Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/286c0443-2fd0-492e-a7fc-799699438313.roa
File: 286c0443-2fd0-492e-a7fc-799699438313.roa (raw, json)
Hash identifier: QEdJwDjr4nCdQ1YvqcqNuQ9LFtcpu+3HrGd8NIQYi7M=
Subject key identifier: 4D:B0:5A:14:93:D9:D8:30:5A:60:3E:5E:4C:08:D1:A2:23:87:16:81
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3E23E294350E39ACBE88CC12DDE6F2792EE5754E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/286c0443-2fd0-492e-a7fc-799699438313.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:23:e2:94:35:0e:39:ac:be:88:cc:12:dd:e6:f2:79:2e:e5:75:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: serialNumber=76c4cd2bbf8a060a861b971852dc7ecd55c6f090f02f832cc7aae763ac2755ab, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:c0:4d:e0:1c:cc:a2:39:d6:7c:43:6c:ec:
48:5c:5c:99:e7:10:ce:bb:e5:74:f4:8a:20:7c:88:
77:ca:34:77:44:24:24:05:d0:d4:45:8f:6e:8a:17:
48:66:05:27:95:df:ec:6f:51:f8:5b:bc:6b:e2:1d:
98:0f:5f:ba:a5:ed:4e:2c:79:9b:68:9c:8d:98:8a:
4d:4c:92:0b:29:fc:87:40:6a:83:c8:be:75:04:d0:
61:57:8b:2b:05:8d:96:aa:e5:28:57:ea:57:91:1f:
bb:2a:49:2e:25:67:80:2a:71:3d:27:77:d7:da:43:
c7:9c:15:f9:85:7f:19:fa:09:30:4f:74:5e:20:28:
11:70:36:6b:04:e5:7e:b3:09:66:d4:52:d3:da:75:
af:0d:da:26:99:53:eb:8e:af:27:a5:5c:cb:d4:d7:
91:08:5d:9b:e8:ed:4c:52:5c:52:9b:c2:21:e9:d2:
9e:3f:d0:76:8d:51:7d:34:b6:c9:67:81:bf:4a:3d:
fd:46:56:1a:1f:19:5c:ae:2f:9b:b8:de:39:be:c1:
26:4b:f7:d2:f4:c8:f3:56:87:36:8e:69:42:f9:c5:
79:13:8e:34:e2:4d:86:92:ca:16:5f:1c:92:c1:cd:
ab:23:8d:87:91:1c:ca:25:b3:a1:24:08:aa:6e:7f:
ce:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B0:5A:14:93:D9:D8:30:5A:60:3E:5E:4C:08:D1:A2:23:87:16:81
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/286c0443-2fd0-492e-a7fc-799699438313.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
94:5d:92:7c:db:c9:cc:8d:8b:0f:7c:f3:22:56:c0:1a:6a:96:
c1:4b:9b:22:3c:69:5b:0a:5a:89:a9:44:7a:40:c2:11:3c:42:
ae:51:97:f0:51:35:f2:f3:f5:f9:b7:52:d8:20:41:75:e9:7f:
bc:7e:f4:ce:8e:5f:e0:39:5d:d9:90:23:4f:84:fc:be:b3:82:
70:13:0b:bb:9f:cf:28:96:6a:2b:9a:1b:67:77:9d:df:11:60:
22:b2:31:ef:45:d4:0f:c9:14:e1:96:23:71:fa:92:88:a5:e2:
47:fe:d1:f2:7f:bf:d5:82:a2:8a:b9:d1:61:12:0d:98:34:52:
c1:86:ca:91:17:a2:24:6b:25:c6:18:b2:8b:8f:29:42:d2:8b:
f6:c1:f1:8d:a0:25:de:90:56:96:ec:b1:c0:52:b0:a4:47:b2:
a0:fd:13:a5:04:0b:75:7f:0d:db:40:24:76:51:ca:31:f1:da:
ea:a7:e1:85:a8:f6:75:a5:dd:aa:b1:66:14:ea:a0:76:4a:db:
58:aa:9d:f6:cb:91:1f:69:4c:f8:c5:de:ab:c6:1d:1e:0f:d8:
ac:5f:fd:8a:da:f4:35:a4:dc:f9:d4:d1:89:16:6a:65:80:38:
3d:38:60:8f:a5:d4:44:07:8c:55:2c:a0:c7:51:3e:26:4e:6e:
ef:dc:42:10
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPiPilDUOOay+iMwS3ebyeS7ldU4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjEwMDAwMDAwWhcNMjUwMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NmM0Y2QyYmJmOGEwNjBhODYxYjk3MTg1MmRjN2VjZDU1
YzZmMDkwZjAyZjgzMmNjN2FhZTc2M2FjMjc1NWFiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy0MBN4BzMojnWfENs7EhcXJnnEM675XT0iiB8iHfKNHdE
JCQF0NRFj26KF0hmBSeV3+xvUfhbvGviHZgPX7ql7U4seZtonI2Yik1Mkgsp/IdA
aoPIvnUE0GFXiysFjZaq5ShX6leRH7sqSS4lZ4AqcT0nd9faQ8ecFfmFfxn6CTBP
dF4gKBFwNmsE5X6zCWbUUtPada8N2iaZU+uOryelXMvU15EIXZvo7UxSXFKbwiHp
0p4/0HaNUX00tslngb9KPf1GVhofGVyuL5u43jm+wSZL99L0yPNWhzaOaUL5xXkT
jjTiTYaSyhZfHJLBzasjjYeRHMols6EkCKpuf849AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTbBaFJPZ2DBaYD5eTAjRoiOHFoEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI4NmMwNDQzLTJmZDAtNDkyZS1hN2ZjLTc5OTY5OTQzODMxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJRdknzbycyNiw988yJWwBpqlsFL
myI8aVsKWompRHpAwhE8Qq5Rl/BRNfLz9fm3UtggQXXpf7x+9M6OX+A5XdmQI0+E
/L6zgnATC7ufzyiWaiuaG2d3nd8RYCKyMe9F1A/JFOGWI3H6koil4kf+0fJ/v9WC
ooq50WESDZg0UsGGypEXoiRrJcYYsouPKULSi/bB8Y2gJd6QVpbsscBSsKRHsqD9
E6UEC3V/DdtAJHZRyjHx2uqn4YWo9nWl3aqxZhTqoHZK21iqnfbLkR9pTPjF3qvG
HR4P2Kxf/Yra9DWk3PnU0YkWamWAOD04YI+l1EQHjFUsoMdRPiZObu/cQhA=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:03:12 2025 by rpki-client