Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2f608c37-a3e9-4abe-8df9-2e19bacdf607.roa
File: 2f608c37-a3e9-4abe-8df9-2e19bacdf607.roa (raw, json)
Hash identifier: uCCX0OzLXquqXMGRJjwvcIxJRQMKt+PrlqZyeQ59nqo=
Subject key identifier: 4A:61:02:01:3E:82:F9:25:21:A9:11:D6:C2:91:1A:99:D5:49:95:48
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 38DA937C8D42B15CB296BD1B6D0B32C26CE53236
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2f608c37-a3e9-4abe-8df9-2e19bacdf607.roa
Signing time: Mon 25 Mar 2024 00:00:00 +0000
ROA not before: Mon 25 Mar 2024 00:00:00 +0000
ROA not after: Mon 29 Apr 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:da:93:7c:8d:42:b1:5c:b2:96:bd:1b:6d:0b:32:c2:6c:e5:32:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 25 00:00:00 2024 GMT
Not After : Apr 29 23:59:59 2024 GMT
Subject: serialNumber=941770072eae8e838d95275a78960f87070b1a135d1695fbb663793a0975c572, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:81:ad:83:63:69:2d:77:87:8e:63:ef:42:40:
d8:97:31:b7:3e:ed:36:8a:e9:b4:a6:58:68:95:a1:
b8:8c:72:7c:e4:3b:6d:55:ac:3e:c6:1e:96:9d:6e:
06:f0:bc:0b:d1:72:36:60:da:e8:a7:48:86:c8:fc:
fe:3f:a6:0e:ff:1b:c6:df:3b:59:c0:57:61:13:67:
30:cd:cb:f9:da:5c:0a:36:95:5c:45:28:72:11:ce:
01:f1:d2:b5:07:fd:a5:dd:64:7a:71:d5:35:5e:2b:
5a:97:63:3f:0a:c2:4a:c3:5f:e5:79:af:9a:9f:b4:
af:02:86:19:84:90:90:90:af:8a:f9:1b:ab:57:58:
42:2d:53:7a:db:7a:20:b0:73:95:1c:5b:75:3f:05:
e9:b9:dc:ee:32:65:65:e5:a4:df:46:ff:eb:e2:38:
de:66:5b:d0:44:ed:ba:e0:5e:3e:7d:fd:09:7e:2d:
d2:8b:db:25:df:0b:89:c7:80:73:e9:85:f2:04:27:
05:c5:5c:be:9b:1f:b6:36:79:e8:1f:44:7f:53:52:
36:da:11:4a:85:0f:69:b6:ef:16:91:d8:07:fb:2d:
50:49:db:d2:6a:16:74:5d:5c:f3:63:71:a3:a5:88:
d1:c3:7d:9f:d0:c5:31:93:63:32:23:1d:8c:34:9d:
26:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:61:02:01:3E:82:F9:25:21:A9:11:D6:C2:91:1A:99:D5:49:95:48
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2f608c37-a3e9-4abe-8df9-2e19bacdf607.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
46:9e:dd:24:12:63:be:41:2a:34:1b:a4:13:6b:26:40:27:a5:
02:e9:bf:be:d2:96:28:4b:70:90:3d:84:fe:3b:2e:be:6f:ce:
ec:a3:0a:cd:e3:a6:96:91:7a:f1:05:d5:ae:6d:e1:43:1d:83:
76:6a:1e:4f:dd:bf:ea:17:40:3e:80:0d:90:c9:5f:86:fd:9c:
91:ed:a9:2f:9c:a2:49:bd:c4:97:38:2a:ef:0e:b1:f9:69:de:
72:7b:bd:60:a9:58:5c:34:8c:4d:1e:5a:b9:f3:78:88:70:8a:
87:c7:1a:31:c0:6a:bf:71:b0:89:de:35:09:be:a7:ec:40:83:
2b:98:44:f6:52:e5:4f:b5:66:8e:c8:24:36:4e:50:2b:b3:7d:
7a:04:d3:b5:50:13:6e:99:c9:1c:a0:7c:b8:cd:08:70:67:a9:
50:c2:c9:47:22:79:ee:24:34:6b:9e:f5:65:11:8c:be:f8:07:
a9:91:a1:68:54:4f:c1:02:61:2b:4d:dd:ec:e0:98:04:ab:3d:
3c:74:30:e2:3b:55:d9:d0:b9:48:58:a3:62:b1:2e:30:71:4d:
e1:5a:7e:93:70:e8:e3:78:cf:68:33:39:c1:25:69:b5:2a:70:
78:2e:b4:2d:3e:ae:14:8d:35:00:28:15:48:06:2a:4d:00:99:
ac:8c:94:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUONqTfI1CsVyylr0bbQsywmzlMjYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzI1MDAwMDAwWhcNMjQwNDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NDE3NzAwNzJlYWU4ZTgzOGQ5NTI3NWE3ODk2MGY4NzA3
MGIxYTEzNWQxNjk1ZmJiNjYzNzkzYTA5NzVjNTcyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7ga2DY2ktd4eOY+9CQNiXMbc+7TaK6bSmWGiVobiMcnzk
O21VrD7GHpadbgbwvAvRcjZg2uinSIbI/P4/pg7/G8bfO1nAV2ETZzDNy/naXAo2
lVxFKHIRzgHx0rUH/aXdZHpx1TVeK1qXYz8KwkrDX+V5r5qftK8ChhmEkJCQr4r5
G6tXWEItU3rbeiCwc5UcW3U/Bem53O4yZWXlpN9G/+viON5mW9BE7brgXj59/Ql+
LdKL2yXfC4nHgHPphfIEJwXFXL6bH7Y2eegfRH9TUjbaEUqFD2m27xaR2Af7LVBJ
29JqFnRdXPNjcaOliNHDfZ/QxTGTYzIjHYw0nSZTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSmECAT6C+SUhqRHWwpEamdVJlUgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJmNjA4YzM3LWEzZTktNGFiZS04ZGY5LTJlMTliYWNkZjYwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEae3SQSY75BKjQbpBNrJkAnpQLp
v77SlihLcJA9hP47Lr5vzuyjCs3jppaRevEF1a5t4UMdg3ZqHk/dv+oXQD6ADZDJ
X4b9nJHtqS+cokm9xJc4Ku8Osflp3nJ7vWCpWFw0jE0eWrnzeIhwiofHGjHAar9x
sIneNQm+p+xAgyuYRPZS5U+1Zo7IJDZOUCuzfXoE07VQE26ZyRygfLjNCHBnqVDC
yUciee4kNGue9WURjL74B6mRoWhUT8ECYStN3ezgmASrPTx0MOI7VdnQuUhYo2Kx
LjBxTeFafpNw6ON4z2gzOcElabUqcHgutC0+rhSNNQAoFUgGKk0AmayMlAc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:56:39 2025 by rpki-client