Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20783035-99fd-4f8b-b287-4e58554b81c9.roa
File: 20783035-99fd-4f8b-b287-4e58554b81c9.roa (raw, json)
Hash identifier: e44hFuiSFSKuWYUj4sUoNunK/DOxFF9koaeWQEAXV5Y=
Subject key identifier: EA:3A:81:0A:69:3F:25:62:AD:15:04:AA:6A:E8:F1:52:F2:1F:82:0D
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2C79A9E15B91448D905464886F1363E7E1547980
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20783035-99fd-4f8b-b287-4e58554b81c9.roa
Signing time: Wed 15 Nov 2023 00:00:00 +0000
ROA not before: Wed 15 Nov 2023 00:00:00 +0000
ROA not after: Wed 20 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:79:a9:e1:5b:91:44:8d:90:54:64:88:6f:13:63:e7:e1:54:79:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 15 00:00:00 2023 GMT
Not After : Dec 20 23:59:59 2023 GMT
Subject: serialNumber=deac2e0eb4d04a8baeecf49c53c2be45bc0363c87b75d21c5f3d619938465209, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ac:e2:f2:21:23:61:67:ad:8f:0b:08:36:bc:
c7:1e:17:11:02:57:14:a5:d7:e7:13:b9:0c:1d:ad:
92:43:52:a8:9e:f9:77:f7:e9:e3:8e:c8:33:f0:5c:
ef:c5:f9:85:94:e0:7c:fa:6d:79:c4:a4:d0:c5:9a:
4c:b9:5b:a6:7c:fe:a3:84:83:9d:9c:fa:9d:b9:00:
d6:59:bc:84:2c:72:1a:57:9d:af:22:4f:75:92:6e:
bb:5b:4b:1f:32:6a:01:5d:a1:44:ff:ea:af:65:dd:
c5:43:e6:da:ff:68:22:b3:12:35:e6:27:93:29:36:
8e:93:ec:d1:a5:48:85:12:8d:c9:0a:b7:6c:24:87:
2a:db:53:ff:2a:7a:aa:3a:4a:f6:ac:dc:d5:f0:e4:
b7:73:36:dd:7e:5b:b6:5d:25:34:cc:c3:86:60:9c:
17:c2:d6:08:c4:eb:dc:85:32:b0:c3:7b:e9:c4:f8:
67:5b:b9:15:9e:81:41:46:1a:49:1b:a0:0b:b0:92:
9c:a4:b2:8f:fe:97:dc:f3:12:d9:ad:10:66:7e:50:
c8:e8:0c:d1:6f:f1:cc:26:1b:5b:3f:1b:10:d9:63:
5a:30:4e:b8:fe:59:e0:17:4e:8b:e0:9c:70:d4:dd:
87:85:58:81:0a:31:24:47:e1:63:e9:00:e9:3d:53:
e6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3A:81:0A:69:3F:25:62:AD:15:04:AA:6A:E8:F1:52:F2:1F:82:0D
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20783035-99fd-4f8b-b287-4e58554b81c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
42:28:ce:00:15:25:bb:62:eb:a2:1c:1d:57:5a:33:62:bc:fa:
4f:0a:97:1c:4b:e9:a2:93:28:18:76:63:46:c3:b9:e6:ad:d5:
81:a8:77:13:fc:b0:ea:b2:03:ce:da:97:be:18:41:82:79:1c:
26:56:c5:4f:45:86:dd:b7:bf:ec:5f:53:fa:fd:21:d7:f2:69:
3c:49:53:7f:f3:bd:75:b1:0b:fc:54:a4:30:36:60:95:9c:7a:
14:67:5e:86:04:b9:da:b6:43:85:6e:e1:7a:33:9d:8c:cb:23:
ae:b4:6d:1d:bf:fc:b7:12:88:7f:59:28:63:ee:ff:77:56:27:
16:60:d4:28:9f:a8:21:e4:0f:68:b9:db:32:53:28:fc:5b:27:
d9:6e:a2:e4:32:e3:cc:5e:26:b5:44:f4:6d:05:34:7b:f5:ff:
6f:ae:b1:5e:7c:11:20:96:3c:8e:2f:d8:12:65:33:15:c4:7e:
3d:d0:4a:49:46:a0:3d:fc:4d:76:0c:c1:56:46:ab:04:41:3f:
87:2e:3e:26:0d:0f:90:90:1e:8b:a6:8a:74:0c:38:c5:72:78:
60:72:00:0a:3f:7c:3d:a8:b1:10:7b:62:cb:89:08:6a:1a:e7:
4e:5c:7b:ea:7b:0b:c3:18:27:cc:69:33:2b:38:f9:62:9b:99:
69:15:50:9b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULHmp4VuRRI2QVGSIbxNj5+FUeYAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTE1MDAwMDAwWhcNMjMxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZWFjMmUwZWI0ZDA0YThiYWVlY2Y0OWM1M2MyYmU0NWJj
MDM2M2M4N2I3NWQyMWM1ZjNkNjE5OTM4NDY1MjA5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkrOLyISNhZ62PCwg2vMceFxECVxSl1+cTuQwdrZJDUqie
+Xf36eOOyDPwXO/F+YWU4Hz6bXnEpNDFmky5W6Z8/qOEg52c+p25ANZZvIQschpX
na8iT3WSbrtbSx8yagFdoUT/6q9l3cVD5tr/aCKzEjXmJ5MpNo6T7NGlSIUSjckK
t2wkhyrbU/8qeqo6Svas3NXw5LdzNt1+W7ZdJTTMw4ZgnBfC1gjE69yFMrDDe+nE
+GdbuRWegUFGGkkboAuwkpykso/+l9zzEtmtEGZ+UMjoDNFv8cwmG1s/GxDZY1ow
Trj+WeAXTovgnHDU3YeFWIEKMSRH4WPpAOk9U+Z3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6jqBCmk/JWKtFQSqaujxUvIfgg0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIwNzgzMDM1LTk5ZmQtNGY4Yi1iMjg3LTRlNTg1NTRiODFjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEIozgAVJbti66IcHVdaM2K8+k8K
lxxL6aKTKBh2Y0bDueat1YGodxP8sOqyA87al74YQYJ5HCZWxU9Fht23v+xfU/r9
IdfyaTxJU3/zvXWxC/xUpDA2YJWcehRnXoYEudq2Q4Vu4XoznYzLI660bR2//LcS
iH9ZKGPu/3dWJxZg1CifqCHkD2i52zJTKPxbJ9luouQy48xeJrVE9G0FNHv1/2+u
sV58ESCWPI4v2BJlMxXEfj3QSklGoD38TXYMwVZGqwRBP4cuPiYND5CQHouminQM
OMVyeGByAAo/fD2osRB7YsuJCGoa505ce+p7C8MYJ8xpMys4+WKbmWkVUJs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:15:42 2025 by rpki-client