Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/42fa2843-c0b1-4ce5-812d-1552f97588f6.roa
File: 42fa2843-c0b1-4ce5-812d-1552f97588f6.roa (raw, json)
Hash identifier: v2/aA3sX9pw3cOi7jD0XfTbJ2byqr6Ws2yhnCfO0KTI=
Subject key identifier: 8C:4B:C3:3B:FC:BB:40:E7:70:DE:9F:0C:A1:84:2B:93:E2:8C:3A:93
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 33F7D33215D437109533C49CD32B9111088D0A83
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/42fa2843-c0b1-4ce5-812d-1552f97588f6.roa
Signing time: Sat 13 Jul 2024 00:00:00 +0000
ROA not before: Sat 13 Jul 2024 00:00:00 +0000
ROA not after: Sat 17 Aug 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f7:d3:32:15:d4:37:10:95:33:c4:9c:d3:2b:91:11:08:8d:0a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 13 00:00:00 2024 GMT
Not After : Aug 17 23:59:59 2024 GMT
Subject: serialNumber=747c8869f25c73838431dd751ab089de382a79e96934c9a8ffcfa4e22c7c577c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:26:33:64:2f:51:b4:1f:bc:89:2e:d4:7e:5a:
67:03:a3:29:f7:ba:29:12:bb:c1:2c:34:17:15:0b:
5d:e6:87:da:e3:97:00:4c:a6:7e:4f:b0:33:b8:62:
41:cd:39:d7:06:bd:55:9a:c5:da:4d:9e:24:4c:d9:
0a:5a:6a:31:0a:8b:82:99:73:b9:fc:bc:ab:c0:41:
95:b4:fc:9e:d8:4a:c5:16:84:5f:af:0a:93:b5:d9:
4a:89:17:12:1b:ef:d1:88:1e:07:63:66:a1:7d:79:
13:e3:04:55:11:ad:fa:8e:94:17:5f:cd:1b:83:3b:
3e:2f:a7:43:43:e7:7e:ae:2c:b2:eb:2a:99:ea:7d:
c7:57:00:24:76:37:1e:3c:f1:c8:3f:b6:b3:4c:13:
6f:5f:19:9c:11:3d:67:ea:e4:86:bb:e7:0b:45:90:
36:bd:29:f1:ae:6d:6d:6a:4b:8f:f3:fb:29:98:6e:
8c:b3:16:bb:c5:00:99:b1:67:a7:11:10:2e:17:f0:
ee:eb:14:c3:37:1a:b3:2c:c4:51:f5:1e:03:99:5d:
63:d3:7d:b8:e2:30:13:a1:64:d1:b3:e7:02:d9:e5:
9d:93:31:4e:f9:93:d6:f3:dc:48:61:4e:0f:a9:ea:
c9:1f:0b:74:fb:12:9c:bc:27:be:ab:45:dc:a8:47:
b0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4B:C3:3B:FC:BB:40:E7:70:DE:9F:0C:A1:84:2B:93:E2:8C:3A:93
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/42fa2843-c0b1-4ce5-812d-1552f97588f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
41:73:f7:b3:6c:33:67:1c:4a:73:8e:61:fa:75:27:ac:50:26:
c7:d1:4c:83:85:c5:4c:ac:da:4e:76:8b:a4:2b:2a:01:80:6b:
b2:6e:ab:08:80:27:04:87:97:8d:4c:d0:4e:fd:44:69:4c:05:
02:eb:56:e5:a0:e0:85:59:2a:6c:1b:ae:d7:41:65:9c:7d:bf:
c2:e2:7a:57:2d:96:74:3f:da:8f:5a:ae:03:58:60:57:8c:cf:
21:1b:01:3a:04:a2:32:fb:1d:a8:6c:4b:9c:f3:98:a6:43:b9:
ae:11:ec:f1:e4:79:8b:8a:61:fe:52:36:3e:d2:b8:3e:48:d7:
d5:e3:1e:2c:89:90:b1:37:d3:70:2a:89:bc:75:8f:e7:b0:0f:
4b:17:17:32:85:cb:6f:cd:14:34:88:17:fc:40:96:c6:9c:1e:
37:84:83:d3:1f:e8:f6:38:11:14:b8:0f:1d:d8:9e:31:60:e3:
93:53:ec:d3:14:e3:57:e3:c5:da:7a:20:aa:19:7e:a0:00:60:
68:69:7c:63:d0:93:dc:9d:4a:22:85:52:71:36:24:ef:3c:bd:
99:5b:22:4f:5e:37:db:dc:f7:ae:c2:b7:4c:94:3b:eb:f4:3d:
93:ad:02:55:be:2f:66:d7:4a:64:4f:42:9b:8e:41:4c:3e:99:
2a:c7:0d:6c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUM/fTMhXUNxCVM8Sc0yuREQiNCoMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzEzMDAwMDAwWhcNMjQwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NDdjODg2OWYyNWM3MzgzODQzMWRkNzUxYWIwODlkZTM4
MmE3OWU5NjkzNGM5YThmZmNmYTRlMjJjN2M1NzdjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbJjNkL1G0H7yJLtR+WmcDoyn3uikSu8EsNBcVC13mh9rj
lwBMpn5PsDO4YkHNOdcGvVWaxdpNniRM2QpaajEKi4KZc7n8vKvAQZW0/J7YSsUW
hF+vCpO12UqJFxIb79GIHgdjZqF9eRPjBFURrfqOlBdfzRuDOz4vp0ND536uLLLr
KpnqfcdXACR2Nx488cg/trNME29fGZwRPWfq5Ia75wtFkDa9KfGubW1qS4/z+ymY
boyzFrvFAJmxZ6cREC4X8O7rFMM3GrMsxFH1HgOZXWPTfbjiMBOhZNGz5wLZ5Z2T
MU75k9bz3EhhTg+p6skfC3T7Epy8J76rRdyoR7AJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjEvDO/y7QOdw3p8MoYQrk+KMOpMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQyZmEyODQzLWMwYjEtNGNlNS04MTJkLTE1NTJmOTc1ODhmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEFz97NsM2ccSnOOYfp1J6xQJsfR
TIOFxUys2k52i6QrKgGAa7JuqwiAJwSHl41M0E79RGlMBQLrVuWg4IVZKmwbrtdB
ZZx9v8LielctlnQ/2o9argNYYFeMzyEbAToEojL7HahsS5zzmKZDua4R7PHkeYuK
Yf5SNj7SuD5I19XjHiyJkLE303Aqibx1j+ewD0sXFzKFy2/NFDSIF/xAlsacHjeE
g9Mf6PY4ERS4Dx3YnjFg45NT7NMU41fjxdp6IKoZfqAAYGhpfGPQk9ydSiKFUnE2
JO88vZlbIk9eN9vc967Ct0yUO+v0PZOtAlW+L2bXSmRPQpuOQUw+mSrHDWw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 11:42:20 2025 by rpki-client