Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3698710e-4437-4094-a44a-d3a3b24a07db.roa
File: 3698710e-4437-4094-a44a-d3a3b24a07db.roa (raw, json)
Hash identifier: pAy/lMPFYcxKaHs9AqLJGKmde0L0QAM1WdHFb5ACffI=
Subject key identifier: 95:E5:23:E7:E6:90:78:56:A6:9A:7D:FC:73:8B:F5:36:A3:56:D2:9B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 78EDA61B717BFED9CAD8261DDD4AC1D7D8707C64
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3698710e-4437-4094-a44a-d3a3b24a07db.roa
Signing time: Mon 28 Apr 2025 14:43:18 +0000
ROA not before: Mon 28 Apr 2025 14:43:18 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ed:a6:1b:71:7b:fe:d9:ca:d8:26:1d:dd:4a:c1:d7:d8:70:7c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 28 14:43:18 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=50179ca4812de3b70a2b1a43fde42ab841f264e19f966114ec7c04c2dcb35db6, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:53:a5:ce:0e:d7:7d:21:44:ba:eb:28:bf:b0:
45:8b:10:9c:f2:fc:96:55:53:29:1d:c2:5d:ed:86:
64:7a:c2:67:03:5d:db:5d:86:e5:0b:2b:78:f4:2f:
41:a9:d7:7a:e7:9c:f3:3b:d2:2a:26:2a:6d:6c:9a:
ce:50:83:f0:01:34:92:1e:ad:49:48:25:8e:ea:07:
57:34:b1:fe:2e:20:35:5c:0b:85:61:6c:90:19:9b:
a4:0f:85:bb:83:94:c6:f1:37:18:27:c6:dc:46:8f:
76:89:55:16:8d:ff:31:7f:e1:6a:db:fe:ba:3f:71:
15:9a:d3:2b:5e:44:c4:81:fa:89:8f:de:84:d9:34:
d8:bd:72:da:b2:e8:ad:de:3a:99:7e:c0:64:50:06:
94:a8:1f:0f:be:12:cf:d7:c3:2d:a8:b4:6f:90:4a:
5e:1b:24:28:e1:f8:83:39:0f:08:e4:72:99:15:24:
df:c5:69:42:27:90:f4:04:95:46:d9:77:e8:92:8a:
60:09:74:aa:e3:72:e9:26:dc:8f:ac:36:6d:7a:fc:
0e:9c:98:99:48:6a:1e:17:bf:bc:50:db:9a:ce:b1:
7d:b9:25:93:b0:5a:58:11:9c:c6:65:29:91:52:e2:
0d:83:04:a9:14:c4:84:6f:27:7f:a8:6f:22:59:fe:
9a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E5:23:E7:E6:90:78:56:A6:9A:7D:FC:73:8B:F5:36:A3:56:D2:9B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3698710e-4437-4094-a44a-d3a3b24a07db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:23:8f:b1:90:d7:54:f3:a4:89:d5:1f:cd:ea:9b:eb:55:ab:
b4:d7:fa:cd:07:e9:65:17:dc:28:6f:04:83:c8:15:dd:38:11:
f4:01:4c:7e:75:51:80:ba:4f:45:6e:ee:75:bc:a0:b2:64:6c:
07:ee:7c:bb:20:8b:9e:9b:79:17:16:09:07:44:a8:c2:99:a2:
a6:72:57:e8:df:6f:55:9d:1b:28:c3:16:01:95:a4:a6:7e:bd:
46:87:9e:5e:36:55:11:07:59:bf:ca:e8:5d:19:ca:8b:9f:8b:
b6:40:b5:c0:4c:0f:3a:83:f8:14:ff:90:d4:64:35:27:35:4a:
14:f1:fc:7f:b4:34:d1:a5:77:db:be:aa:e2:23:c9:fe:21:98:
a9:9c:6f:e6:1e:9f:37:42:15:93:87:f7:7e:a0:f0:1c:05:17:
04:5c:d8:4b:8e:a1:4d:bf:26:6d:0d:6e:3d:7e:ab:ec:14:c5:
7f:43:44:61:ca:8b:e4:16:87:ff:ee:b8:78:36:be:6d:7c:f1:
71:f6:be:02:8f:32:a0:50:59:d7:b6:d4:80:91:ba:71:49:b5:
ba:20:09:10:0b:49:41:b0:73:a0:4d:95:1e:bd:94:ed:db:12:
f9:92:f4:bf:23:64:09:bf:65:ee:c2:65:f3:1c:e8:e6:ea:0f:
94:3a:83:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeO2mG3F7/tnK2CYd3UrB19hwfGQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI4MTQ0MzE4WhcNMjUwNjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDE3OWNhNDgxMmRlM2I3MGEyYjFhNDNmZGU0MmFiODQx
ZjI2NGUxOWY5NjYxMTRlYzdjMDRjMmRjYjM1ZGI2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIU6XODtd9IUS66yi/sEWLEJzy/JZVUykdwl3thmR6wmcD
XdtdhuULK3j0L0Gp13rnnPM70iomKm1sms5Qg/ABNJIerUlIJY7qB1c0sf4uIDVc
C4VhbJAZm6QPhbuDlMbxNxgnxtxGj3aJVRaN/zF/4Wrb/ro/cRWa0yteRMSB+omP
3oTZNNi9ctqy6K3eOpl+wGRQBpSoHw++Es/Xwy2otG+QSl4bJCjh+IM5DwjkcpkV
JN/FaUInkPQElUbZd+iSimAJdKrjcukm3I+sNm16/A6cmJlIah4Xv7xQ25rOsX25
JZOwWlgRnMZlKZFS4g2DBKkUxIRvJ3+obyJZ/ppZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUleUj5+aQeFammn38c4v1NqNW0pswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzM2OTg3MTBlLTQ0MzctNDA5NC1hNDRhLWQzYTNiMjRhMDdkYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKAjj7GQ11TzpInVH83qm+tVq7TX
+s0H6WUX3ChvBIPIFd04EfQBTH51UYC6T0Vu7nW8oLJkbAfufLsgi56beRcWCQdE
qMKZoqZyV+jfb1WdGyjDFgGVpKZ+vUaHnl42VREHWb/K6F0Zyoufi7ZAtcBMDzqD
+BT/kNRkNSc1ShTx/H+0NNGld9u+quIjyf4hmKmcb+YenzdCFZOH936g8BwFFwRc
2EuOoU2/Jm0Nbj1+q+wUxX9DRGHKi+QWh//uuHg2vm188XH2vgKPMqBQWde21ICR
unFJtbogCRALSUGwc6BNlR69lO3bEvmS9L8jZAm/Ze7CZfMc6ObqD5Q6gyc=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:08:57 2025 by rpki-client