Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/45165082-5d68-4cde-bce1-a8d469398506.roa
File: 45165082-5d68-4cde-bce1-a8d469398506.roa (raw, json)
Hash identifier: 3FIgbjqtUcBTaLIhtvX5Fw9r+1bpXX3oSAnTrr+6Ujg=
Subject key identifier: A3:7F:5F:74:5A:22:86:E7:F4:16:2C:40:30:D4:94:53:8A:5A:B0:3F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 66227A1B40D702D801FC1392127FCAAB7B78AE27
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/45165082-5d68-4cde-bce1-a8d469398506.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:22:7a:1b:40:d7:02:d8:01:fc:13:92:12:7f:ca:ab:7b:78:ae:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: serialNumber=d83c6ffef723b36106348e7be70032fa94710bc492579129c9ff07b4affb9330, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d0:3b:e1:96:6a:1b:d0:33:d5:86:e2:51:41:
2d:75:92:20:36:bc:15:22:79:c6:67:b2:e9:24:de:
ad:b8:e2:02:e2:f8:cd:f0:1b:d3:b5:11:aa:44:a0:
aa:33:e6:27:51:f6:9f:29:e2:17:81:d1:f6:85:b6:
ef:a7:a2:44:42:c1:dc:aa:91:d8:0d:0a:b0:6d:27:
aa:02:ed:00:53:05:f1:fd:4d:6d:2f:3a:a9:06:c6:
97:db:14:1a:34:9c:74:14:26:98:b3:91:70:3f:d7:
fa:05:8d:50:b5:31:bd:aa:a2:cd:2b:7e:e9:be:6f:
ad:10:dc:75:41:79:6c:29:64:f7:07:24:a8:11:7b:
4e:17:f9:ec:63:7c:ca:26:b1:80:42:f2:a4:9b:78:
bc:16:e2:df:cd:a8:db:0c:43:7e:90:26:6b:28:eb:
a1:30:5a:d1:d8:d4:61:0f:29:70:c3:27:6c:ee:b9:
33:a9:02:cf:f5:42:12:48:35:96:77:56:a9:9b:e0:
d2:d1:62:e6:9e:5b:51:4b:34:82:ff:6f:8b:0a:3f:
b0:b0:c8:68:53:c4:45:d9:5f:37:b7:8d:d9:d1:7d:
f3:35:28:40:76:a0:1b:fc:12:2d:32:e6:ed:2f:5a:
b6:40:89:42:a5:e9:11:05:f3:52:ef:9a:c3:0d:cc:
44:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7F:5F:74:5A:22:86:E7:F4:16:2C:40:30:D4:94:53:8A:5A:B0:3F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/45165082-5d68-4cde-bce1-a8d469398506.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
92:79:7c:6c:ac:89:0c:9e:c9:77:9f:11:d1:bf:d3:01:f3:35:
be:2f:85:1f:ba:63:72:ed:75:e5:2e:b2:12:cf:eb:07:0a:86:
dc:74:d4:fb:ef:ab:57:17:a9:ac:82:b6:6f:01:1d:72:6e:b6:
97:bc:df:26:01:a9:7e:cf:ac:44:fe:40:25:b0:84:1f:4d:d1:
69:5f:4b:cd:16:c0:16:70:45:c2:60:b2:fb:32:41:cb:c3:d2:
8d:8f:6c:31:83:59:8f:56:b9:37:a8:d1:57:98:28:b0:80:de:
1e:9b:91:9c:4d:ec:8e:59:f8:81:98:72:55:b6:66:1d:82:ab:
7f:35:a4:85:b0:bf:c5:ea:48:64:af:4f:e5:da:93:53:f2:31:
71:9d:6e:14:7e:91:9b:7b:d4:00:01:e3:4e:65:e9:f7:17:23:
b8:84:a2:12:e6:6f:9d:1c:f9:ea:6b:6b:94:ec:23:13:8e:a0:
95:9b:d8:0c:94:9a:6f:cc:0f:be:dc:f9:31:51:ea:76:00:8f:
08:c2:fe:0f:e3:52:69:e8:7b:5f:ff:f2:f2:b5:fb:88:43:11:
f7:3f:2a:6a:64:40:2b:51:47:08:d8:4a:6a:89:ec:99:17:1b:
50:e3:aa:6b:e7:1b:91:1d:89:03:07:8e:86:f3:9f:05:af:c2:
02:7f:b3:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZiJ6G0DXAtgB/BOSEn/Kq3t4ricwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjIwMDAwMDAwWhcNMjUwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkODNjNmZmZWY3MjNiMzYxMDYzNDhlN2JlNzAwMzJmYTk0
NzEwYmM0OTI1NzkxMjljOWZmMDdiNGFmZmI5MzMwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCc0Dvhlmob0DPVhuJRQS11kiA2vBUiecZnsukk3q244gLi
+M3wG9O1EapEoKoz5idR9p8p4heB0faFtu+nokRCwdyqkdgNCrBtJ6oC7QBTBfH9
TW0vOqkGxpfbFBo0nHQUJpizkXA/1/oFjVC1Mb2qos0rfum+b60Q3HVBeWwpZPcH
JKgRe04X+exjfMomsYBC8qSbeLwW4t/NqNsMQ36QJmso66EwWtHY1GEPKXDDJ2zu
uTOpAs/1QhJINZZ3Vqmb4NLRYuaeW1FLNIL/b4sKP7CwyGhTxEXZXze3jdnRffM1
KEB2oBv8Ei0y5u0vWrZAiUKl6REF81LvmsMNzEQJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUo39fdFoihuf0FixAMNSUU4pasD8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQ1MTY1MDgyLTVkNjgtNGNkZS1iY2UxLWE4ZDQ2OTM5ODUwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJJ5fGysiQyeyXefEdG/0wHzNb4v
hR+6Y3LtdeUushLP6wcKhtx01Pvvq1cXqayCtm8BHXJutpe83yYBqX7PrET+QCWw
hB9N0WlfS80WwBZwRcJgsvsyQcvD0o2PbDGDWY9WuTeo0VeYKLCA3h6bkZxN7I5Z
+IGYclW2Zh2Cq381pIWwv8XqSGSvT+Xak1PyMXGdbhR+kZt71AAB405l6fcXI7iE
ohLmb50c+epra5TsIxOOoJWb2AyUmm/MD77c+TFR6nYAjwjC/g/jUmnoe1//8vK1
+4hDEfc/KmpkQCtRRwjYSmqJ7JkXG1DjqmvnG5EdiQMHjobznwWvwgJ/s10=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:12:33 2025 by rpki-client