Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3c768347-f5b7-4422-a167-3b343d0223ab.roa
File: 3c768347-f5b7-4422-a167-3b343d0223ab.roa (raw, json)
Hash identifier: Kpj1wrAy5/2g6gRECDDv0TOrwfqxb8s2tNbPYGq5jdk=
Subject key identifier: 64:CE:C2:2E:9D:56:FB:1B:F5:82:A7:4F:85:DB:39:01:01:3B:39:E9
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 40204941C4CEED632E23CA13D7DEA0D09A402375
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3c768347-f5b7-4422-a167-3b343d0223ab.roa
Signing time: Mon 17 Jun 2024 00:00:00 +0000
ROA not before: Mon 17 Jun 2024 00:00:00 +0000
ROA not after: Mon 22 Jul 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:20:49:41:c4:ce:ed:63:2e:23:ca:13:d7:de:a0:d0:9a:40:23:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 17 00:00:00 2024 GMT
Not After : Jul 22 23:59:59 2024 GMT
Subject: serialNumber=48df7fef5495a5b80753805a82d4522567504a21ecb07267ab9721df8a93b1bf, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c0:fc:bb:aa:b8:58:bb:ec:90:64:e3:3f:7f:
e2:77:6c:91:6c:8c:a9:ef:3c:bf:db:8c:f7:f6:91:
2c:f2:25:23:ab:37:43:a6:b4:bb:d6:ee:b3:87:e9:
20:89:f8:9f:25:de:f1:51:4d:93:71:ea:2f:69:34:
bb:89:00:11:3a:fb:f7:32:24:98:9b:06:25:18:21:
7f:2f:97:20:a2:12:58:07:5d:42:5e:ef:9c:d2:44:
14:42:ac:f5:1b:53:25:7c:e2:df:64:b5:48:70:de:
ae:66:df:20:11:7c:0a:f2:30:3f:3c:37:1d:56:0a:
e4:ec:08:c6:0a:70:9e:34:98:2b:b6:58:29:90:0c:
09:6b:12:ca:fe:58:27:e2:bc:ea:34:68:b0:88:c6:
bd:0d:04:92:a6:d8:37:ca:77:10:6a:d3:84:d5:15:
75:9f:2a:94:8e:3d:bc:98:c2:36:4e:e6:20:a0:70:
31:cb:e6:10:52:b2:c3:1f:91:0f:3a:87:be:d8:8e:
0b:16:9e:ef:5c:64:89:c1:db:d8:a7:31:90:2d:87:
c3:1a:73:e2:79:5d:63:0b:3e:f7:9d:fe:19:dc:41:
ff:af:e3:6b:3b:d4:91:9c:8b:fb:92:c4:66:df:be:
53:03:de:44:1f:84:4a:6f:1e:16:22:b7:91:be:ec:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CE:C2:2E:9D:56:FB:1B:F5:82:A7:4F:85:DB:39:01:01:3B:39:E9
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3c768347-f5b7-4422-a167-3b343d0223ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:15:e8:70:8c:e0:70:a3:b2:a6:30:da:1d:5d:35:c4:aa:44:
a1:7c:9a:e3:a3:47:c5:da:41:2b:cc:8b:58:39:cb:87:91:ec:
44:e6:29:20:30:8f:08:f0:8c:9a:a9:6e:90:76:ba:fc:1f:81:
eb:cc:98:60:3c:b1:a2:d5:56:b1:34:73:c1:8a:ba:3f:1a:08:
f3:e0:a5:cc:8b:94:55:27:34:42:d3:2b:78:8e:62:e2:10:cb:
29:79:a5:29:d5:4f:02:58:56:98:65:b8:63:28:88:66:4a:83:
44:56:08:59:2f:25:b4:40:e3:94:c5:a0:fc:ff:1b:29:91:b6:
b5:98:59:3b:96:5a:f2:63:3c:1f:6c:cb:10:1d:e1:23:a6:56:
e2:c1:12:6f:7e:5b:ea:c2:f3:3e:0c:ce:14:06:36:38:fb:15:
2b:57:06:5c:3a:1b:a6:0b:2c:91:5b:57:c5:37:cf:96:8e:99:
68:c7:e1:9a:93:1e:2a:a6:d5:8a:b4:ba:c8:7c:fb:8c:13:e7:
d9:a1:c3:80:c2:3f:53:e6:6e:37:46:cc:e5:92:e2:03:3a:9e:
5b:93:71:18:a6:ef:42:66:6c:27:50:15:d3:9e:53:db:0e:b8:
53:84:f6:10:fe:93:a2:a9:4d:44:f8:de:d7:55:8d:ef:9d:1f:
a3:bc:06:6c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQCBJQcTO7WMuI8oT196g0JpAI3UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjE3MDAwMDAwWhcNMjQwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGRmN2ZlZjU0OTVhNWI4MDc1MzgwNWE4MmQ0NTIyNTY3
NTA0YTIxZWNiMDcyNjdhYjk3MjFkZjhhOTNiMWJmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1wPy7qrhYu+yQZOM/f+J3bJFsjKnvPL/bjPf2kSzyJSOr
N0OmtLvW7rOH6SCJ+J8l3vFRTZNx6i9pNLuJABE6+/cyJJibBiUYIX8vlyCiElgH
XUJe75zSRBRCrPUbUyV84t9ktUhw3q5m3yARfAryMD88Nx1WCuTsCMYKcJ40mCu2
WCmQDAlrEsr+WCfivOo0aLCIxr0NBJKm2DfKdxBq04TVFXWfKpSOPbyYwjZO5iCg
cDHL5hBSssMfkQ86h77YjgsWnu9cZInB29inMZAth8Mac+J5XWMLPved/hncQf+v
42s71JGci/uSxGbfvlMD3kQfhEpvHhYit5G+7LKjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZM7CLp1W+xv1gqdPhds5AQE7OekwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNjNzY4MzQ3LWY1YjctNDQyMi1hMTY3LTNiMzQzZDAyMjNhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADwV6HCM4HCjsqYw2h1dNcSqRKF8
muOjR8XaQSvMi1g5y4eR7ETmKSAwjwjwjJqpbpB2uvwfgevMmGA8saLVVrE0c8GK
uj8aCPPgpcyLlFUnNELTK3iOYuIQyyl5pSnVTwJYVphluGMoiGZKg0RWCFkvJbRA
45TFoPz/GymRtrWYWTuWWvJjPB9syxAd4SOmVuLBEm9+W+rC8z4MzhQGNjj7FStX
Blw6G6YLLJFbV8U3z5aOmWjH4ZqTHiqm1Yq0ush8+4wT59mhw4DCP1PmbjdGzOWS
4gM6nluTcRim70JmbCdQFdOeU9sOuFOE9hD+k6KpTUT43tdVje+dH6O8Bmw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:06:50 2025 by rpki-client