Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5f1e42b2-0f6f-48f6-a2ab-32613d919056.roa
File: 5f1e42b2-0f6f-48f6-a2ab-32613d919056.roa (raw, json)
Hash identifier: XawXkY3/+GxZ6QV+wTOP2+R6ZxU4/8f5HHcio+z226c=
Subject key identifier: 4C:E4:80:B3:98:77:15:F5:86:4B:70:BB:F7:FA:A3:65:88:07:09:D7
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5AEB377D7779057DF93F28035C6BF51DA7E83A0F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5f1e42b2-0f6f-48f6-a2ab-32613d919056.roa
Signing time: Fri 14 Feb 2025 11:18:24 +0000
ROA not before: Fri 14 Feb 2025 11:18:24 +0000
ROA not after: Fri 21 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:eb:37:7d:77:79:05:7d:f9:3f:28:03:5c:6b:f5:1d:a7:e8:3a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 14 11:18:24 2025 GMT
Not After : Mar 21 23:59:59 2025 GMT
Subject: serialNumber=6cc39e190b6a5bf13d0798c5c9d1113fcbe149b3288a058649f3656402f7403a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:50:4b:99:0a:3f:14:23:37:41:3b:99:5e:
ab:13:f8:9a:3f:16:f3:5b:24:71:28:b1:34:e6:d7:
71:e5:22:86:98:13:6c:67:f9:e4:59:fa:09:b2:8e:
dc:d9:fd:4a:b7:8b:48:95:a9:1b:24:b9:85:85:76:
41:4b:56:9f:19:ba:c6:3c:97:5a:52:62:09:be:ed:
07:90:2b:0d:28:c6:75:e4:4e:d2:b4:b9:b0:b4:8a:
3f:5c:5c:e3:97:37:6b:8b:96:52:e5:7e:13:2e:e6:
de:e8:e1:b0:37:d1:f0:42:3f:63:b5:9a:5e:02:6c:
7f:d1:66:b1:09:25:36:78:47:19:10:70:d8:0f:bb:
2a:03:01:d1:78:f0:b0:8c:b1:fd:6f:28:18:f6:d2:
65:8c:a8:5f:fc:fe:41:f8:40:6f:88:3b:2f:20:81:
58:d3:bc:72:23:e1:6c:e7:98:0c:f0:9a:08:2d:c7:
3b:49:31:0a:e4:eb:04:49:bd:d6:ba:03:62:55:f3:
c1:73:c4:cd:09:fc:4b:11:86:7f:8e:5c:97:83:73:
50:c9:1c:16:59:44:8f:0c:68:15:af:b1:db:48:86:
d7:2b:a7:e3:20:c7:ad:7b:4b:04:0e:94:3d:6d:23:
61:f6:ed:3b:b6:50:bc:0a:00:0a:e3:4e:0f:64:27:
d5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E4:80:B3:98:77:15:F5:86:4B:70:BB:F7:FA:A3:65:88:07:09:D7
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5f1e42b2-0f6f-48f6-a2ab-32613d919056.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:24:d8:b0:19:59:30:5b:36:a5:71:f0:4a:e4:c0:23:2b:91:
50:3a:2f:2b:b9:d0:b5:5d:59:4c:86:9f:79:73:9b:94:f2:d8:
2f:3a:53:15:f5:05:62:a1:e8:24:8a:d4:24:d3:a6:fb:3d:3b:
f9:08:27:6f:c0:2b:b1:6f:3e:b6:82:47:0d:b5:16:60:9e:1e:
93:c5:3c:76:6f:3e:cd:0e:b4:63:40:99:43:94:75:f9:4c:c0:
ca:8d:68:d7:a5:66:1e:8d:45:d4:ee:12:3b:54:74:8d:97:84:
a3:62:7f:e3:6e:87:72:81:ac:21:8e:d2:75:75:73:a7:1c:c2:
49:34:eb:d1:e9:82:94:b5:ea:e8:0d:dc:45:48:03:44:81:c1:
9c:ba:fe:1e:ce:bc:ad:a9:41:18:20:32:27:d9:c1:26:5d:f6:
c0:b3:40:4c:81:4c:5b:63:90:7a:97:06:87:26:df:49:94:cb:
a9:85:ec:60:39:b5:b9:8f:c7:17:d0:84:bc:91:c6:63:ae:d0:
52:d2:08:b3:2b:dc:16:9d:13:88:2f:1e:d0:ce:eb:03:ce:e3:
d9:8f:16:45:9c:05:29:66:57:bf:6e:45:64:be:4e:6c:2b:49:
4c:86:70:9f:8a:26:9f:01:45:29:37:46:ac:d3:b2:b4:3c:9e:
e1:bf:db:9a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWus3fXd5BX35PygDXGv1HafoOg8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjE0MTExODI0WhcNMjUwMzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2Y2MzOWUxOTBiNmE1YmYxM2QwNzk4YzVjOWQxMTEzZmNi
ZTE0OWIzMjg4YTA1ODY0OWYzNjU2NDAyZjc0MDNhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6klBLmQo/FCM3QTuZXqsT+Jo/FvNbJHEosTTm13HlIoaY
E2xn+eRZ+gmyjtzZ/Uq3i0iVqRskuYWFdkFLVp8ZusY8l1pSYgm+7QeQKw0oxnXk
TtK0ubC0ij9cXOOXN2uLllLlfhMu5t7o4bA30fBCP2O1ml4CbH/RZrEJJTZ4RxkQ
cNgPuyoDAdF48LCMsf1vKBj20mWMqF/8/kH4QG+IOy8ggVjTvHIj4WznmAzwmggt
xztJMQrk6wRJvda6A2JV88FzxM0J/EsRhn+OXJeDc1DJHBZZRI8MaBWvsdtIhtcr
p+Mgx617SwQOlD1tI2H27Tu2ULwKAArjTg9kJ9XtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTOSAs5h3FfWGS3C79/qjZYgHCdcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzVmMWU0MmIyLTBmNmYtNDhmNi1hMmFiLTMyNjEzZDkxOTA1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJok2LAZWTBbNqVx8ErkwCMrkVA6
Lyu50LVdWUyGn3lzm5Ty2C86UxX1BWKh6CSK1CTTpvs9O/kIJ2/AK7FvPraCRw21
FmCeHpPFPHZvPs0OtGNAmUOUdflMwMqNaNelZh6NRdTuEjtUdI2XhKNif+Nuh3KB
rCGO0nV1c6ccwkk069HpgpS16ugN3EVIA0SBwZy6/h7OvK2pQRggMifZwSZd9sCz
QEyBTFtjkHqXBocm30mUy6mF7GA5tbmPxxfQhLyRxmOu0FLSCLMr3BadE4gvHtDO
6wPO49mPFkWcBSlmV79uRWS+TmwrSUyGcJ+KJp8BRSk3RqzTsrQ8nuG/25o=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:20:43 2025 by rpki-client