Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3f722a71-7a5f-4ca7-80f9-dc46323c3a17.roa
File: 3f722a71-7a5f-4ca7-80f9-dc46323c3a17.roa (raw, json)
Hash identifier: 7T1Ee3XozWVx3UianED3fS9Yl5HN6xLRhq5/q6OHsVY=
Subject key identifier: 99:45:1F:A8:BD:DD:30:1A:F7:16:F6:C1:0D:E4:F9:19:34:A0:50:82
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 02068158C14353025098A8F12734F240177BFEAF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3f722a71-7a5f-4ca7-80f9-dc46323c3a17.roa
Signing time: Tue 20 Jun 2023 00:00:00 +0000
ROA not before: Tue 20 Jun 2023 00:00:00 +0000
ROA not after: Tue 25 Jul 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:06:81:58:c1:43:53:02:50:98:a8:f1:27:34:f2:40:17:7b:fe:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 20 00:00:00 2023 GMT
Not After : Jul 25 23:59:59 2023 GMT
Subject: serialNumber=750e415fed097124f8808598c2801c32bc92ee62190dc2f2f96708c6926137e1, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a1:9c:07:f7:ca:07:b2:c2:7e:ff:55:fd:cb:
0a:99:d9:a0:73:3d:22:39:bf:f5:55:1e:27:22:50:
d1:22:33:60:80:7d:c4:98:e7:48:c6:0d:e9:be:84:
c4:4d:9f:d1:74:1f:c8:b5:3a:eb:3d:b6:29:4e:5d:
8a:55:a2:da:0d:23:f1:1e:70:a6:c1:68:68:8b:73:
0e:51:12:55:07:aa:aa:fe:ed:c8:20:5a:83:42:3a:
b9:d2:e6:3d:c8:00:d3:c0:f7:2a:38:41:18:0e:35:
a3:5c:f9:6c:6d:f3:56:0f:23:4c:e4:59:16:20:2a:
b0:fd:16:ab:30:19:04:c0:ad:26:99:aa:44:21:a0:
ee:d6:6d:62:9a:88:6e:38:53:56:e2:54:23:d1:89:
d8:fc:b7:bf:50:22:a4:7d:9f:f6:4b:00:af:3b:78:
5e:62:f4:99:8a:99:8d:27:01:03:cd:f9:8c:90:29:
43:0d:2f:87:4b:33:c4:1d:c5:08:37:9e:ba:4d:cc:
ab:63:29:61:93:47:72:f6:8b:04:0e:bd:56:8d:9c:
fa:f6:2a:e0:64:1d:53:3c:23:30:55:2c:e1:79:fc:
03:3c:51:8f:65:3a:04:95:86:94:83:49:0e:da:9a:
3e:25:b3:a7:fa:ee:cd:fe:e7:af:c6:a4:8b:f6:e4:
9a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:45:1F:A8:BD:DD:30:1A:F7:16:F6:C1:0D:E4:F9:19:34:A0:50:82
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3f722a71-7a5f-4ca7-80f9-dc46323c3a17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
04:04:74:be:d9:9a:e4:8d:cd:7f:96:02:bc:e3:05:81:2a:6c:
bd:12:1a:7e:58:2f:01:5e:bd:19:21:c9:c6:5d:0b:79:20:22:
4e:c2:84:5e:6f:32:7d:84:8d:5f:e3:f4:c4:a7:b4:f6:dc:82:
09:3f:37:a0:00:c1:f5:45:4c:e2:67:f2:c8:e6:9b:43:5f:e9:
c9:8d:48:d8:45:91:c5:65:4f:f8:36:4a:09:7b:bb:25:32:5f:
a4:02:cb:47:d5:30:49:9c:41:31:41:a9:58:f4:12:5f:6a:89:
46:ea:9c:42:4e:01:47:3a:75:76:50:81:21:b4:a9:a5:d6:02:
e0:24:89:74:ec:e5:81:4e:25:fd:19:51:12:ae:9c:0c:e3:f2:
47:99:84:79:7f:49:34:2e:d6:b2:2f:b1:10:4b:c0:da:fe:13:
82:7d:9e:e3:67:87:30:42:27:34:8a:3d:20:31:34:37:b4:12:
1f:70:fe:33:49:6b:f7:10:4a:2d:ea:9f:22:4e:b2:21:21:36:
2c:c5:b2:34:76:5e:d3:b9:b7:ba:40:86:57:e0:63:81:c0:f5:
f0:7b:00:71:97:71:43:a7:f1:6e:1d:93:fd:b7:a5:c4:be:10:
37:7e:40:11:40:45:a6:ee:1d:ab:5d:42:c4:19:b7:b6:91:42:
c0:45:0d:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAgaBWMFDUwJQmKjxJzTyQBd7/q8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjIwMDAwMDAwWhcNMjMwNzI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NTBlNDE1ZmVkMDk3MTI0Zjg4MDg1OThjMjgwMWMzMmJj
OTJlZTYyMTkwZGMyZjJmOTY3MDhjNjkyNjEzN2UxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDyoZwH98oHssJ+/1X9ywqZ2aBzPSI5v/VVHiciUNEiM2CA
fcSY50jGDem+hMRNn9F0H8i1Ous9tilOXYpVotoNI/EecKbBaGiLcw5RElUHqqr+
7cggWoNCOrnS5j3IANPA9yo4QRgONaNc+Wxt81YPI0zkWRYgKrD9FqswGQTArSaZ
qkQhoO7WbWKaiG44U1biVCPRidj8t79QIqR9n/ZLAK87eF5i9JmKmY0nAQPN+YyQ
KUMNL4dLM8QdxQg3nrpNzKtjKWGTR3L2iwQOvVaNnPr2KuBkHVM8IzBVLOF5/AM8
UY9lOgSVhpSDSQ7amj4ls6f67s3+56/GpIv25JqzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmUUfqL3dMBr3FvbBDeT5GTSgUIIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNmNzIyYTcxLTdhNWYtNGNhNy04MGY5LWRjNDYzMjNjM2ExNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAQEdL7ZmuSNzX+WArzjBYEqbL0S
Gn5YLwFevRkhycZdC3kgIk7ChF5vMn2EjV/j9MSntPbcggk/N6AAwfVFTOJn8sjm
m0Nf6cmNSNhFkcVlT/g2Sgl7uyUyX6QCy0fVMEmcQTFBqVj0El9qiUbqnEJOAUc6
dXZQgSG0qaXWAuAkiXTs5YFOJf0ZURKunAzj8keZhHl/STQu1rIvsRBLwNr+E4J9
nuNnhzBCJzSKPSAxNDe0Eh9w/jNJa/cQSi3qnyJOsiEhNizFsjR2XtO5t7pAhlfg
Y4HA9fB7AHGXcUOn8W4dk/23pcS+EDd+QBFARabuHatdQsQZt7aRQsBFDd8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:10:45 2025 by rpki-client