Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25e3f847-3573-4941-9e7d-21f6353d6a97.roa
File: 25e3f847-3573-4941-9e7d-21f6353d6a97.roa (raw, json)
Hash identifier: PE7+NKgrNDhpByWipA7kLyMLrHVwQruRXaET21bBNxA=
Subject key identifier: D4:F4:6C:FE:25:79:A5:59:88:A5:7A:16:E0:F1:29:22:5E:29:7C:92
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0DC8759758F67A1FBE2260A322E7CD18A19540AC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25e3f847-3573-4941-9e7d-21f6353d6a97.roa
Signing time: Tue 11 Feb 2025 00:00:00 +0000
ROA not before: Tue 11 Feb 2025 00:00:00 +0000
ROA not after: Tue 18 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:c8:75:97:58:f6:7a:1f:be:22:60:a3:22:e7:cd:18:a1:95:40:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 11 00:00:00 2025 GMT
Not After : Mar 18 23:59:59 2025 GMT
Subject: serialNumber=298fc4c342f705e4c702c790547697d68128e57a2b79327ac3a08cd8de5f036d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:49:53:8a:aa:58:ee:d2:16:41:d0:83:f5:be:
e7:44:11:3d:9d:35:73:ca:d4:0c:51:6b:66:55:61:
ea:2f:6c:92:eb:c9:56:aa:f0:f9:dd:c0:11:d3:c2:
5f:5f:b9:73:75:e4:6d:7a:ba:6f:3a:f3:8a:58:fd:
52:86:ac:56:f2:c5:72:6f:99:b1:5b:5d:af:33:91:
be:33:e0:43:57:fd:f5:3b:d9:5d:6d:4e:54:12:a2:
2d:1e:92:56:6e:1a:14:7f:f6:b0:32:ce:3a:ee:13:
8c:a8:4c:66:e4:b4:08:40:30:12:ec:c3:bb:14:1d:
b6:93:2d:fa:2f:c2:70:76:7e:0f:87:ee:92:5b:a5:
4d:59:eb:36:5c:a3:c9:e1:7d:44:b8:95:3c:d6:2b:
c7:ff:07:42:a5:67:21:74:49:8c:47:2f:8c:80:84:
6d:7a:df:69:ca:d3:e3:2a:07:33:3a:fd:cc:34:c1:
b9:87:20:7f:8f:54:c3:1a:e5:88:02:43:e7:51:af:
79:8a:c4:d2:e4:8e:af:ff:42:45:f2:1a:95:49:d3:
2a:91:09:18:73:8b:93:b6:4e:ba:53:6c:97:ac:6f:
2f:f0:b2:70:62:88:ab:ed:16:3c:45:43:ff:ce:10:
ac:09:f7:d3:d7:d8:b7:ee:21:3a:97:59:59:b2:07:
bf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F4:6C:FE:25:79:A5:59:88:A5:7A:16:E0:F1:29:22:5E:29:7C:92
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25e3f847-3573-4941-9e7d-21f6353d6a97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
12:7b:52:36:9e:c0:83:17:91:c4:d0:1a:7b:0f:6b:b8:f3:9f:
b1:88:b6:50:cd:53:ef:01:5b:26:59:40:7b:9e:9e:9c:cd:f8:
4d:3a:02:dd:9c:01:f5:50:39:1b:5f:6c:3f:45:b9:85:fc:96:
e6:ae:63:5d:7d:77:2d:23:04:b0:1a:d0:04:37:af:21:a4:4c:
d7:55:8c:aa:a5:3b:b2:df:69:8f:fe:17:23:a3:1d:f9:45:e4:
48:47:e3:a2:e6:df:d6:b9:10:93:14:94:fe:7d:00:02:f0:b3:
4d:1d:19:7b:4c:40:b4:e9:52:81:c2:85:be:8b:08:ec:10:15:
d9:43:53:2e:1d:c0:f6:3c:37:a6:e0:70:cb:79:a1:5b:0f:06:
4d:61:a8:77:dc:a0:15:fd:78:67:06:8a:ea:c5:19:e1:45:21:
5e:47:ed:6c:66:4c:26:8a:f6:e7:db:03:35:3e:c3:61:10:76:
bd:ff:e3:d9:70:65:2f:f8:04:87:2e:59:60:06:ad:04:fb:38:
c6:b4:b0:6d:64:67:f6:5b:0a:51:b1:9c:ba:3b:75:76:79:e1:
29:33:f3:77:a6:10:a9:79:6b:5b:e4:db:55:b7:80:8f:f9:e9:
d6:92:53:73:a7:b3:a9:ef:c7:5a:b5:2c:bb:3b:33:61:4c:7e:
4d:03:f4:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDch1l1j2eh++ImCjIufNGKGVQKwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjExMDAwMDAwWhcNMjUwMzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyOThmYzRjMzQyZjcwNWU0YzcwMmM3OTA1NDc2OTdkNjgx
MjhlNTdhMmI3OTMyN2FjM2EwOGNkOGRlNWYwMzZkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFSVOKqlju0hZB0IP1vudEET2dNXPK1AxRa2ZVYeovbJLr
yVaq8PndwBHTwl9fuXN15G16um8684pY/VKGrFbyxXJvmbFbXa8zkb4z4ENX/fU7
2V1tTlQSoi0eklZuGhR/9rAyzjruE4yoTGbktAhAMBLsw7sUHbaTLfovwnB2fg+H
7pJbpU1Z6zZco8nhfUS4lTzWK8f/B0KlZyF0SYxHL4yAhG1632nK0+MqBzM6/cw0
wbmHIH+PVMMa5YgCQ+dRr3mKxNLkjq//QkXyGpVJ0yqRCRhzi5O2TrpTbJesby/w
snBiiKvtFjxFQ//OEKwJ99PX2LfuITqXWVmyB7+VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1PRs/iV5pVmIpXoW4PEpIl4pfJIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI1ZTNmODQ3LTM1NzMtNDk0MS05ZTdkLTIxZjYzNTNkNmE5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABJ7UjaewIMXkcTQGnsPa7jzn7GI
tlDNU+8BWyZZQHuenpzN+E06At2cAfVQORtfbD9FuYX8luauY119dy0jBLAa0AQ3
ryGkTNdVjKqlO7LfaY/+FyOjHflF5EhH46Lm39a5EJMUlP59AALws00dGXtMQLTp
UoHChb6LCOwQFdlDUy4dwPY8N6bgcMt5oVsPBk1hqHfcoBX9eGcGiurFGeFFIV5H
7WxmTCaK9ufbAzU+w2EQdr3/49lwZS/4BIcuWWAGrQT7OMa0sG1kZ/ZbClGxnLo7
dXZ54Skz83emEKl5a1vk21W3gI/56daSU3Ons6nvx1q1LLs7M2FMfk0D9Ic=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:35:56 2025 by rpki-client