Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/32cefe31-bf79-4ba2-bb1a-1606f7de1b26.roa
File: 32cefe31-bf79-4ba2-bb1a-1606f7de1b26.roa (raw, json)
Hash identifier: y4d++YtycC/tsO3QYBEFjVkBiwzYZBJ7UEeODV0o/hA=
Subject key identifier: 37:4A:88:AB:8C:82:7D:B7:2A:1A:39:00:F5:DA:69:49:51:39:5D:E2
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 49312AC33284318EAC6D26639C07C2CE3F267431
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/32cefe31-bf79-4ba2-bb1a-1606f7de1b26.roa
Signing time: Tue 20 Feb 2024 00:00:00 +0000
ROA not before: Tue 20 Feb 2024 00:00:00 +0000
ROA not after: Tue 26 Mar 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:31:2a:c3:32:84:31:8e:ac:6d:26:63:9c:07:c2:ce:3f:26:74:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 20 00:00:00 2024 GMT
Not After : Mar 26 23:59:59 2024 GMT
Subject: serialNumber=f08d5888bb10779a16ff60a095694885b689025cb9911b72749ea6bb38ec3e3f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:af:8f:d8:c0:d7:64:f9:ba:4b:d8:42:a0:
bf:d9:07:90:33:0c:0b:a8:f7:40:3c:5b:b5:a5:15:
a9:aa:42:dc:45:49:82:40:9f:3f:85:34:33:ed:7a:
4d:fd:77:aa:6e:04:0b:79:94:93:30:bb:62:71:be:
9e:aa:e5:45:64:86:7c:37:66:34:be:18:20:03:58:
1e:ef:01:1f:e4:59:90:28:b4:87:6a:c3:d0:97:61:
2a:c7:6c:d4:35:51:ca:28:93:67:6e:7d:d7:86:34:
34:cb:c1:ba:e4:dd:84:d7:ea:c7:e0:3d:7c:4e:40:
83:71:6c:9d:e6:77:ce:f3:12:79:2c:64:fe:2c:1d:
ee:be:f6:7f:4b:a6:96:58:e3:ef:f2:07:a9:48:92:
1b:fd:c7:6e:d7:74:32:68:46:8e:0a:1e:71:63:81:
54:51:ca:4e:6a:6e:e8:9d:b4:47:35:d0:0e:28:e2:
c2:6b:ae:61:ab:49:2f:1f:c4:cf:fd:61:6c:40:1f:
bf:f2:d9:88:3f:69:ca:ba:f3:ee:91:ad:e4:f4:de:
7d:87:57:d7:49:cd:85:70:4c:07:9c:8b:a3:26:ce:
36:eb:de:a4:03:80:d2:b8:35:de:16:93:39:9c:18:
6f:c1:52:20:a8:69:aa:3b:e8:8c:b7:00:b0:d2:1c:
0b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:4A:88:AB:8C:82:7D:B7:2A:1A:39:00:F5:DA:69:49:51:39:5D:E2
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/32cefe31-bf79-4ba2-bb1a-1606f7de1b26.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
62:20:b8:b9:9b:8f:31:02:e8:bd:71:67:99:a7:d3:9f:3f:3c:
2c:8c:50:27:13:e5:2d:a4:8b:de:38:43:57:e9:14:32:53:3f:
19:83:02:b4:4e:79:43:87:63:3c:dc:df:97:7e:21:dd:16:13:
82:5d:0a:e8:22:b1:c2:6f:ad:91:e8:1e:96:43:f4:c1:02:9c:
93:92:d3:6a:1e:72:6b:26:60:41:34:1c:86:b5:97:95:22:31:
84:48:64:1d:8c:d8:92:60:18:b2:12:97:d6:30:de:e8:9f:d5:
f6:a3:a1:bd:33:f8:5a:0a:29:f5:58:2d:37:0a:60:49:bf:e1:
a1:49:d8:85:1e:33:22:41:f0:83:db:65:97:c7:84:bd:42:2e:
fd:f7:0d:da:16:0f:3a:e6:1c:02:76:4d:74:ca:41:d8:c2:1c:
fd:bb:9b:50:01:f5:4a:91:43:d8:f9:5f:4e:c9:6f:91:e1:12:
f6:b9:d0:5a:35:5d:b7:66:a0:87:a2:f1:85:fa:00:04:af:25:
56:a9:9f:0d:e2:ee:66:6f:ec:f2:cd:5b:c8:e7:65:26:95:5a:
7c:58:20:a9:fc:47:d6:01:ee:40:de:47:7f:e2:e0:34:25:70:
b6:23:6b:7d:47:58:e7:c7:9a:50:2a:0a:71:80:32:60:0f:77:
75:fc:0b:f8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSTEqwzKEMY6sbSZjnAfCzj8mdDEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMjIwMDAwMDAwWhcNMjQwMzI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMDhkNTg4OGJiMTA3NzlhMTZmZjYwYTA5NTY5NDg4NWI2
ODkwMjVjYjk5MTFiNzI3NDllYTZiYjM4ZWMzZTNmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzk6+P2MDXZPm6S9hCoL/ZB5AzDAuo90A8W7WlFamqQtxF
SYJAnz+FNDPtek39d6puBAt5lJMwu2Jxvp6q5UVkhnw3ZjS+GCADWB7vAR/kWZAo
tIdqw9CXYSrHbNQ1Ucook2dufdeGNDTLwbrk3YTX6sfgPXxOQINxbJ3md87zEnks
ZP4sHe6+9n9LppZY4+/yB6lIkhv9x27XdDJoRo4KHnFjgVRRyk5qbuidtEc10A4o
4sJrrmGrSS8fxM/9YWxAH7/y2Yg/acq68+6RreT03n2HV9dJzYVwTAeci6Mmzjbr
3qQDgNK4Nd4WkzmcGG/BUiCoaao76Iy3ALDSHAvXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUN0qIq4yCfbcqGjkA9dppSVE5XeIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMyY2VmZTMxLWJmNzktNGJhMi1iYjFhLTE2MDZmN2RlMWIyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGIguLmbjzEC6L1xZ5mn058/PCyM
UCcT5S2ki944Q1fpFDJTPxmDArROeUOHYzzc35d+Id0WE4JdCugiscJvrZHoHpZD
9MECnJOS02oecmsmYEE0HIa1l5UiMYRIZB2M2JJgGLISl9Yw3uif1fajob0z+FoK
KfVYLTcKYEm/4aFJ2IUeMyJB8IPbZZfHhL1CLv33DdoWDzrmHAJ2TXTKQdjCHP27
m1AB9UqRQ9j5X07Jb5HhEva50Fo1XbdmoIei8YX6AASvJVapnw3i7mZv7PLNW8jn
ZSaVWnxYIKn8R9YB7kDeR3/i4DQlcLYja31HWOfHmlAqCnGAMmAPd3X8C/g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:07:16 2025 by rpki-client