Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/43f8c720-0069-4774-849d-e7f7ad8e330c.roa
File: 43f8c720-0069-4774-849d-e7f7ad8e330c.roa (raw, json)
Hash identifier: NTclQLS7boSIdQH5ztPxGqDTrHrVuvd3zQGXyX6WskE=
Subject key identifier: 62:79:2A:9E:DA:9E:0B:A4:DC:1B:CD:3A:01:CA:7D:27:19:95:2D:60
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 7092596555A60C81C2A99038E99BE856E18ADA66
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/43f8c720-0069-4774-849d-e7f7ad8e330c.roa
Signing time: Sat 22 Jun 2024 00:00:00 +0000
ROA not before: Sat 22 Jun 2024 00:00:00 +0000
ROA not after: Sat 27 Jul 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:92:59:65:55:a6:0c:81:c2:a9:90:38:e9:9b:e8:56:e1:8a:da:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 22 00:00:00 2024 GMT
Not After : Jul 27 23:59:59 2024 GMT
Subject: serialNumber=247b69cf248f8e40be7c816e25848d7a1d5096f2c9de257ff7347de9887f400d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:d2:dd:ea:83:72:4f:c1:35:09:ef:c1:5c:
9e:2b:23:e6:c3:98:b9:83:62:20:c0:ad:10:cd:78:
5c:10:01:07:2d:2a:e9:fb:a3:be:be:b0:49:95:11:
4d:7f:bd:62:ae:6d:69:f6:4b:c6:cc:55:e6:3e:36:
a7:32:1f:74:3c:46:1c:ee:d4:dc:7c:3a:d9:d3:63:
44:f3:05:ca:75:82:d0:e0:d2:6a:e0:70:6f:71:48:
dd:29:e2:a7:ac:eb:be:87:8e:4d:ce:14:c5:75:11:
5e:a9:5c:cf:ce:2c:b2:49:ba:7b:be:87:6a:8f:30:
e3:92:48:d6:c9:49:0c:c5:50:4c:94:b4:3f:d3:70:
90:7d:c6:84:7d:84:11:bb:45:38:f5:1b:c9:7a:ae:
dd:27:05:d7:d0:a0:64:af:b2:28:3f:1d:e8:56:0f:
14:82:38:33:00:98:03:f6:ad:1d:35:df:4b:68:55:
fd:c8:1a:a2:fc:17:e7:81:1d:77:14:f8:2f:f9:bf:
f8:34:9c:6a:af:cc:28:4b:25:76:c1:69:6d:d2:fb:
3b:17:06:cf:9e:a9:c4:28:86:43:36:47:30:7a:78:
cf:26:e7:c8:25:fa:6d:0f:5d:9c:d1:88:b3:be:34:
93:75:03:fb:08:cf:da:09:f8:79:76:43:af:0c:d4:
fd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:79:2A:9E:DA:9E:0B:A4:DC:1B:CD:3A:01:CA:7D:27:19:95:2D:60
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/43f8c720-0069-4774-849d-e7f7ad8e330c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:a8:34:91:8b:cc:89:d8:ee:de:4c:93:c4:5c:14:f8:ad:46:
7a:5b:83:69:c1:11:9d:47:a7:cf:1c:28:fe:f8:bc:d7:b9:8c:
70:e4:1f:e6:71:ed:48:ed:3b:18:ff:f3:9f:70:e6:b6:1e:e7:
7c:55:d7:16:16:d8:13:90:1d:ff:7e:bf:1a:3a:a4:05:fa:8f:
76:5c:09:a2:63:0c:ae:5e:f2:d7:00:6a:f7:b4:ba:2f:22:7a:
0e:1b:b5:a2:6d:d3:b7:ac:f2:74:f6:2b:3a:c2:e4:89:63:aa:
b9:26:3c:4b:60:35:0b:da:2a:d0:a5:72:93:11:74:ff:cc:92:
fb:27:b9:bd:27:dc:f7:18:7a:e3:0f:14:71:49:05:3c:47:3a:
18:2e:86:f8:ff:3f:b8:81:54:55:b3:5d:11:81:c1:0b:55:4e:
32:f5:7e:ec:84:f1:62:04:22:63:96:5d:b3:c7:f5:f0:a1:26:
71:6a:1e:f8:0a:06:07:3e:1c:67:ba:be:f4:c8:19:4f:dd:03:
b5:8c:28:2a:67:de:bc:20:53:60:0e:ca:b6:4a:a3:be:e3:dc:
9a:52:47:3f:75:94:97:09:57:32:9f:ba:80:56:c1:df:a2:09:
a7:47:b2:73:55:7e:09:e9:d6:5c:2f:05:64:59:f6:fe:5d:f5:
dc:78:fb:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcJJZZVWmDIHCqZA46ZvoVuGK2mYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjIyMDAwMDAwWhcNMjQwNzI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDdiNjljZjI0OGY4ZTQwYmU3YzgxNmUyNTg0OGQ3YTFk
NTA5NmYyYzlkZTI1N2ZmNzM0N2RlOTg4N2Y0MDBkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0TNLd6oNyT8E1Ce/BXJ4rI+bDmLmDYiDArRDNeFwQAQct
Kun7o76+sEmVEU1/vWKubWn2S8bMVeY+NqcyH3Q8Rhzu1Nx8OtnTY0TzBcp1gtDg
0mrgcG9xSN0p4qes676Hjk3OFMV1EV6pXM/OLLJJunu+h2qPMOOSSNbJSQzFUEyU
tD/TcJB9xoR9hBG7RTj1G8l6rt0nBdfQoGSvsig/HehWDxSCODMAmAP2rR0130to
Vf3IGqL8F+eBHXcU+C/5v/g0nGqvzChLJXbBaW3S+zsXBs+eqcQohkM2RzB6eM8m
58gl+m0PXZzRiLO+NJN1A/sIz9oJ+Hl2Q68M1P1XAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYnkqntqeC6TcG806Acp9JxmVLWAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQzZjhjNzIwLTAwNjktNDc3NC04NDlkLWU3ZjdhZDhlMzMwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACqoNJGLzInY7t5Mk8RcFPitRnpb
g2nBEZ1Hp88cKP74vNe5jHDkH+Zx7UjtOxj/859w5rYe53xV1xYW2BOQHf9+vxo6
pAX6j3ZcCaJjDK5e8tcAave0ui8ieg4btaJt07es8nT2KzrC5IljqrkmPEtgNQva
KtClcpMRdP/Mkvsnub0n3PcYeuMPFHFJBTxHOhguhvj/P7iBVFWzXRGBwQtVTjL1
fuyE8WIEImOWXbPH9fChJnFqHvgKBgc+HGe6vvTIGU/dA7WMKCpn3rwgU2AOyrZK
o77j3JpSRz91lJcJVzKfuoBWwd+iCadHsnNVfgnp1lwvBWRZ9v5d9dx4+74=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:51:21 2025 by rpki-client