Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/433fd589-3bd4-4155-8189-3ce4dba3a76f.roa
File: 433fd589-3bd4-4155-8189-3ce4dba3a76f.roa (raw, json)
Hash identifier: iy9w5vRBRYvEW/2lZ86m2mrvTZxFzCUrb+bFVJaefNU=
Subject key identifier: FD:F1:03:8D:A5:B1:98:B1:16:B0:7A:FB:6A:FD:37:29:02:8F:25:5D
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 68176FCB6F001F32BDC4F0B6144F483871D4889D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/433fd589-3bd4-4155-8189-3ce4dba3a76f.roa
Signing time: Sat 17 Aug 2024 00:00:00 +0000
ROA not before: Sat 17 Aug 2024 00:00:00 +0000
ROA not after: Sat 21 Sep 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:17:6f:cb:6f:00:1f:32:bd:c4:f0:b6:14:4f:48:38:71:d4:88:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 17 00:00:00 2024 GMT
Not After : Sep 21 23:59:59 2024 GMT
Subject: serialNumber=b6c1bccc1cbc194d20984b027b694d2d440c61340424b6a0813eb2c33b1ebce6, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:f3:65:4b:f5:dc:4c:44:0b:f8:ba:5f:c0:
9b:75:2f:ec:9d:41:f5:48:81:da:75:eb:08:76:e0:
45:d2:b5:5c:09:d7:29:28:6d:5d:af:a6:e3:d3:c3:
33:31:7d:02:08:b8:8d:ec:c1:37:0e:81:fd:50:fe:
0a:07:4e:64:c6:4b:55:79:2e:95:44:4e:c4:0c:eb:
f6:0d:14:81:46:44:05:07:96:30:f6:97:6e:cb:9b:
43:b1:70:68:8d:7e:33:54:fc:1d:70:5d:1a:c0:c4:
80:12:70:fd:6c:3e:7b:a8:25:ef:d5:d7:7e:ea:f1:
ef:ad:a2:7e:e2:42:36:41:b2:2e:c7:4c:4a:f9:08:
ac:61:d6:74:44:48:18:3f:dd:d4:50:f7:ab:5f:ec:
48:7d:c5:e3:c7:e1:19:e7:0b:26:a3:b1:c7:9d:5c:
6e:5e:60:21:99:72:60:ac:fa:60:15:d1:2e:18:af:
90:3f:0b:4d:8a:c7:8e:05:11:5d:06:06:d4:3d:0a:
5f:06:d0:b1:b7:bc:89:0b:ad:5a:b2:8c:4e:13:78:
0a:f6:0a:07:71:16:92:4d:fc:5d:61:31:9a:8a:06:
29:ae:e6:dd:01:a2:ad:1c:c9:89:b0:c7:7b:5b:16:
ab:0b:72:d0:71:60:0a:c6:59:72:39:bd:a5:da:1a:
e0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F1:03:8D:A5:B1:98:B1:16:B0:7A:FB:6A:FD:37:29:02:8F:25:5D
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/433fd589-3bd4-4155-8189-3ce4dba3a76f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:5e:f5:0f:13:71:e5:c4:00:b8:08:4c:b3:c4:71:01:75:b4:
19:75:19:7e:6a:cb:e0:fb:51:17:23:36:be:71:fd:e5:82:51:
86:2c:d3:c8:17:b6:83:0e:21:3c:a7:6e:75:d1:7d:ad:0d:0e:
6e:93:93:4f:fd:9e:88:72:0b:16:9c:9f:3c:22:34:2c:d8:1d:
b7:10:d7:5d:e0:f1:96:6f:e8:81:78:3d:af:18:8e:3d:5c:47:
18:ce:8b:42:07:0f:5a:d6:71:e8:09:95:22:79:65:19:d1:81:
a0:75:09:0c:71:db:16:ca:3a:66:39:fb:52:32:f6:3d:56:5e:
ad:9d:c1:97:da:8c:37:76:23:e5:3f:81:aa:4c:f5:34:70:ee:
35:14:51:4e:1e:38:12:29:7a:86:ef:aa:93:db:0b:d4:e2:ff:
9e:91:e3:c6:32:9a:04:6c:8c:dc:45:50:fb:ad:b3:eb:cd:49:
85:d6:80:b8:80:8a:7e:c5:54:9b:9d:88:e0:99:f0:f4:0c:9f:
d1:5a:e3:1f:96:fa:32:2a:2c:fc:b6:e5:be:16:96:72:84:f8:
dc:6d:84:a1:56:fe:6e:6c:81:e0:fc:96:10:7b:a9:68:0a:dd:
32:e7:88:26:e8:e9:c1:a2:5b:9c:1d:b7:5b:6c:9e:2b:b1:4d:
26:26:a9:2f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaBdvy28AHzK9xPC2FE9IOHHUiJ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwODE3MDAwMDAwWhcNMjQwOTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNmMxYmNjYzFjYmMxOTRkMjA5ODRiMDI3YjY5NGQyZDQ0
MGM2MTM0MDQyNGI2YTA4MTNlYjJjMzNiMWViY2U2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpkPNlS/XcTEQL+LpfwJt1L+ydQfVIgdp16wh24EXStVwJ
1ykobV2vpuPTwzMxfQIIuI3swTcOgf1Q/goHTmTGS1V5LpVETsQM6/YNFIFGRAUH
ljD2l27Lm0OxcGiNfjNU/B1wXRrAxIAScP1sPnuoJe/V137q8e+ton7iQjZBsi7H
TEr5CKxh1nRESBg/3dRQ96tf7Eh9xePH4RnnCyajscedXG5eYCGZcmCs+mAV0S4Y
r5A/C02Kx44FEV0GBtQ9Cl8G0LG3vIkLrVqyjE4TeAr2CgdxFpJN/F1hMZqKBimu
5t0Boq0cyYmwx3tbFqsLctBxYArGWXI5vaXaGuApAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/fEDjaWxmLEWsHr7av03KQKPJV0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQzM2ZkNTg5LTNiZDQtNDE1NS04MTg5LTNjZTRkYmEzYTc2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKte9Q8TceXEALgITLPEcQF1tBl1
GX5qy+D7URcjNr5x/eWCUYYs08gXtoMOITynbnXRfa0NDm6Tk0/9nohyCxacnzwi
NCzYHbcQ113g8ZZv6IF4Pa8Yjj1cRxjOi0IHD1rWcegJlSJ5ZRnRgaB1CQxx2xbK
OmY5+1Iy9j1WXq2dwZfajDd2I+U/gapM9TRw7jUUUU4eOBIpeobvqpPbC9Ti/56R
48YymgRsjNxFUPuts+vNSYXWgLiAin7FVJudiOCZ8PQMn9Fa4x+W+jIqLPy25b4W
lnKE+NxthKFW/m5sgeD8lhB7qWgK3TLniCbo6cGiW5wdt1tsniuxTSYmqS8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:09:46 2025 by rpki-client