30:e1:3c:ee:e2:8e:95:0b:c8:ac:
73:b6:2e:1a:b0:ac:22:ff:fb:0a:c2:cc:4d:74:ce:fe:6e:e7:
9f:dc:38:42:d5:65:97:73:1a:b3:5a:f5:c6:6c:63:a8:94:65:
4e:81:f4:03:e9:39:93:58:d6:13:b2:17:4d:11:75:e0:d7:41:
4f:8a:ac:24:34:6e:37:f6:ce:99:69:45:6d:e8:5a:9b:c9:47:
91:0a:20:6e:6e:a0:7c:39:a2:34:57:38:35:04:7a:ca:6b:45:
8c:b4:77:05:c4:ee:ef:4e:89:bd:6e:45:0a:2c:2b:42:6d:f6:
f6:bf:4b:38:c8:5e:68:f0:78:73:3c:08:c3:40:ea:b1:69:b3:
5f:b9:89:bc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUyfOnkwI0kE9/FD4MKxCl1sbWrswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjExMDAwMDAwWhcNMjUwMzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiY2Q0NGFkNTg1ODdmY2Y1YzNlMGEwYzYwMDY3N2E2OWRi
OWQ2Nzc5ZWExZTVkYzc3YTBiOTQ1ZTYwNmE2MTFjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFhJuvA2dfmwhlQL13yz1oDrFaUAgbJ7i9LxJqoYVcG0wD
HxGJIEo0SDTApuilmT1/LfEHa4570X5HXXqHZO2EurDjTxUTQ014J4rJjqVx1Wbz
Vqk3tqzRyQQUWSWZWWxFwTLF0nkUD8y4qmNmTx+PAbP8Wlo3Qpz9Pp5GmC+AWIX7
SOtr1lqOJiw562grsPMSE2K2L5gbXb84FQGujz5o9buSdXJCz0XZPQ9+YCzynlxN
nPio0OzZ1kgxqPUzxr57sKPHZwRdXyPG75ihDfLUBl+Jwx5ucJCO+P2DG0HfX5pB
wOkmi7KeHBjvGwFDzu/MMhvV1xOL/eRIvunoJ/UXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPqdsc++ry9QZAV3XA9GgMyXTwXcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA5MmQzNGM5LWM2OTktNDRlNC1iMTgzLTc5NjIzY2I0ODZmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJKAJwMj8B9ZPjzrVIZmit8B1Luv
XqF9cYzNHBJijOdEtrfTzdKtMyLKUQQ6YQmVO/MVYQdM+HqSWsDATf0Atun0r2c/
soYgmCIyTgl5NWxij0wH/vPekkrRC2hR8aqOyFhzmuJX1IoEYJkM2Smvk/3PpPzl
MOE87uKOlQvIrHO2LhqwrCL/+wrCzE10zv5u55/cOELVZZdzGrNa9cZsY6iUZU6B
9APpOZNY1hOyF00RdeDXQU+KrCQ0bjf2zplpRW3oWpvJR5EKIG5uoHw5ojRXODUE
esprRYy0dwXE7u9Oib1uRQosK0Jt9va/SzjIXmjweHM8CMNA6rFps1+5ibw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:05:19 2025 by rpki-client