Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/18c10c64-cb07-425a-b8bf-52bfa5056d54.roa
File: 18c10c64-cb07-425a-b8bf-52bfa5056d54.roa (raw, json)
Hash identifier: NsStzGn9RBdqEVuMh+OMrq53N06VpLZq3LEsc6cQsNE=
Subject key identifier: C8:3A:BC:96:49:E6:0A:C0:16:65:AF:B5:E0:46:83:19:65:96:EB:0A
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2D3313CF495F3ED30C5843F1BD7E503008AC61D1
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/18c10c64-cb07-425a-b8bf-52bfa5056d54.roa
Signing time: Tue 20 Jun 2023 00:00:00 +0000
ROA not before: Tue 20 Jun 2023 00:00:00 +0000
ROA not after: Tue 25 Jul 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:33:13:cf:49:5f:3e:d3:0c:58:43:f1:bd:7e:50:30:08:ac:61:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 20 00:00:00 2023 GMT
Not After : Jul 25 23:59:59 2023 GMT
Subject: serialNumber=1c69a18473cf4c935ad2a4678940fc3c27a4a96d9486f1f0ed115f2dcd402522, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:55:53:01:b4:f9:ff:b6:53:35:26:35:42:b3:
d4:9c:57:4f:78:22:a1:90:e8:14:78:1a:d3:11:00:
9b:83:ca:36:95:26:c8:f4:4f:93:76:be:cc:73:b9:
5d:f0:b6:d1:02:36:71:88:f5:eb:38:a9:a6:90:5a:
95:36:fd:e2:3f:0d:02:22:80:f6:ee:d7:c7:c2:b8:
71:8a:05:fb:4c:b6:d4:c6:48:db:0f:30:1c:b7:68:
d9:0a:83:06:83:3a:cf:a1:bc:40:71:8b:8b:7b:ed:
53:00:58:4e:8c:3c:88:04:c1:ef:98:72:7c:f7:06:
96:5d:82:1f:ef:1a:12:a9:a4:20:50:9a:a1:16:0f:
88:ac:7a:1c:32:da:4e:4c:b2:6d:26:d1:61:5a:6f:
cd:f8:38:73:20:2b:00:04:0c:66:3e:f6:e4:b5:d0:
a7:e2:8a:29:49:c4:ce:14:8e:3a:28:78:53:82:03:
34:ae:f5:ef:30:84:b7:c4:c1:98:79:9d:be:84:e5:
b4:bc:29:d0:a1:d1:30:47:19:a6:fa:60:f9:32:50:
1a:8f:f0:a7:84:84:a1:f5:1f:65:40:55:58:9f:26:
a4:71:bf:f2:73:7f:bd:f6:bd:00:0f:94:67:11:c2:
03:51:15:89:03:2c:40:f6:46:c7:e7:ac:a6:64:85:
da:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3A:BC:96:49:E6:0A:C0:16:65:AF:B5:E0:46:83:19:65:96:EB:0A
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/18c10c64-cb07-425a-b8bf-52bfa5056d54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
83:44:00:2a:94:08:5a:7d:dd:11:ec:9c:c7:08:5c:a1:ab:85:
79:a2:d9:ce:e6:dd:f9:7f:7d:e3:e5:aa:ae:3a:e2:61:d0:3e:
15:68:ab:0e:1b:71:c7:29:ad:4d:1c:9b:84:16:e0:56:d1:a9:
ab:2a:24:ba:0d:c3:b8:d2:9c:e2:53:19:66:20:97:49:32:f6:
30:46:b2:c1:aa:aa:18:ca:9a:9a:b3:4c:3e:4c:c2:32:ab:18:
52:f2:27:c6:63:2a:17:8a:f6:30:3d:60:6c:f9:bd:a9:74:35:
15:0c:c1:c1:78:42:b0:56:7d:9f:dc:03:60:41:2a:0a:67:54:
d3:74:03:db:9b:99:03:84:62:30:e5:72:f3:db:5c:b3:05:23:
d2:ce:2e:2b:23:fd:48:03:8d:04:22:aa:83:eb:7a:5d:60:39:
7f:94:5e:fb:0a:4f:a5:4e:a4:b5:39:87:7d:d5:8e:b0:47:02:
2d:2b:40:87:5a:7c:cf:b5:d8:8a:57:21:f4:d8:40:85:a2:c8:
d0:25:3f:e5:c3:1e:34:31:a8:1f:b9:74:5b:f8:69:5a:b8:f2:
e9:94:58:f9:6e:75:b8:87:74:c5:15:09:40:78:82:bd:4a:fa:
1a:3c:e2:e6:95:62:05:73:d7:75:1d:49:c4:85:db:28:a2:3e:
4a:dd:ab:3f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULTMTz0lfPtMMWEPxvX5QMAisYdEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjIwMDAwMDAwWhcNMjMwNzI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzY5YTE4NDczY2Y0YzkzNWFkMmE0Njc4OTQwZmMzYzI3
YTRhOTZkOTQ4NmYxZjBlZDExNWYyZGNkNDAyNTIyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNVVMBtPn/tlM1JjVCs9ScV094IqGQ6BR4GtMRAJuDyjaV
Jsj0T5N2vsxzuV3wttECNnGI9es4qaaQWpU2/eI/DQIigPbu18fCuHGKBftMttTG
SNsPMBy3aNkKgwaDOs+hvEBxi4t77VMAWE6MPIgEwe+Ycnz3BpZdgh/vGhKppCBQ
mqEWD4isehwy2k5Msm0m0WFab834OHMgKwAEDGY+9uS10KfiiilJxM4UjjooeFOC
AzSu9e8whLfEwZh5nb6E5bS8KdCh0TBHGab6YPkyUBqP8KeEhKH1H2VAVVifJqRx
v/Jzf732vQAPlGcRwgNRFYkDLED2RsfnrKZkhdpXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyDq8lknmCsAWZa+14EaDGWWW6wowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE4YzEwYzY0LWNiMDctNDI1YS1iOGJmLTUyYmZhNTA1NmQ1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAINEACqUCFp93RHsnMcIXKGrhXmi
2c7m3fl/fePlqq464mHQPhVoqw4bcccprU0cm4QW4FbRqasqJLoNw7jSnOJTGWYg
l0ky9jBGssGqqhjKmpqzTD5MwjKrGFLyJ8ZjKheK9jA9YGz5val0NRUMwcF4QrBW
fZ/cA2BBKgpnVNN0A9ubmQOEYjDlcvPbXLMFI9LOLisj/UgDjQQiqoPrel1gOX+U
XvsKT6VOpLU5h33VjrBHAi0rQIdafM+12IpXIfTYQIWiyNAlP+XDHjQxqB+5dFv4
aVq48umUWPludbiHdMUVCUB4gr1K+ho84uaVYgVz13UdScSF2yiiPkrdqz8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:31:08 2025 by rpki-client