Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/18f20830-8995-49e0-ab54-ea45e3a50d6e.roa
File: 18f20830-8995-49e0-ab54-ea45e3a50d6e.roa (raw, json)
Hash identifier: 0569PKsXrkzttOqmz/m8vwCjG4p4hqHvkf+f/78Ai48=
Subject key identifier: C5:9D:FC:0C:1A:1F:C4:83:0F:CE:D8:AA:BB:09:4E:0B:AA:3D:3A:FD
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0392DB1B8F57E69B43D09316C2B2798FBE44C6DD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/18f20830-8995-49e0-ab54-ea45e3a50d6e.roa
Signing time: Sun 15 Dec 2024 00:00:00 +0000
ROA not before: Sun 15 Dec 2024 00:00:00 +0000
ROA not after: Sun 19 Jan 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:92:db:1b:8f:57:e6:9b:43:d0:93:16:c2:b2:79:8f:be:44:c6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 15 00:00:00 2024 GMT
Not After : Jan 19 23:59:59 2025 GMT
Subject: serialNumber=a4b75666b0e48c93d10d46545a5999e5d060ac07f6e9648d90852264fc4936d2, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cd:2a:3e:fd:3a:f2:94:ab:ca:d9:08:f4:34:
30:70:a4:79:ae:b2:41:4b:7c:ed:6c:91:d7:06:d0:
11:a4:db:b6:5b:4b:78:79:73:07:1d:80:60:d1:5e:
e9:37:44:5b:1a:d7:6b:52:b1:70:e3:48:de:e6:85:
bc:ad:93:0f:0e:6e:b8:44:53:7d:50:5f:83:40:dd:
21:e6:f6:a5:76:c1:ec:a5:f1:04:4e:b5:51:0f:74:
45:fa:86:7d:c2:ba:de:e5:af:98:bc:f9:8a:15:73:
94:0d:50:06:e9:28:32:8f:dd:6f:f4:52:38:03:b7:
7a:b4:d0:5d:a8:52:77:97:b2:5f:09:50:fa:eb:e1:
f4:ec:50:bf:9f:fa:7e:db:06:25:c1:9e:a6:76:9c:
2a:98:74:7c:6f:78:84:0c:87:ec:6a:7f:a4:02:6b:
87:5a:88:7a:ac:0f:5d:cd:70:85:c6:8d:3d:be:ad:
1a:02:87:05:df:ac:a6:e9:61:0e:3c:99:42:63:47:
29:1e:fc:3c:d7:a9:86:b0:d9:07:c4:32:ec:74:db:
50:49:7a:37:92:a9:2d:af:df:93:e5:54:8c:0f:14:
43:58:a5:47:bc:29:2b:b6:99:37:86:94:d2:c8:60:
76:14:18:64:ef:42:8c:12:a3:01:57:ca:b4:1a:55:
82:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9D:FC:0C:1A:1F:C4:83:0F:CE:D8:AA:BB:09:4E:0B:AA:3D:3A:FD
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/18f20830-8995-49e0-ab54-ea45e3a50d6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:48:bb:9c:ec:5f:02:de:56:54:19:3a:46:d7:2e:46:76:30:
e4:98:9e:fc:10:d8:4c:08:be:05:92:b5:f8:c7:02:56:f7:3c:
6c:12:96:2b:c4:60:c5:e3:cc:16:68:f6:4f:4c:62:e1:33:19:
10:94:30:32:e1:02:a9:26:52:31:a9:57:d0:80:4d:9a:57:78:
38:ef:dc:2e:50:0d:89:1a:21:e8:d4:47:0f:b1:54:65:6c:34:
e6:5b:f8:f2:df:be:cc:27:ae:a6:87:1f:43:2f:3c:30:2c:48:
0b:71:6f:eb:7e:d9:f6:6d:c8:75:b6:81:1f:0d:b5:7b:44:b4:
86:6d:1f:9c:6c:45:d1:d4:bf:bc:12:77:d0:6a:47:e6:27:c0:
37:c2:3d:da:1b:45:ad:4b:05:e8:d4:66:f9:38:27:90:2b:0f:
1e:d9:7f:9c:0b:1e:bb:3f:3b:9c:4f:03:89:53:ad:e9:f2:0e:
98:3d:4e:f9:db:24:60:d3:39:2d:66:d7:dc:73:a9:a6:72:d5:
6e:ad:db:10:11:c1:14:78:ab:eb:1c:22:25:41:25:1e:c6:fe:
94:d9:38:8b:4b:78:d3:78:53:4d:a3:d4:aa:d7:71:ea:78:f5:
8c:7f:07:98:9d:de:c4:c0:18:1a:d7:a9:b2:5d:0b:1c:ef:8f:
1a:3a:68:af
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA5LbG49X5ptD0JMWwrJ5j75Ext0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjE1MDAwMDAwWhcNMjUwMTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNGI3NTY2NmIwZTQ4YzkzZDEwZDQ2NTQ1YTU5OTllNWQw
NjBhYzA3ZjZlOTY0OGQ5MDg1MjI2NGZjNDkzNmQyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVzSo+/TrylKvK2Qj0NDBwpHmuskFLfO1skdcG0BGk27Zb
S3h5cwcdgGDRXuk3RFsa12tSsXDjSN7mhbytkw8ObrhEU31QX4NA3SHm9qV2weyl
8QROtVEPdEX6hn3Cut7lr5i8+YoVc5QNUAbpKDKP3W/0UjgDt3q00F2oUneXsl8J
UPrr4fTsUL+f+n7bBiXBnqZ2nCqYdHxveIQMh+xqf6QCa4daiHqsD13NcIXGjT2+
rRoChwXfrKbpYQ48mUJjRyke/DzXqYaw2QfEMux021BJejeSqS2v35PlVIwPFENY
pUe8KSu2mTeGlNLIYHYUGGTvQowSowFXyrQaVYJZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxZ38DBofxIMPztiquwlOC6o9Ov0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE4ZjIwODMwLTg5OTUtNDllMC1hYjU0LWVhNDVlM2E1MGQ2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEtIu5zsXwLeVlQZOkbXLkZ2MOSY
nvwQ2EwIvgWStfjHAlb3PGwSlivEYMXjzBZo9k9MYuEzGRCUMDLhAqkmUjGpV9CA
TZpXeDjv3C5QDYkaIejURw+xVGVsNOZb+PLfvswnrqaHH0MvPDAsSAtxb+t+2fZt
yHW2gR8NtXtEtIZtH5xsRdHUv7wSd9BqR+YnwDfCPdobRa1LBejUZvk4J5ArDx7Z
f5wLHrs/O5xPA4lTrenyDpg9TvnbJGDTOS1m19xzqaZy1W6t2xARwRR4q+scIiVB
JR7G/pTZOItLeNN4U02j1KrXcep49Yx/B5id3sTAGBrXqbJdCxzvjxo6aK8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:06:56 2025 by rpki-client