Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/17e6a37b-5258-49b9-af28-6917d587d155.roa
File: 17e6a37b-5258-49b9-af28-6917d587d155.roa (raw, json)
Hash identifier: ezgATTjuEYlKAud+1qO+O3eLs3kcmVvxzJbjF/ZTwGw=
Subject key identifier: 74:FE:BE:E4:93:0B:D0:5B:33:D1:3B:00:DC:EA:03:0B:81:4B:FB:6E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 12951C255FBF2C1FBBEB1A08783DCF4472B20657
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/17e6a37b-5258-49b9-af28-6917d587d155.roa
Signing time: Sun 27 Aug 2023 00:00:00 +0000
ROA not before: Sun 27 Aug 2023 00:00:00 +0000
ROA not after: Sun 01 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:95:1c:25:5f:bf:2c:1f:bb:eb:1a:08:78:3d:cf:44:72:b2:06:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 27 00:00:00 2023 GMT
Not After : Oct 1 23:59:59 2023 GMT
Subject: serialNumber=a44d756017ade5130329813709c63096dab910c75661795a4f8487a41118001d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:98:11:94:f9:4e:cd:e4:0d:6e:0e:5c:4f:a7:
dd:63:13:9d:06:91:ab:1e:fc:33:a9:f1:93:5a:8a:
64:f8:6a:f0:5b:72:dc:39:2a:e8:36:96:5d:40:3f:
30:67:04:bf:cf:ea:6d:49:b8:83:80:ab:65:16:47:
31:03:b0:e0:6a:49:96:c9:3d:11:8f:31:dd:a9:63:
b5:a9:ad:f4:64:24:9e:aa:d5:55:76:6f:65:24:b7:
b4:ab:3d:d4:f4:68:f1:9a:27:aa:af:a7:4c:e9:fc:
18:98:5d:a1:c5:09:f0:8f:43:73:05:91:f4:6a:ea:
93:c6:2e:61:0a:99:70:43:86:c1:a5:2f:30:57:89:
4f:7b:6c:cb:2b:7b:fd:2e:74:76:83:0e:b7:a8:12:
d2:8c:36:83:58:a7:5a:e7:ea:60:11:81:0a:f4:d2:
d3:94:af:0e:82:a1:ac:ce:1e:e3:d3:65:a6:2e:b9:
b5:c4:cc:d6:1b:a7:9e:0d:43:fe:96:ce:d9:b5:3d:
77:66:6f:f7:1f:f1:3d:d5:4b:ec:71:f2:cd:75:48:
f6:d0:61:c5:ea:da:88:0f:5d:5f:72:be:0e:7c:e1:
34:fa:0d:d0:a7:0c:94:6d:ca:2c:93:df:7e:97:d8:
95:01:51:13:2c:dd:fa:32:8e:56:e2:76:97:f4:df:
e2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:FE:BE:E4:93:0B:D0:5B:33:D1:3B:00:DC:EA:03:0B:81:4B:FB:6E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/17e6a37b-5258-49b9-af28-6917d587d155.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:57:a4:3d:76:67:0e:a3:da:26:25:81:31:64:d8:ea:70:62:
a3:1f:2d:5c:b3:01:b9:cf:49:9f:5d:54:f4:5c:42:29:3c:1d:
f3:b1:87:e1:97:a4:e0:74:c2:9a:41:6d:92:96:00:df:de:2e:
22:90:62:2c:c4:16:2c:32:42:c4:0e:c8:6d:f3:27:75:f6:1f:
67:c5:75:be:c2:59:93:cc:00:f0:ad:4f:6b:11:20:98:c4:37:
50:69:4f:49:0c:19:44:27:b7:c9:18:0d:9b:79:53:50:4d:1e:
3d:c0:4c:54:78:04:e1:f7:70:67:73:b8:36:e9:2a:17:26:87:
78:2a:eb:c0:67:86:5f:90:8f:21:38:4b:e0:55:a4:81:14:35:
a8:e0:32:ad:d0:bd:6d:39:6b:ad:d1:39:76:9e:bb:08:b6:fe:
32:4f:95:d4:4b:e7:1f:19:12:a7:f0:08:0d:a7:87:dd:d8:3a:
30:7e:13:3d:22:8e:da:56:a9:a2:1f:d4:58:6e:12:73:84:8e:
48:19:62:f7:1e:92:a2:30:86:33:c6:49:dd:d1:e6:7a:b8:07:
8f:cc:64:60:74:96:94:2c:cb:1a:b5:09:bc:fa:7d:9f:ee:8c:
64:a6:9a:93:17:8a:a6:17:d9:0d:20:cb:68:f8:ad:1c:87:ab:
e9:96:f3:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEpUcJV+/LB+76xoIeD3PRHKyBlcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODI3MDAwMDAwWhcNMjMxMDAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDRkNzU2MDE3YWRlNTEzMDMyOTgxMzcwOWM2MzA5NmRh
YjkxMGM3NTY2MTc5NWE0Zjg0ODdhNDExMTgwMDFkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVmBGU+U7N5A1uDlxPp91jE50Gkase/DOp8ZNaimT4avBb
ctw5Kug2ll1APzBnBL/P6m1JuIOAq2UWRzEDsOBqSZbJPRGPMd2pY7WprfRkJJ6q
1VV2b2Ukt7SrPdT0aPGaJ6qvp0zp/BiYXaHFCfCPQ3MFkfRq6pPGLmEKmXBDhsGl
LzBXiU97bMsre/0udHaDDreoEtKMNoNYp1rn6mARgQr00tOUrw6CoazOHuPTZaYu
ubXEzNYbp54NQ/6Wztm1PXdmb/cf8T3VS+xx8s11SPbQYcXq2ogPXV9yvg584TT6
DdCnDJRtyiyT336X2JUBURMs3foyjlbidpf03+JFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdP6+5JML0Fsz0TsA3OoDC4FL+24wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE3ZTZhMzdiLTUyNTgtNDliOS1hZjI4LTY5MTdkNTg3ZDE1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAF9XpD12Zw6j2iYlgTFk2OpwYqMf
LVyzAbnPSZ9dVPRcQik8HfOxh+GXpOB0wppBbZKWAN/eLiKQYizEFiwyQsQOyG3z
J3X2H2fFdb7CWZPMAPCtT2sRIJjEN1BpT0kMGUQnt8kYDZt5U1BNHj3ATFR4BOH3
cGdzuDbpKhcmh3gq68Bnhl+QjyE4S+BVpIEUNajgMq3QvW05a63ROXaeuwi2/jJP
ldRL5x8ZEqfwCA2nh93YOjB+Ez0ijtpWqaIf1FhuEnOEjkgZYvcekqIwhjPGSd3R
5nq4B4/MZGB0lpQsyxq1Cbz6fZ/ujGSmmpMXiqYX2Q0gy2j4rRyHq+mW854=
-----END CERTIFICATE-----
Generated at Mon Jun 16 23:41:02 2025 by rpki-client