Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6255031b-8fe0-47bf-ac0c-374950f0ddd4.roa
File: 6255031b-8fe0-47bf-ac0c-374950f0ddd4.roa (raw, json)
Hash identifier: C3IUZ5+egCi0m/TnTwJIjUWbFK9VYUSFbetibRSH7EI=
Subject key identifier: 1A:FB:61:D0:6E:D3:C2:CA:B0:50:93:AB:6B:AA:A8:7E:2A:44:CF:B4
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 35E29C22E4259C98E69DB94C9D29C9561723268C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6255031b-8fe0-47bf-ac0c-374950f0ddd4.roa
Signing time: Sun 05 Jan 2025 00:00:00 +0000
ROA not before: Sun 05 Jan 2025 00:00:00 +0000
ROA not after: Sun 09 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:e2:9c:22:e4:25:9c:98:e6:9d:b9:4c:9d:29:c9:56:17:23:26:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 5 00:00:00 2025 GMT
Not After : Feb 9 23:59:59 2025 GMT
Subject: serialNumber=d631a5afe4794760a24140a3df50b8a2df323799186c957c4e9f25fe6e9756ae, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fd:11:db:cc:02:88:d0:1c:14:4f:f0:c8:17:
35:0c:71:4b:6c:69:05:a5:62:29:f8:82:1b:c8:6e:
a5:52:f0:f4:b9:4b:16:a4:01:1d:47:3e:97:55:5d:
b8:43:aa:52:41:79:3f:6d:1a:37:a2:ae:d9:02:b1:
08:67:e3:cc:b1:14:a5:77:fa:cc:af:5c:2f:c2:0c:
14:ff:48:fb:9c:d8:2a:94:6b:e3:42:30:5d:bf:83:
c5:8b:3b:bf:02:11:00:a0:9e:fa:8c:be:a0:c2:9a:
3a:fd:66:30:fb:79:01:03:a8:d2:3d:32:e7:5c:3d:
68:39:7a:85:e8:19:76:ec:88:01:03:46:3b:7f:f0:
b5:2d:4a:e8:42:f3:21:c8:b8:29:ba:46:c7:89:5f:
8e:8a:79:9a:c7:45:55:b7:e8:62:42:8d:c6:3d:b3:
e0:fa:f2:e7:53:e3:77:e9:e9:71:99:b8:ee:06:67:
66:bc:ff:5e:4e:95:a2:9e:39:b5:7a:e8:1c:59:8b:
52:71:dd:f2:5b:8d:b9:1e:a8:89:fb:52:86:41:39:
ef:f9:d4:3b:b4:c0:fd:5d:a8:e8:30:47:70:d9:3c:
33:e0:08:cc:af:73:9e:c2:00:f2:06:b3:c3:88:44:
32:e8:f1:4d:11:fd:0b:4c:81:c6:71:2b:68:54:7d:
8c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FB:61:D0:6E:D3:C2:CA:B0:50:93:AB:6B:AA:A8:7E:2A:44:CF:B4
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6255031b-8fe0-47bf-ac0c-374950f0ddd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b3:ac:33:bc:25:71:41:53:4f:89:31:c7:c6:87:f6:44:b2:
d5:fd:84:af:11:56:26:a8:fc:9d:5e:99:f6:0f:5a:02:09:78:
0f:01:0c:15:88:a4:60:57:78:1f:3c:53:a5:d6:ab:72:b7:86:
b9:53:77:eb:45:48:f6:ab:10:29:d7:20:9a:b3:54:31:31:c4:
ec:19:e2:a2:8b:da:e9:03:40:7e:31:fc:bc:b5:36:d3:4b:d9:
0c:b0:64:15:92:e7:e6:d2:b6:4d:0a:79:a5:f4:f3:4d:a2:ce:
e2:dd:f3:14:6d:38:cf:aa:33:2b:c8:62:79:90:e0:0b:7a:33:
35:b1:2a:45:e2:22:f2:17:04:5c:65:7a:bc:27:9a:38:02:7d:
74:41:34:61:cf:f4:e9:73:b1:0a:55:c6:d3:fb:29:58:0c:d4:
ff:af:0c:22:c6:61:d6:41:c6:5d:0d:dd:1c:ab:d4:1f:a3:c4:
d4:1f:7e:2b:27:1b:26:ce:9c:eb:6b:8f:76:82:5e:dc:43:b3:
6c:38:1d:9c:d7:f4:47:a6:85:88:7c:30:ed:33:b1:66:bb:42:
ad:50:f4:ec:ca:ac:a5:46:17:d9:02:7b:1a:e5:fb:88:b3:3f:
6c:f2:96:ab:5a:18:da:86:3b:ab:3f:0d:ef:20:e6:c1:78:bf:
6f:6f:bd:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNeKcIuQlnJjmnblMnSnJVhcjJowwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMTA1MDAwMDAwWhcNMjUwMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNjMxYTVhZmU0Nzk0NzYwYTI0MTQwYTNkZjUwYjhhMmRm
MzIzNzk5MTg2Yzk1N2M0ZTlmMjVmZTZlOTc1NmFlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ/RHbzAKI0BwUT/DIFzUMcUtsaQWlYin4ghvIbqVS8PS5
SxakAR1HPpdVXbhDqlJBeT9tGjeirtkCsQhn48yxFKV3+syvXC/CDBT/SPuc2CqU
a+NCMF2/g8WLO78CEQCgnvqMvqDCmjr9ZjD7eQEDqNI9MudcPWg5eoXoGXbsiAED
Rjt/8LUtSuhC8yHIuCm6RseJX46KeZrHRVW36GJCjcY9s+D68udT43fp6XGZuO4G
Z2a8/15OlaKeObV66BxZi1Jx3fJbjbkeqIn7UoZBOe/51Du0wP1dqOgwR3DZPDPg
CMyvc57CAPIGs8OIRDLo8U0R/QtMgcZxK2hUfYzRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGvth0G7TwsqwUJOra6qofipEz7QwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzYyNTUwMzFiLThmZTAtNDdiZi1hYzBjLTM3NDk1MGYwZGRkNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHGzrDO8JXFBU0+JMcfGh/ZEstX9
hK8RViao/J1emfYPWgIJeA8BDBWIpGBXeB88U6XWq3K3hrlTd+tFSParECnXIJqz
VDExxOwZ4qKL2ukDQH4x/Ly1NtNL2QywZBWS5+bStk0KeaX0802izuLd8xRtOM+q
MyvIYnmQ4At6MzWxKkXiIvIXBFxlerwnmjgCfXRBNGHP9OlzsQpVxtP7KVgM1P+v
DCLGYdZBxl0N3Ryr1B+jxNQffisnGybOnOtrj3aCXtxDs2w4HZzX9EemhYh8MO0z
sWa7Qq1Q9OzKrKVGF9kCexrl+4izP2zylqtaGNqGO6s/De8g5sF4v29vvV4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:26:57 2025 by rpki-client