Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/185faa9b-ab9d-4983-a5a4-a6ffb95513d0.roa
File: 185faa9b-ab9d-4983-a5a4-a6ffb95513d0.roa (raw, json)
Hash identifier: S95nGvW2MjgZRrmavfeceffnOhd5aNTuU9S20rDpRgs=
Subject key identifier: C6:E0:3B:E9:AD:7E:40:B4:86:49:74:19:45:7B:02:64:B9:90:25:45
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 612F29841B4C638B5AAE71BC89BAD145EE962037
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/185faa9b-ab9d-4983-a5a4-a6ffb95513d0.roa
Signing time: Mon 10 Feb 2025 00:00:00 +0000
ROA not before: Mon 10 Feb 2025 00:00:00 +0000
ROA not after: Mon 17 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:2f:29:84:1b:4c:63:8b:5a:ae:71:bc:89:ba:d1:45:ee:96:20:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 10 00:00:00 2025 GMT
Not After : Mar 17 23:59:59 2025 GMT
Subject: serialNumber=5d636a7478dec9a0f85eecfe06d1add7ac0e68f22837be179360962b04364e19, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5c:25:7f:0e:db:73:80:91:f1:b4:d4:6e:02:
a9:05:e5:45:ae:ba:df:f7:de:c7:b2:36:65:32:5d:
95:8d:c6:65:5f:63:de:32:e9:05:8e:75:5a:10:0f:
c1:95:b1:88:f7:7d:bb:88:fe:ab:ee:f0:7f:b1:b3:
09:85:50:c1:79:17:d3:0d:cf:10:ed:ee:07:3d:fd:
69:6b:75:e4:66:9d:ad:61:99:12:c5:91:52:78:41:
f0:fa:a6:df:01:10:14:03:0b:d5:a6:60:2b:dc:d6:
71:bc:52:b4:db:2b:aa:96:89:e6:81:96:8c:70:b8:
6f:c8:91:bd:2b:36:22:d7:5c:aa:fb:74:20:2a:0b:
d3:b7:f2:e2:e0:fe:6e:47:ff:95:18:33:20:df:5b:
59:88:01:2e:35:76:53:c2:9a:b8:07:f9:b3:3c:06:
ad:00:12:7b:c5:71:55:3c:d0:09:70:f9:9c:45:4a:
43:03:aa:a4:be:db:dd:30:91:1c:ef:50:2d:6b:57:
8e:45:42:11:3b:ff:ab:d9:b5:d3:6f:73:36:6a:d1:
1f:ae:eb:29:f4:47:fd:70:e4:6d:ff:f4:dc:6d:0d:
ae:65:76:91:ea:7a:55:02:05:85:4a:34:a2:24:1f:
84:62:72:d8:e8:38:7f:f5:2f:0b:21:10:95:f1:d5:
97:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E0:3B:E9:AD:7E:40:B4:86:49:74:19:45:7B:02:64:B9:90:25:45
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/185faa9b-ab9d-4983-a5a4-a6ffb95513d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:80:00:f3:c9:56:36:a1:ef:54:9d:15:be:cb:a8:d2:53:1b:
86:83:93:f8:e1:15:96:f0:1a:f5:ef:ad:bc:d6:e3:b4:54:1e:
5c:39:9e:36:05:c3:66:24:6b:7e:02:2b:e9:fa:87:7f:52:a6:
dc:86:f8:5c:1f:ca:d0:55:2c:31:f9:09:64:9f:cb:96:86:e1:
53:8a:98:65:d2:45:5c:a1:a8:b5:50:c2:6e:e6:67:0f:29:b9:
f6:db:1f:6c:ab:ed:cd:5f:b3:2b:b3:6c:77:52:0b:7a:60:5a:
57:8f:b9:ec:25:35:80:4c:8f:80:c6:41:20:52:67:ff:d5:07:
32:c9:6a:e3:e5:a8:c1:34:78:bb:81:08:18:29:07:81:c7:b9:
9e:a0:dc:ec:53:f0:47:00:40:70:5e:8a:2c:6f:06:45:41:32:
3b:8b:25:c9:52:c5:2a:fb:12:9e:65:2c:33:0f:fd:25:81:ef:
98:34:44:42:7c:ab:56:dd:d0:6d:ee:10:9d:e4:0d:fa:a0:3e:
b6:4b:2f:ac:d7:9f:55:8f:51:37:05:dd:38:88:75:6e:d6:51:
13:ff:bc:d9:a2:39:7c:60:9c:7e:a0:88:60:d2:e4:76:d2:5a:
90:26:65:42:37:cb:eb:12:da:28:0f:f3:1d:98:95:b0:80:23:
00:56:40:e3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYS8phBtMY4tarnG8ibrRRe6WIDcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjEwMDAwMDAwWhcNMjUwMzE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZDYzNmE3NDc4ZGVjOWEwZjg1ZWVjZmUwNmQxYWRkN2Fj
MGU2OGYyMjgzN2JlMTc5MzYwOTYyYjA0MzY0ZTE5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFXCV/DttzgJHxtNRuAqkF5UWuut/33seyNmUyXZWNxmVf
Y94y6QWOdVoQD8GVsYj3fbuI/qvu8H+xswmFUMF5F9MNzxDt7gc9/WlrdeRmna1h
mRLFkVJ4QfD6pt8BEBQDC9WmYCvc1nG8UrTbK6qWieaBloxwuG/Ikb0rNiLXXKr7
dCAqC9O38uLg/m5H/5UYMyDfW1mIAS41dlPCmrgH+bM8Bq0AEnvFcVU80Alw+ZxF
SkMDqqS+290wkRzvUC1rV45FQhE7/6vZtdNvczZq0R+u6yn0R/1w5G3/9NxtDa5l
dpHqelUCBYVKNKIkH4RictjoOH/1LwshEJXx1ZehAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxuA76a1+QLSGSXQZRXsCZLmQJUUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE4NWZhYTliLWFiOWQtNDk4My1hNWE0LWE2ZmZiOTU1MTNkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKiAAPPJVjah71SdFb7LqNJTG4aD
k/jhFZbwGvXvrbzW47RUHlw5njYFw2Yka34CK+n6h39SptyG+FwfytBVLDH5CWSf
y5aG4VOKmGXSRVyhqLVQwm7mZw8pufbbH2yr7c1fsyuzbHdSC3pgWlePuewlNYBM
j4DGQSBSZ//VBzLJauPlqME0eLuBCBgpB4HHuZ6g3OxT8EcAQHBeiixvBkVBMjuL
JclSxSr7Ep5lLDMP/SWB75g0REJ8q1bd0G3uEJ3kDfqgPrZLL6zXn1WPUTcF3TiI
dW7WURP/vNmiOXxgnH6giGDS5HbSWpAmZUI3y+sS2igP8x2YlbCAIwBWQOM=
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:25:23 2025 by rpki-client