Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/462a6913-306e-491f-aabe-222a9b727654.roa
File: 462a6913-306e-491f-aabe-222a9b727654.roa (raw, json)
Hash identifier: /5Fn29Xw+Ev5FcVpDDOuh5dvREYo40ceHM2ARHimASo=
Subject key identifier: E5:64:1F:77:36:39:93:B4:EB:E7:00:41:8C:72:95:D1:40:D2:48:EE
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0B919FD5AB2FFD9414D60AB57D93C84BE14BDCC0
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/462a6913-306e-491f-aabe-222a9b727654.roa
Signing time: Tue 07 Nov 2023 00:00:00 +0000
ROA not before: Tue 07 Nov 2023 00:00:00 +0000
ROA not after: Tue 12 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:91:9f:d5:ab:2f:fd:94:14:d6:0a:b5:7d:93:c8:4b:e1:4b:dc:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 7 00:00:00 2023 GMT
Not After : Dec 12 23:59:59 2023 GMT
Subject: serialNumber=17d1c5091441af36c51b597f830b9b747614d1793f0b2c4f98e7bee382dbdda8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6b:7e:ae:9d:86:95:62:72:56:d5:bd:4b:f0:
ef:a3:ed:d4:7c:f6:32:d5:a5:48:24:45:03:a1:19:
76:06:89:5c:e3:6d:07:de:3b:b6:b5:15:5d:68:38:
cd:06:a2:41:00:8e:67:ff:49:2d:85:52:8f:be:6e:
fb:c5:51:01:7a:63:a9:b3:8b:d8:d7:4d:bb:ee:e4:
99:ac:dc:73:59:ad:86:77:96:db:16:69:2f:a1:92:
82:98:71:2e:28:55:fe:e1:0b:56:09:f2:72:fe:db:
bb:03:8e:79:63:05:92:0e:40:89:ff:0b:33:a6:6a:
a2:7a:16:ca:fb:42:31:f7:84:39:5d:73:55:3b:ba:
e2:1b:ba:16:19:06:bf:9a:69:e9:78:91:6b:7a:97:
ea:0c:ce:93:6a:10:f7:20:0b:93:5d:58:61:f3:f6:
c3:a6:04:48:0f:8c:ee:7f:a0:3a:45:b1:51:7f:b0:
85:f1:da:bf:48:a0:79:82:c1:09:b5:79:3a:20:5f:
79:f7:6c:95:d2:40:0b:29:22:44:cc:26:d4:c0:4c:
be:13:38:af:39:ff:7f:78:72:60:46:a3:65:c3:c8:
a4:d0:2f:b1:ae:9d:9d:fd:83:02:3c:21:3b:b2:7e:
81:bf:d2:d4:62:11:fb:8a:d7:54:85:04:5c:75:64:
04:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:64:1F:77:36:39:93:B4:EB:E7:00:41:8C:72:95:D1:40:D2:48:EE
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/462a6913-306e-491f-aabe-222a9b727654.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e2:4a:79:79:43:f6:82:3e:31:da:53:38:4a:2a:b1:e8:09:
38:a4:06:18:4f:de:24:23:99:45:72:ec:db:c5:46:52:e1:b6:
d2:e5:55:cc:55:3f:5f:03:81:15:2f:3d:9e:1e:b6:35:1c:cd:
68:cf:89:c7:b6:42:59:d8:41:1d:7e:59:dd:fc:a6:04:ef:ce:
8f:8d:a3:05:d4:7d:f4:d8:64:84:46:c4:87:9a:2b:17:1d:3c:
f3:f8:7b:19:80:71:31:22:1f:74:e7:9b:d2:92:35:7a:66:5a:
95:3c:eb:6a:d3:36:21:3b:63:b8:43:d4:09:de:ce:c9:f3:56:
fe:07:02:bb:5c:0b:c4:da:54:8e:40:e7:87:4b:50:e3:b3:0e:
1e:76:31:cf:d2:3c:14:1a:56:d7:d4:7c:8d:99:50:6a:03:8f:
0e:ce:02:ef:d7:13:25:55:ec:22:45:61:61:4e:7e:40:3b:08:
80:db:5a:bc:af:cf:ea:8c:31:a8:e3:91:73:d1:e9:16:c7:21:
cf:43:33:0c:ac:d5:ed:16:02:42:09:b7:eb:5d:ae:45:c6:ee:
ec:2a:b5:e3:1d:e0:a2:13:c2:5a:0a:3e:7e:7f:4c:29:69:36:
9c:79:f9:91:0f:f6:8b:be:a9:05:39:86:8d:7c:ea:eb:8a:ff:
83:a9:46:98
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC5Gf1asv/ZQU1gq1fZPIS+FL3MAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTA3MDAwMDAwWhcNMjMxMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxN2QxYzUwOTE0NDFhZjM2YzUxYjU5N2Y4MzBiOWI3NDc2
MTRkMTc5M2YwYjJjNGY5OGU3YmVlMzgyZGJkZGE4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCba36unYaVYnJW1b1L8O+j7dR89jLVpUgkRQOhGXYGiVzj
bQfeO7a1FV1oOM0GokEAjmf/SS2FUo++bvvFUQF6Y6mzi9jXTbvu5Jms3HNZrYZ3
ltsWaS+hkoKYcS4oVf7hC1YJ8nL+27sDjnljBZIOQIn/CzOmaqJ6Fsr7QjH3hDld
c1U7uuIbuhYZBr+aael4kWt6l+oMzpNqEPcgC5NdWGHz9sOmBEgPjO5/oDpFsVF/
sIXx2r9IoHmCwQm1eTogX3n3bJXSQAspIkTMJtTATL4TOK85/394cmBGo2XDyKTQ
L7GunZ39gwI8ITuyfoG/0tRiEfuK11SFBFx1ZARZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5WQfdzY5k7Tr5wBBjHKV0UDSSO4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQ2MmE2OTEzLTMwNmUtNDkxZi1hYWJlLTIyMmE5YjcyNzY1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHziSnl5Q/aCPjHaUzhKKrHoCTik
BhhP3iQjmUVy7NvFRlLhttLlVcxVP18DgRUvPZ4etjUczWjPice2QlnYQR1+Wd38
pgTvzo+NowXUffTYZIRGxIeaKxcdPPP4exmAcTEiH3Tnm9KSNXpmWpU862rTNiE7
Y7hD1AnezsnzVv4HArtcC8TaVI5A54dLUOOzDh52Mc/SPBQaVtfUfI2ZUGoDjw7O
Au/XEyVV7CJFYWFOfkA7CIDbWryvz+qMMajjkXPR6RbHIc9DMwys1e0WAkIJt+td
rkXG7uwqteMd4KITwloKPn5/TClpNpx5+ZEP9ou+qQU5ho186uuK/4OpRpg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:23:05 2025 by rpki-client