Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/27a7e27a-fe1d-406e-b313-e8edc67668c7.roa
File: 27a7e27a-fe1d-406e-b313-e8edc67668c7.roa (raw, json)
Hash identifier: RmiDUrIpFH6dunB888ysQt8zcpawXhFTZB64ukP0GiQ=
Subject key identifier: 50:EB:2A:A3:CB:05:8F:6A:2A:18:A8:C7:72:4C:98:94:32:5C:36:B5
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3B0F32D83BD3041AD1A94CF9DC73D629F02F74E4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/27a7e27a-fe1d-406e-b313-e8edc67668c7.roa
Signing time: Thu 17 Oct 2024 00:00:00 +0000
ROA not before: Thu 17 Oct 2024 00:00:00 +0000
ROA not after: Thu 21 Nov 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:0f:32:d8:3b:d3:04:1a:d1:a9:4c:f9:dc:73:d6:29:f0:2f:74:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 17 00:00:00 2024 GMT
Not After : Nov 21 23:59:59 2024 GMT
Subject: serialNumber=eab73a8852fc0c2a9100831e5da1afbabab87d62979db3b8714ceb4d7e22ed1c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:01:d0:42:bc:fe:c7:ff:0e:18:b9:03:f9:
5e:38:49:4c:3e:63:34:f1:ae:12:c3:21:8f:bc:db:
aa:78:3e:84:ba:e8:42:c2:a8:6d:cf:be:ac:84:64:
fa:5c:29:a5:5a:8b:c9:92:dc:e3:d9:00:f8:36:a5:
7f:f3:cf:3b:16:10:60:6e:3f:b7:32:d7:fd:98:85:
1b:8d:bf:72:63:d9:7d:1e:96:f2:e0:f0:6e:63:b1:
c9:53:8e:e0:9a:ec:fa:02:10:e3:1b:67:50:39:7d:
d7:f7:bf:70:3f:1f:4b:fe:74:4c:29:30:64:bc:11:
3d:4d:c3:35:28:8e:fb:40:a6:92:c5:5b:44:f5:1b:
01:5f:4b:f8:64:2e:61:04:47:5f:eb:25:76:37:b0:
08:d3:cf:08:81:c1:20:74:b6:7b:49:d9:38:7a:b6:
df:7d:18:72:67:a1:7b:df:96:b6:d0:83:a6:f0:cb:
68:3e:40:65:6d:a0:4d:6d:e5:5f:14:0e:a4:70:96:
e6:1f:1f:ac:22:79:35:61:dd:91:75:3d:7e:83:be:
06:3d:cd:fe:6c:8b:51:a4:70:4e:67:fb:f8:38:25:
1f:d4:3f:c4:f9:aa:0a:56:ba:ac:ef:d5:65:46:8e:
f5:90:6d:d5:11:e3:65:e0:df:a5:4b:84:9d:bb:55:
81:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EB:2A:A3:CB:05:8F:6A:2A:18:A8:C7:72:4C:98:94:32:5C:36:B5
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/27a7e27a-fe1d-406e-b313-e8edc67668c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a6:15:1b:a4:93:39:8d:ce:16:85:4b:2b:36:12:08:07:0c:
30:ef:09:b4:20:d0:55:a8:3b:5f:e7:44:2f:c8:b8:91:eb:51:
c9:52:59:42:7d:7c:28:de:65:06:37:29:62:9d:72:3a:dc:0c:
bf:0a:4a:c9:72:a7:c4:c2:1a:53:96:ee:e2:0d:af:9b:5d:81:
d0:3a:0e:f7:af:ea:b1:fa:ef:d0:8a:6c:bd:56:7b:34:7e:d6:
fe:50:17:2c:52:59:6f:4b:b0:1a:26:66:9a:f2:54:b7:0b:c5:
0a:a6:98:a1:5c:78:fe:68:92:1b:ef:07:c1:c5:57:6b:a9:30:
37:ba:7a:04:ff:2b:53:2b:6d:4c:68:4b:db:a2:bd:7f:f1:dc:
e1:01:e3:af:01:81:47:61:65:58:09:89:00:a7:c5:78:83:f6:
ab:15:6e:22:06:d6:22:3d:39:75:3f:59:12:1b:eb:c4:c1:f9:
ba:66:de:94:8d:43:b8:d6:15:cd:7c:19:6a:00:b0:4d:33:b2:
29:62:90:b6:c4:fe:cb:d7:8c:c2:21:04:bc:b6:74:e6:32:b3:
ba:12:99:95:63:e8:b8:89:67:8f:88:cf:14:2f:2a:84:2f:7e:
d3:4a:42:f7:9d:30:d2:e2:a7:c0:fa:7e:dd:f6:af:1a:36:33:
22:d7:40:bc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOw8y2DvTBBrRqUz53HPWKfAvdOQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDE3MDAwMDAwWhcNMjQxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWI3M2E4ODUyZmMwYzJhOTEwMDgzMWU1ZGExYWZiYWJh
Yjg3ZDYyOTc5ZGIzYjg3MTRjZWI0ZDdlMjJlZDFjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYBAHQQrz+x/8OGLkD+V44SUw+YzTxrhLDIY+826p4PoS6
6ELCqG3PvqyEZPpcKaVai8mS3OPZAPg2pX/zzzsWEGBuP7cy1/2YhRuNv3Jj2X0e
lvLg8G5jsclTjuCa7PoCEOMbZ1A5fdf3v3A/H0v+dEwpMGS8ET1NwzUojvtAppLF
W0T1GwFfS/hkLmEER1/rJXY3sAjTzwiBwSB0tntJ2Th6tt99GHJnoXvflrbQg6bw
y2g+QGVtoE1t5V8UDqRwluYfH6wieTVh3ZF1PX6DvgY9zf5si1GkcE5n+/g4JR/U
P8T5qgpWuqzv1WVGjvWQbdUR42Xg36VLhJ27VYHdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUOsqo8sFj2oqGKjHckyYlDJcNrUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI3YTdlMjdhLWZlMWQtNDA2ZS1iMzEzLWU4ZWRjNjc2NjhjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJSmFRukkzmNzhaFSys2EggHDDDv
CbQg0FWoO1/nRC/IuJHrUclSWUJ9fCjeZQY3KWKdcjrcDL8KSslyp8TCGlOW7uIN
r5tdgdA6Dvev6rH679CKbL1WezR+1v5QFyxSWW9LsBomZpryVLcLxQqmmKFceP5o
khvvB8HFV2upMDe6egT/K1MrbUxoS9uivX/x3OEB468BgUdhZVgJiQCnxXiD9qsV
biIG1iI9OXU/WRIb68TB+bpm3pSNQ7jWFc18GWoAsE0zsilikLbE/svXjMIhBLy2
dOYys7oSmZVj6LiJZ4+IzxQvKoQvftNKQvedMNLip8D6ft32rxo2MyLXQLw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:09:23 2025 by rpki-client