Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/296ce85d-a215-4f8f-89e7-209e3f0d86c2.roa
File: 296ce85d-a215-4f8f-89e7-209e3f0d86c2.roa (raw, json)
Hash identifier: WuEX3y71ypOdTlmHBx2DvKKpmZVnPYdcsHJgSigP/Us=
Subject key identifier: B2:1B:8A:D3:F1:45:43:F2:DC:BC:BC:3C:F8:6A:55:7E:9D:C4:F8:6B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 70B692762DA3E1941D58AB542B96F4F5B06DE794
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/296ce85d-a215-4f8f-89e7-209e3f0d86c2.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:b6:92:76:2d:a3:e1:94:1d:58:ab:54:2b:96:f4:f5:b0:6d:e7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=f763b7756a77c32e03001f1027aaea585395461950114e155a3c3a380661dfed, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b7:0d:55:f8:67:47:87:78:01:49:99:c2:af:
31:6a:31:b8:ad:67:96:98:90:16:98:52:3f:45:55:
b7:90:12:17:71:62:41:06:ec:9f:7c:6e:dd:de:39:
a0:29:07:0e:91:12:b5:61:2b:1d:61:ff:98:a0:67:
e5:ea:0e:1b:cb:ba:78:50:95:cb:8e:84:d5:90:4c:
61:39:58:02:3d:92:61:af:9e:63:6e:7a:e1:36:34:
a2:9d:2c:cf:28:30:1f:ab:46:0b:0b:f6:db:56:42:
97:ee:9a:78:07:52:a9:cf:ba:f2:07:f4:84:c0:ff:
ab:88:28:b3:42:e2:fd:30:f0:aa:e8:a4:63:d2:22:
a0:2d:8c:61:1d:e4:77:e0:21:9d:42:a3:c7:f7:40:
a7:de:c7:ce:16:7e:34:79:77:d2:76:fa:fa:1d:2e:
df:2a:f9:f7:bd:ce:2b:66:b6:79:02:2f:f5:c3:ca:
36:20:e0:92:dc:e8:42:63:0a:15:28:29:3d:c9:d4:
47:7d:11:e9:e1:97:dd:01:23:00:b5:6b:75:1a:3f:
53:95:84:84:18:5d:3b:61:d7:1c:9b:4b:f6:f0:58:
20:e9:3d:8d:18:bf:0f:bd:b9:83:8d:73:3f:1f:d1:
66:d7:d3:fd:a7:5c:c3:5d:63:81:7b:02:bd:42:97:
8e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1B:8A:D3:F1:45:43:F2:DC:BC:BC:3C:F8:6A:55:7E:9D:C4:F8:6B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/296ce85d-a215-4f8f-89e7-209e3f0d86c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:38:75:0f:2c:af:9a:1a:93:e4:da:6d:d8:23:84:c3:91:b3:
25:5d:85:ca:60:3b:68:4e:4c:71:b7:be:10:7b:76:39:b8:ec:
e4:01:aa:f2:5b:e6:e7:e4:b2:16:2f:64:2b:11:e6:82:33:73:
b9:d3:2f:4d:9e:88:6c:77:b4:11:fb:1e:c2:60:a6:aa:fb:b2:
98:31:62:1f:a2:f6:c2:d7:49:06:21:05:a1:0a:37:d8:f3:a5:
4a:2b:21:f1:a0:b2:1e:ba:34:36:50:f6:e0:2f:3b:51:43:2f:
93:b2:00:90:fa:26:bf:fd:1d:b6:96:9d:93:dc:93:42:f2:ec:
e7:8e:c9:74:5c:a1:ed:1e:aa:78:7e:a9:66:e2:04:10:cb:6f:
ae:44:39:c1:8e:cc:bc:49:f7:fd:62:00:42:6e:3e:c5:29:3f:
7b:84:68:f3:ef:30:39:b9:42:30:76:c6:ce:84:26:85:0a:5c:
3e:02:e0:07:0c:60:ea:a3:d7:e0:a5:04:77:0b:f5:1e:ae:b6:
2f:d7:f7:78:47:7e:e6:2b:48:6d:77:41:9e:b8:01:47:b1:85:
bd:d0:5e:47:c2:d1:03:97:ad:00:2c:d2:7b:94:c0:bf:33:af:
97:c2:8d:af:c0:2a:7d:10:6f:93:18:c6:f3:af:81:40:12:e1:
30:96:06:a2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcLaSdi2j4ZQdWKtUK5b09bBt55QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzYzYjc3NTZhNzdjMzJlMDMwMDFmMTAyN2FhZWE1ODUz
OTU0NjE5NTAxMTRlMTU1YTNjM2EzODA2NjFkZmVkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCytw1V+GdHh3gBSZnCrzFqMbitZ5aYkBaYUj9FVbeQEhdx
YkEG7J98bt3eOaApBw6RErVhKx1h/5igZ+XqDhvLunhQlcuOhNWQTGE5WAI9kmGv
nmNueuE2NKKdLM8oMB+rRgsL9ttWQpfumngHUqnPuvIH9ITA/6uIKLNC4v0w8Kro
pGPSIqAtjGEd5HfgIZ1Co8f3QKfex84WfjR5d9J2+vodLt8q+fe9zitmtnkCL/XD
yjYg4JLc6EJjChUoKT3J1Ed9Eenhl90BIwC1a3UaP1OVhIQYXTth1xybS/bwWCDp
PY0Yvw+9uYONcz8f0WbX0/2nXMNdY4F7Ar1Cl47nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUshuK0/FFQ/LcvLw8+GpVfp3E+GswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI5NmNlODVkLWEyMTUtNGY4Zi04OWU3LTIwOWUzZjBkODZjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHo4dQ8sr5oak+TabdgjhMORsyVd
hcpgO2hOTHG3vhB7djm47OQBqvJb5ufkshYvZCsR5oIzc7nTL02eiGx3tBH7HsJg
pqr7spgxYh+i9sLXSQYhBaEKN9jzpUorIfGgsh66NDZQ9uAvO1FDL5OyAJD6Jr/9
HbaWnZPck0Ly7OeOyXRcoe0eqnh+qWbiBBDLb65EOcGOzLxJ9/1iAEJuPsUpP3uE
aPPvMDm5QjB2xs6EJoUKXD4C4AcMYOqj1+ClBHcL9R6uti/X93hHfuYrSG13QZ64
AUexhb3QXkfC0QOXrQAs0nuUwL8zr5fCja/AKn0Qb5MYxvOvgUAS4TCWBqI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:12 2025 by rpki-client