Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dede851-a156-432e-a4d4-b2d39ae358ac.roa
File: 0dede851-a156-432e-a4d4-b2d39ae358ac.roa (raw, json)
Hash identifier: 2eBUgDbg5pwpjX15j9nH6Aq3WtoHnqbQ0ni0UAs+K1A=
Subject key identifier: 58:D7:2A:E5:FC:7E:46:8D:6B:3D:56:4A:86:80:24:83:F6:54:39:E9
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 68BC3DADCE2238C6D808394E9EA9B3018E99FD75
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dede851-a156-432e-a4d4-b2d39ae358ac.roa
Signing time: Sat 08 Feb 2025 00:00:00 +0000
ROA not before: Sat 08 Feb 2025 00:00:00 +0000
ROA not after: Sat 15 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:bc:3d:ad:ce:22:38:c6:d8:08:39:4e:9e:a9:b3:01:8e:99:fd:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 8 00:00:00 2025 GMT
Not After : Mar 15 23:59:59 2025 GMT
Subject: serialNumber=07cdeeef49f8daaa7fc3849bd2f11261ec91ea2ccddd6f31e44c5c14fe0d49f1, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f6:98:a0:b8:a3:b5:5b:cd:3a:98:fd:53:7c:
d2:65:7d:d0:11:22:f4:50:17:d9:ca:54:cf:b8:a9:
b8:2b:bb:d0:df:58:97:5c:cc:4e:c9:1f:2d:64:2a:
55:2d:f6:3f:ca:8f:e0:9c:2f:29:b5:e5:1e:3f:14:
35:75:34:f1:0c:7a:1e:01:c7:73:58:e0:26:2e:8a:
86:08:58:ca:7a:e0:2b:3a:5f:22:1e:05:4a:a0:b2:
1c:76:5a:b2:a4:51:e1:f0:ff:25:0a:e4:2b:84:38:
e1:bc:24:0c:e1:92:68:b7:e2:d8:40:0c:7e:b7:c0:
63:fc:4e:5f:da:2a:df:43:a3:c0:45:70:6c:f2:f4:
10:94:d9:d5:f4:c5:59:15:8c:ce:f2:c2:aa:d3:98:
a4:c6:d5:13:de:30:e4:62:a9:93:e9:d6:6c:4c:b3:
61:cb:b1:b1:d3:40:50:47:f4:7c:25:b2:82:28:b0:
fa:d4:39:15:6c:87:1e:57:26:21:5f:6f:98:15:9a:
4e:d2:1d:d0:de:f7:99:f9:c1:0e:73:c4:60:34:e5:
1e:90:39:19:60:c5:5a:ff:ba:3d:6e:f3:ed:b4:8e:
d3:8a:ef:0f:c1:31:ac:56:f0:b9:cc:13:e0:c2:67:
6f:5f:3c:5f:32:d6:51:ee:1c:88:58:c5:a7:22:44:
c7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D7:2A:E5:FC:7E:46:8D:6B:3D:56:4A:86:80:24:83:F6:54:39:E9
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dede851-a156-432e-a4d4-b2d39ae358ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
03:19:9f:55:55:57:07:14:c3:5a:88:b9:68:87:2f:be:6a:ce:
2d:fb:2d:d6:7f:b9:d2:bc:67:65:88:20:62:bf:24:d2:b0:d5:
68:63:77:7d:d5:65:2a:88:49:75:ae:d3:87:3b:80:e3:41:80:
74:5c:fb:eb:88:e9:4b:b7:b9:f3:1d:50:e3:7b:f0:ab:6b:93:
1f:58:50:a0:bc:ba:20:6e:b9:1b:39:22:af:82:f9:4c:1f:79:
4c:4c:ca:3a:e6:1e:b3:8e:20:c0:87:bf:b1:c0:1e:6e:8d:1b:
b3:57:c4:a1:24:01:21:36:ef:4e:bc:11:7f:51:c8:5f:13:34:
93:87:d0:ef:df:54:d1:2a:3d:c4:9a:07:e8:1d:63:0b:a5:80:
da:86:e1:dd:a6:a8:ef:1a:d0:b7:2b:fe:5e:8d:8f:44:e8:68:
14:d4:03:bc:43:79:e1:65:45:4f:bb:fd:fd:2e:2a:69:7b:2e:
88:a3:42:56:7d:a1:cc:85:20:17:06:e2:7f:fe:29:b7:d8:db:
70:ab:d6:dd:26:79:e7:b6:d2:6c:cc:17:cd:16:10:83:90:5d:
ec:27:e6:9f:89:34:12:d8:c0:3b:42:9f:06:34:72:51:43:06:
25:5e:01:37:a7:ac:7c:9b:ae:aa:41:ca:d5:6f:0b:9c:6f:ff:
78:9a:3b:ec
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaLw9rc4iOMbYCDlOnqmzAY6Z/XUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjA4MDAwMDAwWhcNMjUwMzE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwN2NkZWVlZjQ5ZjhkYWFhN2ZjMzg0OWJkMmYxMTI2MWVj
OTFlYTJjY2RkZDZmMzFlNDRjNWMxNGZlMGQ0OWYxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCc9piguKO1W806mP1TfNJlfdARIvRQF9nKVM+4qbgru9Df
WJdczE7JHy1kKlUt9j/Kj+CcLym15R4/FDV1NPEMeh4Bx3NY4CYuioYIWMp64Cs6
XyIeBUqgshx2WrKkUeHw/yUK5CuEOOG8JAzhkmi34thADH63wGP8Tl/aKt9Do8BF
cGzy9BCU2dX0xVkVjM7ywqrTmKTG1RPeMORiqZPp1mxMs2HLsbHTQFBH9HwlsoIo
sPrUORVshx5XJiFfb5gVmk7SHdDe95n5wQ5zxGA05R6QORlgxVr/uj1u8+20jtOK
7w/BMaxW8LnME+DCZ29fPF8y1lHuHIhYxaciRMcHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWNcq5fx+Ro1rPVZKhoAkg/ZUOekwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBkZWRlODUxLWExNTYtNDMyZS1hNGQ0LWIyZDM5YWUzNThhYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAMZn1VVVwcUw1qIuWiHL75qzi37
LdZ/udK8Z2WIIGK/JNKw1Whjd33VZSqISXWu04c7gONBgHRc++uI6Uu3ufMdUON7
8Ktrkx9YUKC8uiBuuRs5Iq+C+UwfeUxMyjrmHrOOIMCHv7HAHm6NG7NXxKEkASE2
7068EX9RyF8TNJOH0O/fVNEqPcSaB+gdYwulgNqG4d2mqO8a0Lcr/l6Nj0ToaBTU
A7xDeeFlRU+7/f0uKml7LoijQlZ9ocyFIBcG4n/+KbfY23Cr1t0meee20mzMF80W
EIOQXewn5p+JNBLYwDtCnwY0clFDBiVeATenrHybrqpBytVvC5xv/3iaO+w=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:10:04 2025 by rpki-client