Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/32684ce1-0a2d-452f-97cf-6fa28b654b7b.roa
File: 32684ce1-0a2d-452f-97cf-6fa28b654b7b.roa (raw, json)
Hash identifier: KdA8i+rr1tDBofQdAAVrlFU2nthOm7VSSJl8kg+pCb4=
Subject key identifier: BF:B7:B7:5E:E6:1F:D6:E0:86:FE:41:94:FE:7D:C4:9A:C8:85:4F:2C
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 04F1FB9329345D0A74569A0825E92208BD8CE139
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/32684ce1-0a2d-452f-97cf-6fa28b654b7b.roa
Signing time: Sun 10 Dec 2023 00:00:00 +0000
ROA not before: Sun 10 Dec 2023 00:00:00 +0000
ROA not after: Sun 14 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f1:fb:93:29:34:5d:0a:74:56:9a:08:25:e9:22:08:bd:8c:e1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 10 00:00:00 2023 GMT
Not After : Jan 14 23:59:59 2024 GMT
Subject: serialNumber=068178e58f6f9e8982094c6fb3dc1e0f96745c57829760a4b5e7a784e0b779e6, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:7b:e9:31:56:02:d1:ae:6d:5a:36:12:a0:
8d:90:96:e6:87:6e:c9:06:a8:09:0c:c4:3f:e2:7e:
92:94:20:1d:0f:20:64:89:fe:7d:fd:4f:ee:b2:0e:
3f:37:bd:95:73:ea:c6:8a:1c:ca:e8:e6:f4:f3:08:
00:1e:96:f2:1d:a3:b4:28:e9:da:26:b4:da:ad:98:
86:7a:a3:e6:b1:50:10:16:72:55:a5:44:b5:91:93:
7e:18:d9:a3:72:76:2e:9a:26:ee:ce:7d:44:3f:b7:
de:32:31:5d:b2:d5:e1:f8:3f:7c:97:e6:62:de:af:
4b:27:75:da:9c:fb:7c:cb:55:43:9b:4c:3c:1d:76:
cb:4a:30:85:b1:82:7d:5d:97:f0:f4:3d:4e:96:16:
ed:d1:00:eb:05:1c:30:12:2c:be:5d:53:1c:35:6a:
47:7f:02:d2:e2:f6:07:09:e1:ca:8d:56:00:c9:d6:
8c:a5:d2:ef:04:b3:dd:c4:3b:45:c6:79:b3:62:ef:
c1:4e:a1:8c:62:59:c2:32:31:5b:6c:e5:57:e2:84:
ea:c2:db:02:21:c2:84:c6:63:7d:11:61:0b:de:b4:
4c:ce:14:80:20:c4:dd:0b:b7:8e:12:41:4c:f8:a5:
cd:be:a4:28:cc:02:0a:28:0f:fa:bb:38:ff:a8:d6:
f2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B7:B7:5E:E6:1F:D6:E0:86:FE:41:94:FE:7D:C4:9A:C8:85:4F:2C
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/32684ce1-0a2d-452f-97cf-6fa28b654b7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:78:63:71:dc:2f:d2:87:1a:3c:e5:6c:87:c3:40:84:fb:c6:
47:0a:0e:f1:93:05:e1:3d:56:f7:0d:d2:cd:69:44:da:8c:51:
05:f3:fa:dc:a7:7e:25:aa:e0:05:a4:f6:5f:ad:43:86:fa:ab:
83:75:aa:75:87:5e:ee:64:57:d0:b3:35:2f:67:39:11:26:4e:
05:a3:fd:ad:e2:96:f0:b1:48:f1:3e:5d:f4:42:39:0c:6d:50:
1d:29:0b:f1:b9:37:6e:e6:4c:7b:db:08:a0:df:09:3a:2d:9e:
b0:dd:00:75:d2:ca:00:fe:b9:af:4d:ee:41:4a:ae:12:d7:8c:
12:46:dd:54:3a:cb:ba:c2:3c:ed:3b:69:7d:4a:78:5c:84:3a:
a1:3d:0c:95:64:76:ef:4e:90:14:e2:25:43:f7:5c:01:d8:9a:
cd:e8:6e:30:b7:b2:07:98:c3:4d:99:96:3f:22:f6:48:d3:3a:
3d:14:30:7d:35:3d:24:06:ba:dd:68:81:e9:95:38:db:2d:1a:
5d:46:89:7c:b0:b2:ee:e6:03:0e:4b:bc:fd:c7:48:6d:55:60:
93:fd:2f:12:cb:0f:44:e6:8f:c2:a8:eb:7e:28:ed:ae:19:b9:
87:e7:d4:93:04:7e:5a:76:9e:22:29:6c:c0:24:97:1e:27:b0:
5d:88:02:80
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBPH7kyk0XQp0VpoIJekiCL2M4TkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjEwMDAwMDAwWhcNMjQwMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNjgxNzhlNThmNmY5ZTg5ODIwOTRjNmZiM2RjMWUwZjk2
NzQ1YzU3ODI5NzYwYTRiNWU3YTc4NGUwYjc3OWU2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtB3vpMVYC0a5tWjYSoI2QluaHbskGqAkMxD/ifpKUIB0P
IGSJ/n39T+6yDj83vZVz6saKHMro5vTzCAAelvIdo7Qo6domtNqtmIZ6o+axUBAW
clWlRLWRk34Y2aNydi6aJu7OfUQ/t94yMV2y1eH4P3yX5mLer0snddqc+3zLVUOb
TDwddstKMIWxgn1dl/D0PU6WFu3RAOsFHDASLL5dUxw1akd/AtLi9gcJ4cqNVgDJ
1oyl0u8Es93EO0XGebNi78FOoYxiWcIyMVts5VfihOrC2wIhwoTGY30RYQvetEzO
FIAgxN0Lt44SQUz4pc2+pCjMAgooD/q7OP+o1vIJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUv7e3XuYf1uCG/kGU/n3EmsiFTywwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMyNjg0Y2UxLTBhMmQtNDUyZi05N2NmLTZmYTI4YjY1NGI3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJ54Y3HcL9KHGjzlbIfDQIT7xkcK
DvGTBeE9VvcN0s1pRNqMUQXz+tynfiWq4AWk9l+tQ4b6q4N1qnWHXu5kV9CzNS9n
OREmTgWj/a3ilvCxSPE+XfRCOQxtUB0pC/G5N27mTHvbCKDfCTotnrDdAHXSygD+
ua9N7kFKrhLXjBJG3VQ6y7rCPO07aX1KeFyEOqE9DJVkdu9OkBTiJUP3XAHYms3o
bjC3sgeYw02Zlj8i9kjTOj0UMH01PSQGut1ogemVONstGl1GiXywsu7mAw5LvP3H
SG1VYJP9LxLLD0Tmj8Ko634o7a4ZuYfn1JMEflp2niIpbMAklx4nsF2IAoA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:01:16 2025 by rpki-client