Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/38c5220b-7db9-4b23-9522-1059b208cfff.roa
File: 38c5220b-7db9-4b23-9522-1059b208cfff.roa (raw, json)
Hash identifier: VFgM86YM36f9DlKjXMpziKj6/g0gsNP64JLF62pgycc=
Subject key identifier: B0:0E:0C:DA:16:A7:B3:BD:4A:CB:79:03:24:6C:96:80:7D:5C:00:D6
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 360C50D8D7B63727CF84E5E9C255206FC84A9E3C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/38c5220b-7db9-4b23-9522-1059b208cfff.roa
Signing time: Wed 25 Sep 2024 00:00:00 +0000
ROA not before: Wed 25 Sep 2024 00:00:00 +0000
ROA not after: Wed 30 Oct 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:0c:50:d8:d7:b6:37:27:cf:84:e5:e9:c2:55:20:6f:c8:4a:9e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 25 00:00:00 2024 GMT
Not After : Oct 30 23:59:59 2024 GMT
Subject: serialNumber=67921f2d2485851bb3bb18e0d325d9c808fc2e8daf560af5da9db3a95bc3d7f2, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:02:b6:6f:5d:99:df:59:76:f9:5c:53:10:41:
b6:3b:52:f4:f0:1a:a9:e3:71:a5:06:64:a7:f1:b3:
ea:f0:31:3c:d4:d3:fc:e5:84:6d:02:c5:0d:d0:1a:
68:7a:fb:38:e8:90:5e:99:44:94:a3:ce:03:bd:e3:
56:4f:71:46:ea:5b:33:03:11:53:44:6d:75:4b:fb:
c1:6a:f7:04:d7:65:cf:66:71:5f:56:53:23:32:33:
5e:bf:ac:15:d2:fb:89:45:e1:ee:38:5b:25:c0:fe:
39:e8:4b:0a:9f:04:31:83:05:40:70:8e:95:3a:f3:
5d:b0:30:2d:d8:fa:d7:61:b6:15:08:f0:ce:0f:84:
60:c2:85:3e:bc:de:3d:7f:5b:27:eb:77:c2:13:8d:
1e:0f:f2:b5:34:db:3c:e6:8f:b7:21:15:6e:6c:9c:
b1:c4:af:a3:48:68:4e:12:00:98:1b:df:4b:e9:d7:
76:73:59:46:be:13:86:6d:9f:1d:86:4b:93:40:c5:
6d:ba:04:90:b2:63:86:c0:5e:f5:a9:09:56:af:a0:
dd:dc:65:d6:2f:ef:f1:a3:63:f4:5c:e1:ce:f3:c4:
8b:28:85:ed:b8:b9:46:ba:72:83:c5:34:0a:85:50:
07:ca:2a:3c:89:bd:d0:54:79:e7:8a:23:bf:84:37:
f9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0E:0C:DA:16:A7:B3:BD:4A:CB:79:03:24:6C:96:80:7D:5C:00:D6
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/38c5220b-7db9-4b23-9522-1059b208cfff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
24:6e:57:ca:3d:0e:0c:3d:ac:ba:1a:c4:cf:1b:51:e3:14:20:
7c:0f:7f:a5:e2:ea:68:92:c9:94:fe:92:c5:b0:02:2e:dc:50:
b2:e7:c1:82:c1:ee:11:88:75:17:30:57:ff:f9:6e:4c:ba:86:
2e:c9:64:c3:f5:9b:52:ea:93:47:1a:98:e4:67:bd:74:43:46:
6c:f1:28:91:f6:e9:1e:9d:d6:41:d2:17:6a:91:94:71:e4:b4:
fc:20:3b:c2:86:69:3b:aa:07:a2:5e:c5:b9:bf:ec:7c:5c:50:
f8:f5:2a:81:88:ea:ae:8d:ca:24:a7:92:82:91:37:96:fb:e8:
c6:33:6f:b7:28:24:9f:81:27:29:9a:e2:30:ef:f2:3b:7e:ab:
36:45:e6:54:7e:da:fc:48:d7:1f:61:be:36:00:15:fb:07:f5:
22:e4:57:86:56:11:01:be:3b:e7:27:b2:88:05:96:e8:73:94:
45:e0:31:88:cf:fd:e9:f6:2b:e6:83:47:11:10:6c:70:55:2c:
07:c6:2d:fd:9d:02:44:0b:a7:51:84:7f:59:cb:98:6e:96:59:
0b:51:f4:6d:a1:14:28:36:a1:70:c6:76:ce:7a:7d:9f:48:ab:
69:e3:78:43:65:7d:50:fe:4c:69:f3:5c:eb:b0:8b:eb:a2:07:
ec:0e:58:b9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNgxQ2Ne2NyfPhOXpwlUgb8hKnjwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTI1MDAwMDAwWhcNMjQxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzkyMWYyZDI0ODU4NTFiYjNiYjE4ZTBkMzI1ZDljODA4
ZmMyZThkYWY1NjBhZjVkYTlkYjNhOTViYzNkN2YyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7ArZvXZnfWXb5XFMQQbY7UvTwGqnjcaUGZKfxs+rwMTzU
0/zlhG0CxQ3QGmh6+zjokF6ZRJSjzgO941ZPcUbqWzMDEVNEbXVL+8Fq9wTXZc9m
cV9WUyMyM16/rBXS+4lF4e44WyXA/jnoSwqfBDGDBUBwjpU6812wMC3Y+tdhthUI
8M4PhGDChT683j1/Wyfrd8ITjR4P8rU02zzmj7chFW5snLHEr6NIaE4SAJgb30vp
13ZzWUa+E4Ztnx2GS5NAxW26BJCyY4bAXvWpCVavoN3cZdYv7/GjY/Rc4c7zxIso
he24uUa6coPFNAqFUAfKKjyJvdBUeeeKI7+EN/kvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsA4M2hans71Ky3kDJGyWgH1cANYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzM4YzUyMjBiLTdkYjktNGIyMy05NTIyLTEwNTliMjA4Y2ZmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACRuV8o9Dgw9rLoaxM8bUeMUIHwP
f6Xi6miSyZT+ksWwAi7cULLnwYLB7hGIdRcwV//5bky6hi7JZMP1m1Lqk0camORn
vXRDRmzxKJH26R6d1kHSF2qRlHHktPwgO8KGaTuqB6Jexbm/7HxcUPj1KoGI6q6N
yiSnkoKRN5b76MYzb7coJJ+BJyma4jDv8jt+qzZF5lR+2vxI1x9hvjYAFfsH9SLk
V4ZWEQG+O+cnsogFluhzlEXgMYjP/en2K+aDRxEQbHBVLAfGLf2dAkQLp1GEf1nL
mG6WWQtR9G2hFCg2oXDGds56fZ9Iq2njeENlfVD+TGnzXOuwi+uiB+wOWLk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:31:19 2025 by rpki-client