Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1f4c05a2-29c9-4c9a-b1f4-d4185bbfa97c.roa
File: 1f4c05a2-29c9-4c9a-b1f4-d4185bbfa97c.roa (raw, json)
Hash identifier: kp4D8SzhcjlZWLGARwpMvdDkhJHr4Cbch4+jcuaR3oY=
Subject key identifier: 99:4D:25:20:1A:B7:83:53:79:32:A0:B9:81:8A:0A:1D:20:A2:6C:39
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2CB85AB534053475A07F94F7940369674C041B62
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1f4c05a2-29c9-4c9a-b1f4-d4185bbfa97c.roa
Signing time: Fri 04 Aug 2023 00:00:00 +0000
ROA not before: Fri 04 Aug 2023 00:00:00 +0000
ROA not after: Fri 08 Sep 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b8:5a:b5:34:05:34:75:a0:7f:94:f7:94:03:69:67:4c:04:1b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 4 00:00:00 2023 GMT
Not After : Sep 8 23:59:59 2023 GMT
Subject: serialNumber=4d2a9c9c47313a13a3fa73c055fa95167cd02599ba6d62c3d155004d3ab6214d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ea:1d:b7:7b:83:2b:ec:3f:88:6c:15:75:16:
74:44:f5:9f:65:fe:cb:f6:4b:30:f4:02:ef:7b:d7:
a6:db:9a:a3:e2:69:db:79:d3:07:87:c5:a9:8f:b3:
59:6e:50:f1:de:d0:98:31:14:f3:4f:8d:6e:1f:9b:
80:4c:c4:89:86:09:1f:81:ea:d9:5f:53:13:44:76:
5a:d6:ba:fd:dd:11:dc:a9:29:c5:7d:e1:b8:6e:81:
1d:5a:a5:f5:84:3e:80:9d:91:64:b9:be:10:54:60:
6d:30:6a:d0:47:17:e2:f9:4b:80:f8:dd:e0:21:30:
4d:55:a4:5f:2a:c0:34:6b:24:45:13:77:95:7e:93:
7e:5c:d2:87:ec:68:69:62:52:dd:94:b1:f6:00:ad:
60:29:b1:41:72:d2:d6:57:35:ce:5c:f6:8b:42:fd:
1c:b4:bd:b1:53:16:fe:20:a0:67:99:55:98:ae:cb:
cf:e5:76:e5:f4:a6:9b:f7:55:ff:24:cf:af:f6:3f:
ef:0e:b0:91:d4:b7:5c:d1:2f:83:c1:dc:be:dd:28:
3b:ef:06:4d:0a:c1:7b:ce:66:01:1a:e7:44:6b:b3:
57:cf:87:33:e6:3d:03:44:03:cb:42:82:47:f1:1f:
89:33:4c:58:ea:61:02:0a:6f:e8:30:73:cc:20:59:
4d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4D:25:20:1A:B7:83:53:79:32:A0:B9:81:8A:0A:1D:20:A2:6C:39
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1f4c05a2-29c9-4c9a-b1f4-d4185bbfa97c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:74:5b:b2:a7:63:02:1c:02:60:40:94:9b:f8:94:f4:28:38:
e7:62:8c:21:99:40:68:b8:b7:83:2a:bc:4d:2a:42:7d:60:00:
4a:00:fc:ac:8f:ab:75:1b:90:b8:b6:f4:ec:75:d6:ab:54:8c:
28:51:92:29:36:ff:6e:a7:7b:31:8b:a9:d3:b6:ea:02:1a:80:
75:7f:80:bc:c7:79:b0:0f:4b:53:01:9c:35:db:d4:11:1a:bf:
c6:4f:42:53:57:1c:c3:41:bd:1d:4e:e1:d1:7a:5b:e2:d3:58:
78:f7:0a:4b:13:1b:33:db:ec:6c:bc:b4:0e:1f:f3:32:64:26:
a6:53:77:a9:74:8f:66:e7:ee:61:ad:d2:24:c4:bf:c3:ad:8f:
6c:34:51:09:b7:08:af:e7:47:4e:c1:ca:5c:da:f6:87:40:c2:
80:56:e9:e1:72:96:1f:da:7a:05:c2:a6:60:af:e5:e3:f0:03:
f8:25:35:fa:4c:98:e0:71:ec:05:a8:2a:ad:7b:74:eb:01:fe:
7c:f6:31:86:d7:3f:2b:51:58:04:f8:7a:d3:21:cf:f3:87:14:
ef:29:ca:30:fc:fb:a3:38:55:91:8f:ad:0d:46:91:ae:cd:ca:
cd:31:02:cb:94:e8:00:65:27:c3:fd:1f:3f:80:07:aa:4a:25:
f4:e4:71:0a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULLhatTQFNHWgf5T3lANpZ0wEG2IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODA0MDAwMDAwWhcNMjMwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDJhOWM5YzQ3MzEzYTEzYTNmYTczYzA1NWZhOTUxNjdj
ZDAyNTk5YmE2ZDYyYzNkMTU1MDA0ZDNhYjYyMTRkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv6h23e4Mr7D+IbBV1FnRE9Z9l/sv2SzD0Au9716bbmqPi
adt50weHxamPs1luUPHe0JgxFPNPjW4fm4BMxImGCR+B6tlfUxNEdlrWuv3dEdyp
KcV94bhugR1apfWEPoCdkWS5vhBUYG0watBHF+L5S4D43eAhME1VpF8qwDRrJEUT
d5V+k35c0ofsaGliUt2UsfYArWApsUFy0tZXNc5c9otC/Ry0vbFTFv4goGeZVZiu
y8/lduX0ppv3Vf8kz6/2P+8OsJHUt1zRL4PB3L7dKDvvBk0KwXvOZgEa50Rrs1fP
hzPmPQNEA8tCgkfxH4kzTFjqYQIKb+gwc8wgWU2vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmU0lIBq3g1N5MqC5gYoKHSCibDkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzFmNGMwNWEyLTI5YzktNGM5YS1iMWY0LWQ0MTg1YmJmYTk3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAG50W7KnYwIcAmBAlJv4lPQoOOdi
jCGZQGi4t4MqvE0qQn1gAEoA/KyPq3UbkLi29Ox11qtUjChRkik2/26nezGLqdO2
6gIagHV/gLzHebAPS1MBnDXb1BEav8ZPQlNXHMNBvR1O4dF6W+LTWHj3CksTGzPb
7Gy8tA4f8zJkJqZTd6l0j2bn7mGt0iTEv8Otj2w0UQm3CK/nR07Bylza9odAwoBW
6eFylh/aegXCpmCv5ePwA/glNfpMmOBx7AWoKq17dOsB/nz2MYbXPytRWAT4etMh
z/OHFO8pyjD8+6M4VZGPrQ1Gka7Nys0xAsuU6ABlJ8P9Hz+AB6pKJfTkcQo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:39:31 2025 by rpki-client