Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20c954e9-863a-4131-a899-da400738f2f4.roa
File: 20c954e9-863a-4131-a899-da400738f2f4.roa (raw, json)
Hash identifier: hdNojSHuClG0Z6wIs86Zrent11N5uH/Nb/YDFWL3/08=
Subject key identifier: 1A:87:53:95:32:BB:C8:6B:E9:B4:04:11:EE:43:B1:9A:1C:7B:AA:21
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0CD5F5BE4DCA2F0ACE521619BE62AC3335C5B3C3
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20c954e9-863a-4131-a899-da400738f2f4.roa
Signing time: Sat 01 Jun 2024 00:00:00 +0000
ROA not before: Sat 01 Jun 2024 00:00:00 +0000
ROA not after: Sat 06 Jul 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:d5:f5:be:4d:ca:2f:0a:ce:52:16:19:be:62:ac:33:35:c5:b3:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 1 00:00:00 2024 GMT
Not After : Jul 6 23:59:59 2024 GMT
Subject: serialNumber=11f6f19a7fb90b9a3c7797960f3c7c0b346d167bb8c0778260973a2ae53647b4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:00:6a:65:dc:9c:46:7e:5a:32:55:39:26:5f:
09:27:18:60:1f:6c:b0:b3:94:91:42:16:48:0d:3e:
c6:cf:0c:64:ce:51:95:ed:26:eb:cc:9d:20:aa:44:
ca:d4:c9:38:86:ed:30:00:f2:48:59:c1:0b:7e:e9:
d3:7f:12:d0:c3:06:09:36:94:5d:14:ee:03:86:2e:
26:26:bf:a7:8e:96:2d:13:1a:e9:c0:3b:0f:f1:9c:
ab:3b:65:25:79:1f:20:19:ee:82:3d:a1:f5:a5:72:
96:be:f2:12:56:01:15:31:75:37:ba:31:bf:70:3a:
38:0d:37:ef:4a:32:60:2b:fb:3e:8f:41:b6:12:a4:
f3:05:2a:ce:99:2d:4e:99:00:59:75:ff:65:94:8d:
2c:5e:1d:a0:43:f9:e6:8a:b8:13:85:70:9c:f6:e6:
32:29:cc:e4:06:42:d5:4c:de:05:21:56:52:81:f7:
d5:7f:d1:d1:4c:55:35:80:ec:ab:7e:3d:bc:fe:07:
48:4d:c4:ae:4f:bb:ba:a4:1a:c9:66:3d:91:4b:aa:
37:81:a3:8b:9c:ba:90:16:d7:c7:6a:5a:94:23:c6:
82:a1:fa:ce:fd:c0:84:20:e1:f7:08:41:e7:bc:e4:
0b:2a:65:13:82:ac:69:89:8c:63:2c:9b:eb:90:b7:
78:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:87:53:95:32:BB:C8:6B:E9:B4:04:11:EE:43:B1:9A:1C:7B:AA:21
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20c954e9-863a-4131-a899-da400738f2f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:27:e4:0d:da:b8:3a:dd:b1:8b:cf:6a:19:5f:9a:9f:30:45:
32:02:a6:f1:29:60:7d:b0:41:f4:cc:69:5e:6a:29:3e:db:82:
a7:3d:24:56:de:2e:e5:84:4a:77:b0:db:cd:73:1a:58:26:bb:
54:7c:59:ff:c6:79:83:50:bf:38:12:bc:d3:cf:c9:ef:52:c8:
cc:67:91:4e:fa:60:5c:4f:34:40:54:95:7e:7a:e0:43:59:4a:
1f:f7:3d:2a:6e:66:62:51:65:30:23:15:e3:d8:61:d0:6a:03:
e1:9d:7d:71:60:17:47:ad:1b:13:0b:64:89:3b:c7:69:22:d0:
e5:66:68:ef:c6:d0:fc:7a:38:3e:8d:93:be:01:9b:63:82:02:
6c:98:8c:ad:5e:24:f2:c9:b5:22:c8:35:cb:4a:b1:ad:7d:7c:
e3:31:76:3f:60:ba:7c:45:9a:e2:89:7c:24:78:c8:63:93:98:
71:f8:75:d8:87:7a:52:42:33:7f:c5:a9:df:29:e1:fc:84:8d:
3a:03:3d:53:9b:cb:fe:f4:2e:48:2d:5b:8d:16:cc:11:ac:d5:
87:0c:07:a9:05:6c:41:34:f5:f7:13:5f:6c:af:f3:7f:e9:8d:
41:0f:5a:b6:f3:1e:5a:3a:c7:f1:f1:5a:f5:ea:f5:d0:d8:f7:
a4:08:0f:5a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDNX1vk3KLwrOUhYZvmKsMzXFs8MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjAxMDAwMDAwWhcNMjQwNzA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMWY2ZjE5YTdmYjkwYjlhM2M3Nzk3OTYwZjNjN2MwYjM0
NmQxNjdiYjhjMDc3ODI2MDk3M2EyYWU1MzY0N2I0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQAGpl3JxGfloyVTkmXwknGGAfbLCzlJFCFkgNPsbPDGTO
UZXtJuvMnSCqRMrUyTiG7TAA8khZwQt+6dN/EtDDBgk2lF0U7gOGLiYmv6eOli0T
GunAOw/xnKs7ZSV5HyAZ7oI9ofWlcpa+8hJWARUxdTe6Mb9wOjgNN+9KMmAr+z6P
QbYSpPMFKs6ZLU6ZAFl1/2WUjSxeHaBD+eaKuBOFcJz25jIpzOQGQtVM3gUhVlKB
99V/0dFMVTWA7Kt+Pbz+B0hNxK5Pu7qkGslmPZFLqjeBo4ucupAW18dqWpQjxoKh
+s79wIQg4fcIQee85AsqZROCrGmJjGMsm+uQt3jtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGodTlTK7yGvptAQR7kOxmhx7qiEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIwYzk1NGU5LTg2M2EtNDEzMS1hODk5LWRhNDAwNzM4ZjJmNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD0n5A3auDrdsYvPahlfmp8wRTIC
pvEpYH2wQfTMaV5qKT7bgqc9JFbeLuWESnew281zGlgmu1R8Wf/GeYNQvzgSvNPP
ye9SyMxnkU76YFxPNEBUlX564ENZSh/3PSpuZmJRZTAjFePYYdBqA+GdfXFgF0et
GxMLZIk7x2ki0OVmaO/G0Px6OD6Nk74Bm2OCAmyYjK1eJPLJtSLINctKsa19fOMx
dj9gunxFmuKJfCR4yGOTmHH4ddiHelJCM3/Fqd8p4fyEjToDPVOby/70LkgtW40W
zBGs1YcMB6kFbEE09fcTX2yv83/pjUEPWrbzHlo6x/HxWvXq9dDY96QID1o=
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:16:26 2025 by rpki-client