Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2053ec03-d56e-4235-bf1e-9561227d281e.roa
File: 2053ec03-d56e-4235-bf1e-9561227d281e.roa (raw, json)
Hash identifier: AYoAe7Qeo3rbesAMOt140LwqUEMAz3yfCfd4cVYl2Mc=
Subject key identifier: E2:6F:4F:82:71:D4:55:5E:6C:54:29:00:BD:1D:FC:DC:BB:B0:B3:45
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 1A6A3DD012758EB2F107DDCE1787665A92F6DB2C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2053ec03-d56e-4235-bf1e-9561227d281e.roa
Signing time: Sun 24 Nov 2024 00:00:00 +0000
ROA not before: Sun 24 Nov 2024 00:00:00 +0000
ROA not after: Sun 29 Dec 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:6a:3d:d0:12:75:8e:b2:f1:07:dd:ce:17:87:66:5a:92:f6:db:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 24 00:00:00 2024 GMT
Not After : Dec 29 23:59:59 2024 GMT
Subject: serialNumber=93da95664ed3b01380971b0b97b97349baa9bc65de7b30106f5127023487c4e7, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:33:1b:00:a9:46:fe:0b:bb:ca:cc:ee:11:cc:
3f:90:b8:51:cd:80:7c:cb:d2:06:a8:d4:1d:db:74:
91:1f:60:eb:34:8c:b2:cf:0b:9e:48:25:52:77:f6:
22:ae:a2:e3:7f:f6:a8:cf:61:0d:bf:cc:47:05:a0:
d1:a3:ca:63:d7:f9:53:8c:84:0d:26:49:30:96:0b:
7a:58:38:86:b2:ae:5c:20:da:7c:b0:f8:77:d8:b2:
4d:a6:2a:8b:83:85:20:57:07:98:89:5f:c8:f2:cd:
7e:97:bc:e5:ca:a3:5e:db:fa:4d:58:49:ee:72:ed:
dd:c1:eb:61:43:2b:ac:06:98:ad:fd:4b:f1:03:81:
90:59:ac:41:12:4e:ce:e3:53:cb:6f:fa:bb:5c:7d:
7c:a1:4e:10:e6:69:9d:85:3a:54:82:2c:2e:f6:6f:
a9:64:38:6c:d4:1a:87:30:4b:23:94:82:47:b4:2d:
40:7e:65:2d:7c:0a:c3:ae:1d:20:7a:fa:1f:4a:5b:
6c:50:a1:14:e6:02:8e:06:ab:29:db:1f:65:1d:f6:
b0:86:67:19:ef:2c:95:92:88:14:d3:14:f8:59:80:
5c:ac:4d:96:93:f4:7f:ee:48:31:09:24:db:50:89:
75:5b:c4:f9:5b:71:33:b0:1a:cb:f7:03:f8:85:0d:
59:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6F:4F:82:71:D4:55:5E:6C:54:29:00:BD:1D:FC:DC:BB:B0:B3:45
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2053ec03-d56e-4235-bf1e-9561227d281e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c4:cc:f9:eb:1d:a3:e3:fa:44:92:5c:d7:85:8b:3f:61:22:
11:a8:2e:45:bf:95:3f:9b:0c:bb:2e:bd:ea:3a:31:ba:67:7a:
b2:31:d2:9f:12:cc:86:0d:5c:4c:2b:53:ef:20:48:e5:84:c8:
c1:58:60:cb:5c:ed:60:5b:c1:40:df:02:dc:b5:51:79:4f:31:
1a:fd:93:68:b1:50:ed:b5:81:41:a2:3e:fa:32:d9:f8:bf:58:
9b:61:bb:4d:6f:56:a4:c1:78:82:60:8c:45:a0:16:3c:12:47:
56:fb:c2:f1:d7:74:4c:7b:c2:94:e6:14:47:4c:f0:d3:e8:ec:
82:b8:ce:ac:79:23:f9:01:ba:cc:b7:8c:29:43:c1:0f:3c:86:
f8:3b:0a:5b:72:00:0f:ed:71:b4:c9:60:27:7c:6e:85:e5:00:
a1:07:c8:3d:55:26:f7:d7:89:8d:b0:70:78:d0:08:43:69:34:
72:81:ab:d8:75:e8:26:13:68:42:de:2b:a8:c8:34:fe:18:bc:
66:74:84:ba:c0:7e:ec:36:e3:b6:a9:31:ee:f6:83:dc:d3:9a:
48:29:a5:57:da:5b:9f:7a:e7:83:f5:25:60:0d:45:e4:15:90:
5a:96:ed:53:36:4f:65:9f:d2:e3:ff:1c:14:94:e6:6d:dd:15:
3d:ff:4b:d9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGmo90BJ1jrLxB93OF4dmWpL22ywwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTI0MDAwMDAwWhcNMjQxMjI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5M2RhOTU2NjRlZDNiMDEzODA5NzFiMGI5N2I5NzM0OWJh
YTliYzY1ZGU3YjMwMTA2ZjUxMjcwMjM0ODdjNGU3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhMxsAqUb+C7vKzO4RzD+QuFHNgHzL0gao1B3bdJEfYOs0
jLLPC55IJVJ39iKuouN/9qjPYQ2/zEcFoNGjymPX+VOMhA0mSTCWC3pYOIayrlwg
2nyw+HfYsk2mKouDhSBXB5iJX8jyzX6XvOXKo17b+k1YSe5y7d3B62FDK6wGmK39
S/EDgZBZrEESTs7jU8tv+rtcfXyhThDmaZ2FOlSCLC72b6lkOGzUGocwSyOUgke0
LUB+ZS18CsOuHSB6+h9KW2xQoRTmAo4GqynbH2Ud9rCGZxnvLJWSiBTTFPhZgFys
TZaT9H/uSDEJJNtQiXVbxPlbcTOwGsv3A/iFDVkjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4m9PgnHUVV5sVCkAvR383Luws0UwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIwNTNlYzAzLWQ1NmUtNDIzNS1iZjFlLTk1NjEyMjdkMjgxZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGDEzPnrHaPj+kSSXNeFiz9hIhGo
LkW/lT+bDLsuveo6MbpnerIx0p8SzIYNXEwrU+8gSOWEyMFYYMtc7WBbwUDfAty1
UXlPMRr9k2ixUO21gUGiPvoy2fi/WJthu01vVqTBeIJgjEWgFjwSR1b7wvHXdEx7
wpTmFEdM8NPo7IK4zqx5I/kBusy3jClDwQ88hvg7CltyAA/tcbTJYCd8boXlAKEH
yD1VJvfXiY2wcHjQCENpNHKBq9h16CYTaELeK6jINP4YvGZ0hLrAfuw247apMe72
g9zTmkgppVfaW59654P1JWANReQVkFqW7VM2T2Wf0uP/HBSU5m3dFT3/S9k=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:05:25 2025 by rpki-client