Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/59cbfc90-222a-4f45-94f8-cd05560865c5.roa
File: 59cbfc90-222a-4f45-94f8-cd05560865c5.roa (raw, json)
Hash identifier: 60pr6Dl6BHnwZNin4z6J7qPEw3e+m9SOfHtdxlZfvI0=
Subject key identifier: D5:8D:9C:11:82:D6:52:07:2C:34:D2:21:97:06:58:2C:32:4C:23:7B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6BA62663FF91B93E7739FF8D61541F8D9B4AC13F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/59cbfc90-222a-4f45-94f8-cd05560865c5.roa
Signing time: Wed 23 Aug 2023 00:00:00 +0000
ROA not before: Wed 23 Aug 2023 00:00:00 +0000
ROA not after: Wed 27 Sep 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:a6:26:63:ff:91:b9:3e:77:39:ff:8d:61:54:1f:8d:9b:4a:c1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 23 00:00:00 2023 GMT
Not After : Sep 27 23:59:59 2023 GMT
Subject: serialNumber=503f52c4d30cbf0b97f729f3ad639f37941b89243ca59377fa8712a6643d9080, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:df:06:ae:cb:13:48:5f:7a:e5:d0:95:bb:9f:
aa:ff:66:71:5b:34:a2:0e:d8:9e:69:5c:7b:05:99:
69:7d:7f:56:f1:82:41:ff:ad:79:92:dd:31:01:8e:
f1:ad:55:7b:0f:ce:55:9b:ba:d2:5d:57:d1:6f:d3:
73:ee:4a:56:e5:8f:4a:cf:9e:a1:42:23:e6:29:ec:
5b:b5:5f:9a:07:3f:e8:dc:16:37:99:f1:11:a9:a1:
c5:92:ba:1f:d5:ed:fb:e4:e9:2b:ff:b6:7e:a8:cf:
e2:a3:4a:6f:8b:92:c4:96:1e:eb:ae:91:42:6c:b1:
54:26:69:69:cb:6d:a5:b4:6e:dd:7a:83:45:9c:1a:
c0:e4:bf:c6:e3:6a:ca:c3:23:0a:32:a9:d0:5b:a2:
5f:e1:68:c3:52:87:d5:39:5e:33:07:be:9e:27:e8:
e6:3a:43:25:38:a3:34:94:1b:33:13:e4:9b:38:96:
3e:6f:db:ef:cd:b9:68:59:b7:ab:97:e3:50:f0:ef:
23:c6:0f:42:ee:b4:d4:02:62:62:66:39:57:04:c4:
38:5d:89:5e:77:0b:c1:6c:66:54:f8:2f:c3:49:ea:
9c:77:48:04:08:db:03:cc:28:44:d1:a6:7a:0f:4f:
12:05:4a:0d:b4:81:15:64:fb:e7:b6:96:f6:d4:e9:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8D:9C:11:82:D6:52:07:2C:34:D2:21:97:06:58:2C:32:4C:23:7B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/59cbfc90-222a-4f45-94f8-cd05560865c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
36:28:08:ae:1b:1e:23:ec:df:b2:e3:cf:06:12:63:c4:d8:d8:
23:bd:2f:87:e0:29:66:34:d1:16:db:c4:4b:6a:d6:62:da:ca:
13:fd:fc:aa:f7:dd:fa:95:42:39:08:c6:fe:72:62:77:5c:72:
d8:ca:ea:39:6c:3f:fc:32:b8:8d:07:a6:eb:75:b5:ad:2c:25:
8e:37:13:61:09:97:47:79:b3:c5:57:92:5b:20:0d:02:1e:f5:
a8:ef:50:78:a8:c8:05:d0:54:70:df:ef:01:cd:4d:ce:42:0b:
93:b0:0f:fb:01:23:58:29:5f:2e:9a:87:8e:d1:bf:1b:a4:44:
6d:dd:68:a3:34:62:f5:80:b5:1e:2d:77:3d:69:69:be:1b:67:
17:e0:60:a0:d8:76:57:ba:23:58:7a:f5:e5:2c:3d:3a:c5:57:
16:63:ec:b1:27:cc:db:3e:36:9e:0d:6a:67:82:ab:3c:77:c9:
6f:07:03:fe:2c:ea:36:bf:6c:d5:c1:81:6b:de:24:10:ba:5c:
cc:52:28:4e:6b:80:35:76:09:47:0e:24:9b:a0:42:4d:e8:c2:
20:4b:5c:3a:e9:ca:57:c0:35:f5:e1:98:eb:b2:5c:40:4d:08:
94:18:93:6c:bb:6f:b1:96:7b:60:61:55:53:23:14:21:c7:3a:
32:4c:b8:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa6YmY/+RuT53Of+NYVQfjZtKwT8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODIzMDAwMDAwWhcNMjMwOTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDNmNTJjNGQzMGNiZjBiOTdmNzI5ZjNhZDYzOWYzNzk0
MWI4OTI0M2NhNTkzNzdmYTg3MTJhNjY0M2Q5MDgwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDo3wauyxNIX3rl0JW7n6r/ZnFbNKIO2J5pXHsFmWl9f1bx
gkH/rXmS3TEBjvGtVXsPzlWbutJdV9Fv03PuSlblj0rPnqFCI+Yp7Fu1X5oHP+jc
FjeZ8RGpocWSuh/V7fvk6Sv/tn6oz+KjSm+LksSWHuuukUJssVQmaWnLbaW0bt16
g0WcGsDkv8bjasrDIwoyqdBbol/haMNSh9U5XjMHvp4n6OY6QyU4ozSUGzMT5Js4
lj5v2+/NuWhZt6uX41Dw7yPGD0LutNQCYmJmOVcExDhdiV53C8FsZlT4L8NJ6px3
SAQI2wPMKETRpnoPTxIFSg20gRVk++e2lvbU6ed9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1Y2cEYLWUgcsNNIhlwZYLDJMI3swHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzU5Y2JmYzkwLTIyMmEtNGY0NS05NGY4LWNkMDU1NjA4NjVjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADYoCK4bHiPs37LjzwYSY8TY2CO9
L4fgKWY00RbbxEtq1mLayhP9/Kr33fqVQjkIxv5yYndcctjK6jlsP/wyuI0Hput1
ta0sJY43E2EJl0d5s8VXklsgDQIe9ajvUHioyAXQVHDf7wHNTc5CC5OwD/sBI1gp
Xy6ah47RvxukRG3daKM0YvWAtR4tdz1pab4bZxfgYKDYdle6I1h69eUsPTrFVxZj
7LEnzNs+Np4NameCqzx3yW8HA/4s6ja/bNXBgWveJBC6XMxSKE5rgDV2CUcOJJug
Qk3owiBLXDrpylfANfXhmOuyXEBNCJQYk2y7b7GWe2BhVVMjFCHHOjJMuN8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:19:50 2025 by rpki-client