Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/227c2a69-14b6-4ec9-811d-2f979e94afd8.roa
File: 227c2a69-14b6-4ec9-811d-2f979e94afd8.roa (raw, json)
Hash identifier: ls0uOFsTq2E2AgbvqGsBvSJTv+vWWT5UaZT6R1OabF4=
Subject key identifier: 07:8D:7E:96:02:43:A5:67:50:17:13:81:5D:73:57:16:02:5E:45:5F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3ECCFC9F0705761C54AF7EA15ED5526B9FA56B22
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/227c2a69-14b6-4ec9-811d-2f979e94afd8.roa
Signing time: Sun 19 Jan 2025 00:00:00 +0000
ROA not before: Sun 19 Jan 2025 00:00:00 +0000
ROA not after: Sun 23 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:cc:fc:9f:07:05:76:1c:54:af:7e:a1:5e:d5:52:6b:9f:a5:6b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 19 00:00:00 2025 GMT
Not After : Feb 23 23:59:59 2025 GMT
Subject: serialNumber=0cbb828c629cd69d98dcf1f9615274edbc99b25fc807adfdd6c2b6a1a7f99043, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:3a:6c:f8:9f:f7:7d:2d:fc:63:1b:73:95:
6c:96:8f:f4:8a:99:40:37:b9:7e:96:b7:09:f2:4d:
93:91:68:92:6b:a4:1f:e9:d2:3c:7f:ae:20:76:f7:
cf:ae:70:ee:17:82:0a:c4:9f:8d:b0:14:f5:c0:9e:
17:0b:57:7b:45:2f:4d:0c:24:d5:55:af:8b:7d:7e:
24:4e:ce:7b:49:98:2b:f1:5e:45:e3:f8:ba:dd:1a:
79:1e:66:11:8a:d6:3b:1c:de:59:fd:fc:23:b7:78:
1d:4f:0a:0a:40:1e:31:df:1e:58:03:87:50:b8:7e:
4b:62:06:8e:5b:8c:9d:0a:07:fb:c1:32:53:c9:ad:
e4:32:28:51:39:0b:5a:2f:44:5f:a9:85:29:fb:2b:
02:4c:c6:51:cf:8e:66:a9:be:3f:83:1c:26:64:fe:
7f:db:b3:00:4d:8f:23:bf:f0:96:b9:83:3d:ed:58:
d7:c1:f9:eb:1a:30:03:be:ce:77:9b:9d:3d:a8:49:
87:a8:36:b5:ae:6e:5d:d6:51:24:a5:12:0f:41:38:
1e:36:ad:f5:71:eb:57:4d:fe:34:50:e4:5a:10:06:
84:84:28:be:12:06:ca:e0:05:bc:8d:a8:8d:c7:93:
c1:f1:08:51:18:1d:97:0a:ce:88:18:e0:2b:02:71:
f1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8D:7E:96:02:43:A5:67:50:17:13:81:5D:73:57:16:02:5E:45:5F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/227c2a69-14b6-4ec9-811d-2f979e94afd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
23:8e:38:11:87:0b:11:d7:c9:b1:14:97:8d:b3:e6:6d:e2:da:
e3:3d:8a:0d:7f:00:74:22:c7:64:31:97:b2:6e:cf:fc:e8:92:
76:d1:0b:b3:92:ee:39:a9:b0:09:61:ad:06:c8:16:65:d7:4b:
12:3e:83:08:52:36:0a:77:ad:22:40:af:a6:7f:45:78:e0:e5:
cb:e5:f2:07:e8:b2:49:78:8d:7b:af:7f:bb:cb:3f:83:f9:58:
e2:87:15:51:bb:ff:8f:7a:e7:93:47:98:46:d0:c2:f9:bd:0d:
30:ce:db:6a:bd:86:a1:d8:b9:54:4d:f2:1d:73:9e:a1:76:a1:
10:22:98:0a:63:fb:f4:8d:39:7b:6e:b4:08:a5:58:c3:cf:30:
78:59:c3:35:72:76:bb:de:8e:5c:ed:24:29:5e:a4:a8:93:93:
c0:3b:e7:36:bd:52:da:0f:26:3d:ae:2a:a6:3f:ba:bc:ee:08:
00:d3:1f:1a:25:6c:92:37:4d:47:38:c6:b5:6c:67:a4:15:a9:
14:43:b7:0a:45:29:db:6b:85:fd:8a:d7:86:1f:d0:8f:23:36:
fa:5d:7a:42:94:a8:60:3b:1f:53:24:2a:5e:23:26:d9:be:4f:
5f:0d:97:d0:f5:33:66:46:cf:40:ef:54:50:17:2d:ab:e8:9f:
76:c2:ef:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPsz8nwcFdhxUr36hXtVSa5+layIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMTE5MDAwMDAwWhcNMjUwMjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwY2JiODI4YzYyOWNkNjlkOThkY2YxZjk2MTUyNzRlZGJj
OTliMjVmYzgwN2FkZmRkNmMyYjZhMWE3Zjk5MDQzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3iTps+J/3fS38YxtzlWyWj/SKmUA3uX6WtwnyTZORaJJr
pB/p0jx/riB298+ucO4XggrEn42wFPXAnhcLV3tFL00MJNVVr4t9fiROzntJmCvx
XkXj+LrdGnkeZhGK1jsc3ln9/CO3eB1PCgpAHjHfHlgDh1C4fktiBo5bjJ0KB/vB
MlPJreQyKFE5C1ovRF+phSn7KwJMxlHPjmapvj+DHCZk/n/bswBNjyO/8Ja5gz3t
WNfB+esaMAO+znebnT2oSYeoNrWubl3WUSSlEg9BOB42rfVx61dN/jRQ5FoQBoSE
KL4SBsrgBbyNqI3Hk8HxCFEYHZcKzogY4CsCcfHLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUB41+lgJDpWdQFxOBXXNXFgJeRV8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIyN2MyYTY5LTE0YjYtNGVjOS04MTFkLTJmOTc5ZTk0YWZkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACOOOBGHCxHXybEUl42z5m3i2uM9
ig1/AHQix2Qxl7Juz/zoknbRC7OS7jmpsAlhrQbIFmXXSxI+gwhSNgp3rSJAr6Z/
RXjg5cvl8gfoskl4jXuvf7vLP4P5WOKHFVG7/49655NHmEbQwvm9DTDO22q9hqHY
uVRN8h1znqF2oRAimApj+/SNOXtutAilWMPPMHhZwzVydrvejlztJClepKiTk8A7
5za9UtoPJj2uKqY/urzuCADTHxolbJI3TUc4xrVsZ6QVqRRDtwpFKdtrhf2K14Yf
0I8jNvpdekKUqGA7H1MkKl4jJtm+T18Nl9D1M2ZGz0DvVFAXLavon3bC7wI=
-----END CERTIFICATE-----
Generated at Mon Jun 16 17:45:19 2025 by rpki-client