Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3c414ab9-4b7e-469c-987b-30be9a6fc3be.roa
File: 3c414ab9-4b7e-469c-987b-30be9a6fc3be.roa (raw, json)
Hash identifier: x46uED5RAq7DuJZwMhKlFOZhdfN1N+jNke7aBZMOV/s=
Subject key identifier: 84:E1:79:41:83:B3:DB:89:E3:05:80:39:EF:D2:66:C2:72:8D:FC:5B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6D42FC7501CE8E99F23375A5C39F1CA4AA4E1EEC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3c414ab9-4b7e-469c-987b-30be9a6fc3be.roa
Signing time: Fri 22 Sep 2023 00:00:00 +0000
ROA not before: Fri 22 Sep 2023 00:00:00 +0000
ROA not after: Fri 27 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:42:fc:75:01:ce:8e:99:f2:33:75:a5:c3:9f:1c:a4:aa:4e:1e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 22 00:00:00 2023 GMT
Not After : Oct 27 23:59:59 2023 GMT
Subject: serialNumber=e8c116ec6f2af3a0a6422168e77d262168a83642345923b889c5f8ccaf8a3fbb, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6e:f2:da:26:3c:d0:9b:15:11:1d:07:47:ca:
55:0c:f8:52:90:57:ac:26:08:f3:b3:0a:75:a2:ef:
e7:80:91:a6:fc:1d:ba:01:35:74:99:06:47:c9:8e:
0e:59:a4:c8:80:76:e4:4b:7c:4c:da:3c:8f:ce:7d:
ec:94:ff:97:8e:ce:ba:74:8b:82:6f:eb:2a:7f:8d:
5c:b9:f2:38:c8:c0:b7:61:a8:70:fe:de:0c:ba:f1:
cc:10:a2:35:23:36:38:e3:40:d9:30:2a:b9:0a:85:
e3:1b:67:24:f0:83:77:78:5d:46:6b:97:08:51:14:
0d:e3:49:7e:82:c2:1c:09:9a:25:3f:79:85:6b:6b:
cb:fe:27:68:43:e0:fd:67:c0:d1:97:9a:1b:d1:8a:
76:58:c0:db:9a:21:fc:e4:41:9f:79:76:24:9f:71:
fd:c5:75:5a:91:ba:a4:2a:c9:aa:5d:5b:e8:1d:80:
38:e5:74:88:af:b3:49:bc:82:f0:a8:30:06:f4:cf:
e3:29:52:fe:ce:5b:7b:59:c3:f6:6a:bc:b1:39:4d:
99:97:8c:db:ec:2a:9f:64:fe:1a:f3:7b:8e:42:43:
2c:ef:97:28:3a:44:66:80:06:37:8a:2d:e4:84:e8:
3f:e3:a6:6a:97:f4:63:be:1c:7a:fe:96:bd:ae:a8:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E1:79:41:83:B3:DB:89:E3:05:80:39:EF:D2:66:C2:72:8D:FC:5B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3c414ab9-4b7e-469c-987b-30be9a6fc3be.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
97:06:c4:86:e5:41:ce:f3:c5:03:e1:93:37:67:bb:d8:a2:b5:
31:1a:e4:be:d5:98:d1:6b:9a:19:4e:aa:82:6f:32:6a:c9:d8:
13:f8:0c:56:7a:0f:b8:de:dc:1a:a1:aa:81:2e:fe:b9:f0:dc:
c8:37:e0:d7:02:d4:05:ca:a0:be:b0:fb:70:88:a8:f2:c1:65:
58:89:94:81:05:a3:dd:33:14:7a:72:b6:af:04:ee:b0:2d:b9:
27:85:ce:ac:0f:82:8b:12:b5:1e:e0:29:74:a7:ca:ef:39:f1:
f2:d4:30:ed:e0:37:fb:fa:48:10:af:77:0d:bc:51:0b:6c:b1:
b9:e4:da:68:e9:f6:d6:66:9a:a6:db:9e:6f:eb:d0:9f:0d:18:
6d:17:72:f1:f3:6d:9f:98:7c:e3:2d:7b:df:3e:7a:62:ce:da:
3d:b4:b6:be:03:85:bd:6a:bd:24:a6:8e:82:0f:db:ec:55:e0:
9a:02:02:27:bf:30:42:ec:1a:0b:a4:54:4b:ae:a1:99:86:a6:
e4:f6:e0:62:98:bb:2f:2d:a5:0b:4b:2d:e9:d6:0b:b9:68:9c:
88:3b:bb:5e:cb:2f:c8:67:cb:ec:c9:e0:b3:42:92:4e:42:78:
91:7c:9a:25:b2:a2:06:4a:c7:f2:39:66:01:98:a0:48:93:ed:
18:e0:33:6d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbUL8dQHOjpnyM3Wlw58cpKpOHuwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOGMxMTZlYzZmMmFmM2EwYTY0MjIxNjhlNzdkMjYyMTY4
YTgzNjQyMzQ1OTIzYjg4OWM1ZjhjY2FmOGEzZmJiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVbvLaJjzQmxURHQdHylUM+FKQV6wmCPOzCnWi7+eAkab8
HboBNXSZBkfJjg5ZpMiAduRLfEzaPI/OfeyU/5eOzrp0i4Jv6yp/jVy58jjIwLdh
qHD+3gy68cwQojUjNjjjQNkwKrkKheMbZyTwg3d4XUZrlwhRFA3jSX6CwhwJmiU/
eYVra8v+J2hD4P1nwNGXmhvRinZYwNuaIfzkQZ95diSfcf3FdVqRuqQqyapdW+gd
gDjldIivs0m8gvCoMAb0z+MpUv7OW3tZw/ZqvLE5TZmXjNvsKp9k/hrze45CQyzv
lyg6RGaABjeKLeSE6D/jpmqX9GO+HHr+lr2uqC1TAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhOF5QYOz24njBYA579JmwnKN/FswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNjNDE0YWI5LTRiN2UtNDY5Yy05ODdiLTMwYmU5YTZmYzNiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJcGxIblQc7zxQPhkzdnu9iitTEa
5L7VmNFrmhlOqoJvMmrJ2BP4DFZ6D7je3BqhqoEu/rnw3Mg34NcC1AXKoL6w+3CI
qPLBZViJlIEFo90zFHpytq8E7rAtuSeFzqwPgosStR7gKXSnyu858fLUMO3gN/v6
SBCvdw28UQtssbnk2mjp9tZmmqbbnm/r0J8NGG0XcvHzbZ+YfOMte98+emLO2j20
tr4Dhb1qvSSmjoIP2+xV4JoCAie/MELsGgukVEuuoZmGpuT24GKYuy8tpQtLLenW
C7lonIg7u17LL8hny+zJ4LNCkk5CeJF8miWyogZKx/I5ZgGYoEiT7RjgM20=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:08:23 2025 by rpki-client