Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ea8c07c-8f9b-4006-84c5-f77191e5c641.roa
File: 2ea8c07c-8f9b-4006-84c5-f77191e5c641.roa (raw, json)
Hash identifier: or7YGEoxZD8tLh6so0SIy19TzM9l0ghS02gF+6z2UQc=
Subject key identifier: DB:1E:75:E7:C5:17:BD:D3:A4:07:AA:DC:4C:36:4D:DA:C1:4A:96:D2
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 09A47C79A3F3BA80F95B0B85CDC8F8E8668DCF60
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ea8c07c-8f9b-4006-84c5-f77191e5c641.roa
Signing time: Sun 27 Oct 2024 00:00:00 +0000
ROA not before: Sun 27 Oct 2024 00:00:00 +0000
ROA not after: Sun 01 Dec 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:a4:7c:79:a3:f3:ba:80:f9:5b:0b:85:cd:c8:f8:e8:66:8d:cf:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 27 00:00:00 2024 GMT
Not After : Dec 1 23:59:59 2024 GMT
Subject: serialNumber=a360c9ce43ffee71880df2a4ab3f65f3278a8df308571c63c0b662fb547e5bf6, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:35:b3:e0:7c:c9:3b:9d:5c:13:da:29:b5:27:
b4:27:61:79:de:20:96:af:85:e7:67:50:28:60:e9:
ea:8e:2b:28:bd:8b:f9:cc:d0:65:30:0e:c6:91:d4:
e3:c6:eb:bd:4a:fd:7f:31:51:42:94:e0:00:d6:fe:
36:a3:88:c6:d0:21:04:38:68:55:1c:09:ce:50:8a:
51:65:13:f5:e4:22:ce:1d:8e:6b:74:4a:50:7e:d9:
f4:cf:cb:39:8d:49:65:94:6e:6b:b7:f0:1d:cb:61:
1f:a5:a6:af:4e:34:a1:0e:5e:f5:9a:4b:e3:91:48:
c1:8c:fc:e2:59:ff:fa:74:47:88:cb:d7:91:e9:17:
94:ce:be:67:07:5d:4b:cd:d9:90:03:cd:dc:07:5d:
ba:f9:c4:a4:dc:1f:3c:e0:5a:ec:81:38:71:38:94:
7e:f4:1c:11:29:41:54:0c:03:5b:1c:d4:46:0d:f9:
d3:83:cd:5c:df:37:cb:71:af:ee:7b:7e:04:76:b7:
28:f6:32:04:c5:b9:65:b4:a8:ad:ff:99:c2:49:28:
00:a5:56:ef:55:3a:1a:23:93:46:80:1b:05:66:2f:
ab:41:37:12:7e:be:c7:b8:fe:33:9c:57:24:75:a9:
1f:c5:07:47:0a:2c:a0:78:5f:25:fb:e6:35:66:3b:
b2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1E:75:E7:C5:17:BD:D3:A4:07:AA:DC:4C:36:4D:DA:C1:4A:96:D2
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ea8c07c-8f9b-4006-84c5-f77191e5c641.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a8:fb:cf:e2:52:c4:d9:1d:a4:d3:37:68:9b:bf:a4:04:a7:
dd:bd:20:a7:1d:67:07:1a:00:cb:a8:af:ff:eb:a5:95:ce:d5:
84:c8:28:89:42:36:ff:49:4e:2e:4c:e6:64:3c:ca:63:87:c7:
73:13:ae:3c:3d:64:93:7d:50:4e:03:b7:68:eb:48:7a:70:52:
f7:96:52:29:5d:27:d8:33:26:26:ab:ca:a9:e5:77:eb:78:c6:
71:1d:83:07:2e:3a:1c:9a:28:67:b3:cd:84:e9:c6:c6:19:33:
1d:6e:0e:27:b6:fc:44:b3:de:19:51:7c:c6:58:cd:b7:5d:aa:
9a:b6:0f:44:52:64:40:3f:31:47:19:41:35:10:26:f5:62:99:
02:33:01:67:47:33:78:10:5d:f5:78:c4:fc:71:b2:d3:ce:19:
a3:64:9c:16:a8:1c:a4:2f:35:d6:84:e3:31:b3:ae:61:53:a9:
47:1e:b5:b4:60:74:c5:2a:0d:2e:e5:08:56:93:5d:e9:34:fb:
9a:b9:64:8b:78:6b:31:dd:1a:1a:b4:ef:1e:f3:f3:bf:a9:1d:
6a:d3:76:ab:67:46:d2:94:4f:88:ec:86:e6:f2:19:39:1b:cf:
68:c9:77:cd:9c:f9:19:b8:04:8b:a9:fa:b6:2b:93:39:a4:4a:
45:62:20:ca
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCaR8eaPzuoD5WwuFzcj46GaNz2AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDI3MDAwMDAwWhcNMjQxMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMzYwYzljZTQzZmZlZTcxODgwZGYyYTRhYjNmNjVmMzI3
OGE4ZGYzMDg1NzFjNjNjMGI2NjJmYjU0N2U1YmY2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqNbPgfMk7nVwT2im1J7QnYXneIJavhednUChg6eqOKyi9
i/nM0GUwDsaR1OPG671K/X8xUUKU4ADW/jajiMbQIQQ4aFUcCc5QilFlE/XkIs4d
jmt0SlB+2fTPyzmNSWWUbmu38B3LYR+lpq9ONKEOXvWaS+ORSMGM/OJZ//p0R4jL
15HpF5TOvmcHXUvN2ZADzdwHXbr5xKTcHzzgWuyBOHE4lH70HBEpQVQMA1sc1EYN
+dODzVzfN8txr+57fgR2tyj2MgTFuWW0qK3/mcJJKAClVu9VOhojk0aAGwVmL6tB
NxJ+vse4/jOcVyR1qR/FB0cKLKB4XyX75jVmO7LDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2x5158UXvdOkB6rcTDZN2sFKltIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJlYThjMDdjLThmOWItNDAwNi04NGM1LWY3NzE5MWU1YzY0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHOo+8/iUsTZHaTTN2ibv6QEp929
IKcdZwcaAMuor//rpZXO1YTIKIlCNv9JTi5M5mQ8ymOHx3MTrjw9ZJN9UE4Dt2jr
SHpwUveWUildJ9gzJiaryqnld+t4xnEdgwcuOhyaKGezzYTpxsYZMx1uDie2/ESz
3hlRfMZYzbddqpq2D0RSZEA/MUcZQTUQJvVimQIzAWdHM3gQXfV4xPxxstPOGaNk
nBaoHKQvNdaE4zGzrmFTqUcetbRgdMUqDS7lCFaTXek0+5q5ZIt4azHdGhq07x7z
87+pHWrTdqtnRtKUT4jshubyGTkbz2jJd82c+Rm4BIup+rYrkzmkSkViIMo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:04:27 2025 by rpki-client