Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2b747d0d-201e-4be8-a55f-b7b527abfdb4.roa
File: 2b747d0d-201e-4be8-a55f-b7b527abfdb4.roa (raw, json)
Hash identifier: 9k9g7KZkqQsad9SrmQEx8eiftx0UFj3z7czgDfsH6V8=
Subject key identifier: E1:50:4B:11:67:84:39:62:60:07:C9:1E:5D:2C:71:39:B0:F3:08:FB
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6E1D6A0D8DBB4F26F82B5242A069953BA1E40524
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2b747d0d-201e-4be8-a55f-b7b527abfdb4.roa
Signing time: Fri 01 Dec 2023 00:00:00 +0000
ROA not before: Fri 01 Dec 2023 00:00:00 +0000
ROA not after: Fri 05 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:1d:6a:0d:8d:bb:4f:26:f8:2b:52:42:a0:69:95:3b:a1:e4:05:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 1 00:00:00 2023 GMT
Not After : Jan 5 23:59:59 2024 GMT
Subject: serialNumber=65f0907ed2049caaaeffbe25ed0e6abeaac928cb394dc7e248d345bebb9ac436, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:81:f9:b1:4e:e1:4f:1d:36:80:b3:b1:3e:7f:
b7:5a:d3:cf:74:9c:d4:18:53:59:bf:45:ef:4a:7b:
e9:2e:93:27:c8:2c:36:39:dd:24:b4:0a:ef:37:97:
14:d6:64:20:a0:87:f3:6b:e2:80:bf:33:fe:5f:9c:
c0:7b:28:97:cd:c3:35:44:4b:be:27:73:5b:47:c4:
eb:2a:3f:c8:0c:42:6b:d3:aa:cb:09:e8:52:d2:33:
14:40:61:73:c5:f7:3c:e6:c3:eb:3c:ef:2a:c5:23:
cf:1e:d7:8a:9b:9b:6e:47:dc:16:98:b4:9e:8b:b1:
ca:85:b5:4b:9d:43:13:04:ca:fd:34:e4:23:62:0f:
04:cc:24:a9:74:02:4b:c4:ae:cb:67:13:17:21:26:
a7:20:44:99:ff:7c:fc:f5:4e:48:4b:20:bc:f2:4f:
a6:b3:49:c3:9d:6c:0f:4e:f2:2d:70:74:45:18:4b:
3c:ac:25:f0:a5:6d:db:a2:88:fc:21:34:dd:a5:11:
4b:31:d1:ab:b9:6b:be:aa:c5:fa:e1:6b:29:0e:62:
d0:91:4a:b3:4e:24:26:4b:59:79:22:bd:c2:52:42:
a5:7d:cb:fa:81:7d:73:4c:06:c1:ea:50:37:0b:4e:
ee:1a:b4:3c:fd:03:9f:11:25:4c:ac:11:6b:d9:12:
3c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:50:4B:11:67:84:39:62:60:07:C9:1E:5D:2C:71:39:B0:F3:08:FB
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2b747d0d-201e-4be8-a55f-b7b527abfdb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
59:21:70:80:2b:9e:0c:63:d3:38:df:80:63:bb:de:d8:26:38:
56:00:78:7a:6b:44:17:ff:39:4c:3e:15:f5:1d:96:da:f1:f8:
50:b1:1d:1e:21:66:cd:45:a8:48:a6:7a:cb:c5:49:22:84:59:
0e:bb:6f:23:f5:fb:de:8e:b3:80:70:1e:87:a2:a0:22:d0:db:
e7:5a:f3:af:ec:2f:84:e2:83:40:3e:4b:a7:d6:66:a9:5c:43:
33:e8:ca:df:85:7e:1d:9f:d4:7f:82:ed:3a:71:50:b2:e8:d2:
ef:00:bc:dd:b0:92:dc:38:eb:40:1a:fa:bb:a3:ea:de:2f:ed:
b3:09:28:44:91:9c:de:09:65:26:b2:44:d5:f4:85:0e:42:e1:
73:98:df:4c:e6:88:52:89:92:4b:75:56:f8:c2:d0:f5:32:bb:
2e:b5:26:3e:c8:6d:d6:27:ec:b6:59:73:6f:21:ea:75:a4:a1:
2b:83:07:1b:64:e6:5c:f1:ff:af:e7:68:bc:38:21:2e:a0:90:
59:4b:aa:f1:62:da:35:16:c5:cd:e3:12:d8:9b:8b:d9:61:69:
f2:4b:a1:9e:5c:e3:8e:3a:19:d9:c5:c9:c6:33:8e:d1:86:de:
39:8e:bd:50:9a:fa:de:fa:8e:20:02:f2:01:2d:d6:8f:dd:43:
35:e7:64:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbh1qDY27Tyb4K1JCoGmVO6HkBSQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjAxMDAwMDAwWhcNMjQwMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NWYwOTA3ZWQyMDQ5Y2FhYWVmZmJlMjVlZDBlNmFiZWFh
YzkyOGNiMzk0ZGM3ZTI0OGQzNDViZWJiOWFjNDM2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCgfmxTuFPHTaAs7E+f7da0890nNQYU1m/Re9Ke+kukyfI
LDY53SS0Cu83lxTWZCCgh/Nr4oC/M/5fnMB7KJfNwzVES74nc1tHxOsqP8gMQmvT
qssJ6FLSMxRAYXPF9zzmw+s87yrFI88e14qbm25H3BaYtJ6LscqFtUudQxMEyv00
5CNiDwTMJKl0AkvErstnExchJqcgRJn/fPz1TkhLILzyT6azScOdbA9O8i1wdEUY
SzysJfClbduiiPwhNN2lEUsx0au5a76qxfrhaykOYtCRSrNOJCZLWXkivcJSQqV9
y/qBfXNMBsHqUDcLTu4atDz9A58RJUysEWvZEjyZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4VBLEWeEOWJgB8keXSxxObDzCPswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJiNzQ3ZDBkLTIwMWUtNGJlOC1hNTVmLWI3YjUyN2FiZmRiNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFkhcIArngxj0zjfgGO73tgmOFYA
eHprRBf/OUw+FfUdltrx+FCxHR4hZs1FqEimesvFSSKEWQ67byP1+96Os4BwHoei
oCLQ2+da86/sL4Tig0A+S6fWZqlcQzPoyt+Ffh2f1H+C7TpxULLo0u8AvN2wktw4
60Aa+ruj6t4v7bMJKESRnN4JZSayRNX0hQ5C4XOY30zmiFKJkkt1VvjC0PUyuy61
Jj7IbdYn7LZZc28h6nWkoSuDBxtk5lzx/6/naLw4IS6gkFlLqvFi2jUWxc3jEtib
i9lhafJLoZ5c4446GdnFycYzjtGG3jmOvVCa+t76jiAC8gEt1o/dQzXnZGA=
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:39:23 2025 by rpki-client