Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/30cf049a-512f-4083-8985-f8b47178188f.roa
File: 30cf049a-512f-4083-8985-f8b47178188f.roa (raw, json)
Hash identifier: SzdXsc8uO0rFdgoOkkxAOY9dh8lSkExwg0tIQu9XzNE=
Subject key identifier: 35:D4:B6:A1:06:EF:77:83:7A:54:2E:FC:FF:42:A1:0E:55:B5:0C:66
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 12AE666AD94573DA2AE9E0BD886A9350A7CE11B2
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/30cf049a-512f-4083-8985-f8b47178188f.roa
Signing time: Mon 27 Nov 2023 00:00:00 +0000
ROA not before: Mon 27 Nov 2023 00:00:00 +0000
ROA not after: Mon 01 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ae:66:6a:d9:45:73:da:2a:e9:e0:bd:88:6a:93:50:a7:ce:11:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 27 00:00:00 2023 GMT
Not After : Jan 1 23:59:59 2024 GMT
Subject: serialNumber=18624a7aea2f8b14949b28fa1c0265e7ac6c5664a742eb95691875e97de0489b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f1:e3:58:f8:79:e6:2f:8a:f0:62:ca:63:84:
59:8b:e4:77:82:55:80:66:9a:01:42:62:4c:c0:d9:
ce:40:1e:28:a6:04:e9:89:d7:23:a4:ac:16:64:50:
db:e5:08:0b:8a:7a:c4:de:41:09:a2:ac:59:95:94:
b6:f0:d2:c8:8c:0d:5e:6f:d1:6b:21:1b:4d:86:6f:
29:9e:31:76:2b:e0:bb:8b:f6:69:65:e5:c0:2e:a4:
35:37:52:37:14:53:00:d9:fe:f6:5c:9b:ab:2d:fe:
37:75:08:31:91:c2:a1:04:8c:99:8a:82:55:69:42:
d4:32:4d:01:21:65:7b:ad:7c:78:78:04:7c:25:7c:
7f:d3:cc:2b:a8:b1:e4:b3:11:c9:df:70:a3:97:9b:
c3:4d:1e:03:f7:b8:ad:88:c2:c5:70:d3:80:2f:d0:
7f:d7:7d:14:5e:be:25:93:ed:24:b8:0b:55:33:9b:
72:0a:e9:0e:ec:0b:f4:c1:fa:b5:ea:a9:5d:38:62:
03:b9:95:c1:b6:42:b7:43:e2:6b:95:3f:2a:29:f1:
af:09:8d:01:ba:09:34:1c:65:49:2a:ab:59:6f:16:
8f:11:43:dd:db:66:8a:f6:95:2c:c7:31:17:bb:2c:
44:f8:d7:59:1d:94:d3:ab:dc:4e:5e:6c:94:8d:e0:
55:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D4:B6:A1:06:EF:77:83:7A:54:2E:FC:FF:42:A1:0E:55:B5:0C:66
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/30cf049a-512f-4083-8985-f8b47178188f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
60:e1:14:e7:ca:8b:f4:eb:99:f7:69:23:62:61:85:b5:73:e0:
cb:39:97:62:1a:11:a3:b3:c6:01:b0:e1:46:3e:7a:9a:84:2f:
18:bc:46:17:56:8f:4f:9e:20:d4:00:09:77:d8:68:25:86:c6:
72:d2:70:47:c7:ff:c4:0c:37:da:aa:1e:de:0d:66:f2:4d:94:
97:3b:ea:5f:be:50:62:d5:bf:0a:7c:ba:40:7a:5c:8a:ed:19:
ea:54:80:8e:d6:bf:15:03:92:d1:2e:9f:20:d9:e9:ee:94:f9:
e2:88:b9:1f:2f:dd:da:5f:f8:27:0f:62:ad:70:a3:40:6b:35:
b9:a3:20:5b:85:68:24:03:8b:ed:75:8e:14:f3:df:b7:c9:f1:
a0:84:93:17:aa:aa:a6:da:f8:62:d7:e1:93:00:58:d1:14:9a:
0e:5b:3f:9d:07:fe:53:bc:02:11:07:bc:e1:8d:1f:78:d1:d6:
16:f1:2b:5a:98:ec:73:d3:18:80:97:1a:12:b6:18:ef:05:31:
cc:81:90:08:11:51:37:6e:99:74:ec:30:c5:33:9c:e4:41:7e:
1c:b1:f3:10:17:f6:1a:23:a3:f6:cd:6b:46:3e:3b:cf:84:11:
d1:b7:97:9a:4e:54:c5:03:23:46:b8:42:0a:75:16:0e:93:5f:
97:01:d6:eb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEq5matlFc9oq6eC9iGqTUKfOEbIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTI3MDAwMDAwWhcNMjQwMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxODYyNGE3YWVhMmY4YjE0OTQ5YjI4ZmExYzAyNjVlN2Fj
NmM1NjY0YTc0MmViOTU2OTE4NzVlOTdkZTA0ODliMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCS8eNY+HnmL4rwYspjhFmL5HeCVYBmmgFCYkzA2c5AHiim
BOmJ1yOkrBZkUNvlCAuKesTeQQmirFmVlLbw0siMDV5v0WshG02GbymeMXYr4LuL
9mll5cAupDU3UjcUUwDZ/vZcm6st/jd1CDGRwqEEjJmKglVpQtQyTQEhZXutfHh4
BHwlfH/TzCuoseSzEcnfcKOXm8NNHgP3uK2IwsVw04Av0H/XfRReviWT7SS4C1Uz
m3IK6Q7sC/TB+rXqqV04YgO5lcG2QrdD4muVPyop8a8JjQG6CTQcZUkqq1lvFo8R
Q93bZor2lSzHMRe7LET411kdlNOr3E5ebJSN4FVfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNdS2oQbvd4N6VC78/0KhDlW1DGYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMwY2YwNDlhLTUxMmYtNDA4My04OTg1LWY4YjQ3MTc4MTg4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGDhFOfKi/TrmfdpI2JhhbVz4Ms5
l2IaEaOzxgGw4UY+epqELxi8RhdWj0+eINQACXfYaCWGxnLScEfH/8QMN9qqHt4N
ZvJNlJc76l++UGLVvwp8ukB6XIrtGepUgI7WvxUDktEunyDZ6e6U+eKIuR8v3dpf
+CcPYq1wo0BrNbmjIFuFaCQDi+11jhTz37fJ8aCEkxeqqqba+GLX4ZMAWNEUmg5b
P50H/lO8AhEHvOGNH3jR1hbxK1qY7HPTGICXGhK2GO8FMcyBkAgRUTdumXTsMMUz
nORBfhyx8xAX9hojo/bNa0Y+O8+EEdG3l5pOVMUDI0a4Qgp1Fg6TX5cB1us=
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:24:58 2025 by rpki-client