Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a535157-7592-4343-845e-5a802b6a4566.roa
File: 5a535157-7592-4343-845e-5a802b6a4566.roa (raw, json)
Hash identifier: ycL2ZTk/HejCJliIWHfjNHoHoPbHY+unoQn2qbl4wJE=
Subject key identifier: 9A:80:08:30:F2:C9:30:F8:51:9B:BC:C3:A1:AC:46:E0:0F:99:03:25
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2434CCA595EC4BA4C4F56036CAECE2136DB0C6C3
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a535157-7592-4343-845e-5a802b6a4566.roa
Signing time: Sat 07 Oct 2023 00:00:00 +0000
ROA not before: Sat 07 Oct 2023 00:00:00 +0000
ROA not after: Sat 11 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:34:cc:a5:95:ec:4b:a4:c4:f5:60:36:ca:ec:e2:13:6d:b0:c6:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 7 00:00:00 2023 GMT
Not After : Nov 11 23:59:59 2023 GMT
Subject: serialNumber=232611fe839321c400a06e51c8f5b3eb97d3454c4d35216e2a893f51ef71a609, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:72:f4:d1:06:2c:5a:93:4c:5c:b6:fa:21:71:
bc:19:bb:38:6a:e5:a0:29:79:63:0c:73:c6:2d:1c:
3a:a7:95:e7:93:33:46:cc:00:67:32:55:7b:67:d2:
82:f3:95:68:f7:2b:80:30:dd:36:75:3d:56:0e:f5:
e0:66:80:06:2f:d0:27:cd:ec:43:47:fb:3a:28:b6:
63:74:c3:df:33:85:c9:d7:8d:3b:07:39:64:70:87:
73:68:2f:b3:3f:b0:9a:ef:8f:58:02:37:90:c1:de:
fd:94:70:64:36:b9:70:bd:50:01:4b:42:2f:07:52:
6c:f0:d1:88:70:a4:d7:b3:40:55:71:d0:7b:61:e1:
43:8b:b8:fc:bd:dd:18:ea:a5:e7:ec:c2:99:28:dc:
ce:e3:6c:7e:4d:12:33:0d:57:1b:0a:e3:32:7a:f1:
23:83:19:37:fa:08:39:53:dd:7f:a9:29:15:0a:dc:
13:bf:01:3e:f3:9e:09:53:1f:9e:d6:73:04:1e:e7:
10:d5:81:8c:c2:72:69:a7:7f:58:de:cf:90:c6:9b:
b5:e6:20:2d:71:41:cb:84:73:be:c7:1b:8e:c5:e6:
2d:a8:ee:08:5f:be:2e:ae:ff:c0:58:b5:34:ef:0e:
89:fb:fa:31:d6:32:55:61:9f:55:1d:de:a2:07:82:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:80:08:30:F2:C9:30:F8:51:9B:BC:C3:A1:AC:46:E0:0F:99:03:25
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a535157-7592-4343-845e-5a802b6a4566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
37:1d:9d:f4:3f:56:42:36:07:22:58:2a:05:44:8f:09:b5:11:
9b:91:b8:bd:07:0c:e4:57:16:a9:dc:a0:b5:be:7a:84:99:a0:
64:53:0f:58:4d:99:57:47:36:ac:f2:10:24:90:a6:c0:4a:d0:
10:d4:17:77:fb:2e:f0:b9:e5:17:0c:f1:f4:50:99:c3:c8:d0:
1e:a9:3b:36:8b:cb:ea:6f:2a:de:4b:06:a4:9a:ce:a7:a6:3e:
38:83:b3:19:6a:44:c3:cc:8f:ff:e0:8a:9b:0e:3c:8f:97:a6:
7b:93:21:76:08:60:c1:4d:26:bf:9b:6e:62:02:4c:24:04:15:
fa:d0:08:84:6f:50:32:ec:18:2f:d0:84:03:19:2a:d2:b4:10:
db:79:eb:76:51:a0:dd:a0:2b:32:dc:3a:0b:4e:da:2c:b2:b4:
51:2f:b7:2e:aa:19:a4:08:36:2a:19:5f:82:82:2b:01:09:3a:
a5:39:a9:f5:21:c6:93:24:cd:00:7f:3c:e1:5e:5f:19:72:ca:
c2:50:22:12:97:36:a3:9f:3e:44:0a:e9:a7:18:dd:b5:fc:2d:
32:44:d5:fb:87:69:86:76:53:c5:cd:5c:33:ee:ff:36:96:c2:
a4:d6:ef:66:e1:2d:83:6c:1a:d6:c8:a4:bf:04:b0:e2:41:a8:
89:99:1c:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJDTMpZXsS6TE9WA2yuziE22wxsMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDA3MDAwMDAwWhcNMjMxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMzI2MTFmZTgzOTMyMWM0MDBhMDZlNTFjOGY1YjNlYjk3
ZDM0NTRjNGQzNTIxNmUyYTg5M2Y1MWVmNzFhNjA5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHcvTRBixak0xctvohcbwZuzhq5aApeWMMc8YtHDqnleeT
M0bMAGcyVXtn0oLzlWj3K4Aw3TZ1PVYO9eBmgAYv0CfN7ENH+zootmN0w98zhcnX
jTsHOWRwh3NoL7M/sJrvj1gCN5DB3v2UcGQ2uXC9UAFLQi8HUmzw0YhwpNezQFVx
0Hth4UOLuPy93Rjqpefswpko3M7jbH5NEjMNVxsK4zJ68SODGTf6CDlT3X+pKRUK
3BO/AT7znglTH57WcwQe5xDVgYzCcmmnf1jez5DGm7XmIC1xQcuEc77HG47F5i2o
7ghfvi6u/8BYtTTvDon7+jHWMlVhn1Ud3qIHgvHdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmoAIMPLJMPhRm7zDoaxG4A+ZAyUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzVhNTM1MTU3LTc1OTItNDM0My04NDVlLTVhODAyYjZhNDU2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADcdnfQ/VkI2ByJYKgVEjwm1EZuR
uL0HDORXFqncoLW+eoSZoGRTD1hNmVdHNqzyECSQpsBK0BDUF3f7LvC55RcM8fRQ
mcPI0B6pOzaLy+pvKt5LBqSazqemPjiDsxlqRMPMj//gipsOPI+XpnuTIXYIYMFN
Jr+bbmICTCQEFfrQCIRvUDLsGC/QhAMZKtK0ENt563ZRoN2gKzLcOgtO2iyytFEv
ty6qGaQINioZX4KCKwEJOqU5qfUhxpMkzQB/POFeXxlyysJQIhKXNqOfPkQK6acY
3bX8LTJE1fuHaYZ2U8XNXDPu/zaWwqTW72bhLYNsGtbIpL8EsOJBqImZHL4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:45 2025 by rpki-client