Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1b028911-3f0c-465c-836d-568ccae590c8.roa
File: 1b028911-3f0c-465c-836d-568ccae590c8.roa (raw, json)
Hash identifier: q+ljtWHhWXbbxW89FIFYsy8yooX1BZEuMU+3SAl83rI=
Subject key identifier: D1:84:BA:A6:9C:CB:EF:5A:9C:FD:C6:94:03:87:B5:8F:F2:D2:D3:E6
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 18CEF743CB62BD1EC0DAB0BFF601BA770FB093C5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1b028911-3f0c-465c-836d-568ccae590c8.roa
Signing time: Sun 25 Aug 2024 00:00:00 +0000
ROA not before: Sun 25 Aug 2024 00:00:00 +0000
ROA not after: Sun 29 Sep 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:ce:f7:43:cb:62:bd:1e:c0:da:b0:bf:f6:01:ba:77:0f:b0:93:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 25 00:00:00 2024 GMT
Not After : Sep 29 23:59:59 2024 GMT
Subject: serialNumber=5caf9f699d8aaca47c25a7302f0c25bad4dacf3dbecdb0c3e3effbdc56b72d73, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:22:86:cd:aa:97:80:1a:2a:24:e3:8f:c6:cf:
b0:41:48:85:d9:9c:26:a9:4e:44:ee:c6:9c:c7:15:
86:18:33:dc:a7:4f:bc:13:a4:ee:c3:b3:28:9c:c3:
ab:b5:d4:93:0b:3c:fa:5a:c6:d8:8d:c7:88:8e:7d:
54:d6:6f:c3:cd:d1:e2:c9:ac:dd:90:bd:56:22:08:
f6:ff:07:dc:08:78:be:aa:2e:d5:da:b9:5d:4f:8b:
82:fc:27:77:fe:37:21:32:7c:79:35:75:9e:d6:50:
3b:ba:c1:a1:01:08:09:c2:ea:70:15:e3:27:69:93:
c1:22:27:92:af:96:d9:55:6d:ab:b8:73:da:b9:f8:
c0:14:6c:11:a3:dd:2f:5d:5c:95:63:78:6d:74:cd:
66:ba:b7:44:03:1b:47:21:6b:61:fe:aa:f4:dd:7e:
0f:ac:68:6a:a1:21:9c:03:56:32:cd:57:83:d3:78:
67:8f:50:fc:cd:c7:0f:e3:5c:fe:b7:34:dd:41:6d:
0a:df:c3:48:9c:3e:2d:d3:69:20:a8:3e:26:a1:ba:
74:f4:3e:40:a7:4a:58:1c:68:fb:9a:06:12:f3:bd:
24:1b:c7:04:9b:93:12:6d:6d:12:35:f2:31:dc:ff:
5e:50:20:0e:c9:49:ad:9b:83:23:8d:55:a5:55:ef:
37:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:84:BA:A6:9C:CB:EF:5A:9C:FD:C6:94:03:87:B5:8F:F2:D2:D3:E6
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1b028911-3f0c-465c-836d-568ccae590c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
12:33:f2:2d:93:81:88:43:37:da:23:ae:2d:40:2f:02:78:0f:
c6:9d:c1:d3:83:aa:a4:38:e5:b6:2c:d9:0a:eb:2a:ae:be:3c:
6d:56:43:73:eb:f6:f1:d9:d5:73:00:91:b7:30:b6:8e:b3:f6:
2a:04:89:36:cd:2b:e7:04:19:ad:8e:00:8e:77:ec:af:1b:12:
70:e4:ee:d8:bd:c0:ef:fe:a4:61:04:6b:77:b1:67:ed:2c:50:
c8:aa:92:bd:b3:fe:c2:2e:47:aa:df:96:44:bf:fe:d4:c2:f9:
98:2d:73:21:ee:c3:70:25:ce:aa:09:e6:2e:92:73:5f:a0:f2:
f8:14:67:ef:b7:84:ba:21:f7:4f:cb:2a:1e:1e:90:6e:e8:76:
fd:ca:5d:1f:3a:f8:f3:b7:b9:0e:d7:f9:28:6f:82:5a:3f:03:
c0:da:60:43:96:60:4e:27:cf:21:cc:38:65:95:51:6b:f8:8e:
8a:a0:2d:44:c6:06:2f:6a:df:d4:3a:16:13:7f:35:dd:31:0d:
a5:df:6b:1b:01:6e:6d:4f:79:c9:84:e2:a7:0b:97:f5:0b:e2:
a5:1a:3d:9f:ef:af:02:0d:4b:8d:78:a3:28:d1:16:5b:80:51:
10:08:e8:2f:91:b1:8a:be:b0:c6:56:3c:fd:07:76:49:00:c5:
29:32:d4:d4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGM73Q8tivR7A2rC/9gG6dw+wk8UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwODI1MDAwMDAwWhcNMjQwOTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2FmOWY2OTlkOGFhY2E0N2MyNWE3MzAyZjBjMjViYWQ0
ZGFjZjNkYmVjZGIwYzNlM2VmZmJkYzU2YjcyZDczMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0IobNqpeAGiok44/Gz7BBSIXZnCapTkTuxpzHFYYYM9yn
T7wTpO7Dsyicw6u11JMLPPpaxtiNx4iOfVTWb8PN0eLJrN2QvVYiCPb/B9wIeL6q
LtXauV1Pi4L8J3f+NyEyfHk1dZ7WUDu6waEBCAnC6nAV4ydpk8EiJ5KvltlVbau4
c9q5+MAUbBGj3S9dXJVjeG10zWa6t0QDG0cha2H+qvTdfg+saGqhIZwDVjLNV4PT
eGePUPzNxw/jXP63NN1BbQrfw0icPi3TaSCoPiahunT0PkCnSlgcaPuaBhLzvSQb
xwSbkxJtbRI18jHc/15QIA7JSa2bgyONVaVV7zctAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0YS6ppzL71qc/caUA4e1j/LS0+YwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzFiMDI4OTExLTNmMGMtNDY1Yy04MzZkLTU2OGNjYWU1OTBjOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABIz8i2TgYhDN9ojri1ALwJ4D8ad
wdODqqQ45bYs2QrrKq6+PG1WQ3Pr9vHZ1XMAkbcwto6z9ioEiTbNK+cEGa2OAI53
7K8bEnDk7ti9wO/+pGEEa3exZ+0sUMiqkr2z/sIuR6rflkS//tTC+ZgtcyHuw3Al
zqoJ5i6Sc1+g8vgUZ++3hLoh90/LKh4ekG7odv3KXR86+PO3uQ7X+Shvglo/A8Da
YEOWYE4nzyHMOGWVUWv4joqgLUTGBi9q39Q6FhN/Nd0xDaXfaxsBbm1PecmE4qcL
l/UL4qUaPZ/vrwINS414oyjRFluAURAI6C+RsYq+sMZWPP0HdkkAxSky1NQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:14:48 2025 by rpki-client