Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/651b35ea-1d53-4994-b827-53871cb3868f.roa
File: 651b35ea-1d53-4994-b827-53871cb3868f.roa (raw, json)
Hash identifier: x+xpDKQb4/eWTFSQbwGXT5B6SC+34ytTCUpEM7PH6s0=
Subject key identifier: 0F:CE:F6:B4:10:B1:D0:18:99:EA:F6:A6:B5:48:59:01:F9:C2:68:10
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6B78BBED88D5611102010825A23C7633F257B20A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/651b35ea-1d53-4994-b827-53871cb3868f.roa
Signing time: Sat 16 Sep 2023 00:00:00 +0000
ROA not before: Sat 16 Sep 2023 00:00:00 +0000
ROA not after: Sat 21 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:78:bb:ed:88:d5:61:11:02:01:08:25:a2:3c:76:33:f2:57:b2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 16 00:00:00 2023 GMT
Not After : Oct 21 23:59:59 2023 GMT
Subject: serialNumber=3edbb5274bf8eb643410e31aa63877fca8a37866146e25ed1f29e1967ab38635, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a1:7a:f6:60:f7:fd:5c:08:17:96:f6:e7:84:
4a:82:55:d0:a9:52:ef:86:3c:d4:b9:a8:3d:db:22:
95:b0:59:00:6f:ba:5a:0d:2b:ef:d8:f7:eb:08:c0:
4c:4a:f0:16:76:2f:f6:79:43:52:3b:57:48:65:8f:
b4:2b:06:27:fa:3c:d2:48:99:55:4e:8a:a3:96:78:
b8:8e:b7:5b:b7:ea:16:b6:71:fc:e7:de:6f:31:cf:
e9:12:8e:9e:ec:43:17:6e:95:83:58:56:0a:70:48:
d9:70:a2:20:13:dd:d6:8c:b0:25:0f:65:a2:0e:94:
0b:1d:f5:b1:c9:cd:29:d6:2c:64:c2:e0:e3:b7:d9:
f5:31:0a:85:b3:b4:c4:ba:07:75:64:f2:de:a1:61:
2d:09:f5:04:72:3b:0e:08:66:87:bb:ef:8f:4f:62:
c3:52:49:b6:ea:35:e0:51:54:e5:04:b1:da:41:19:
03:be:95:fd:da:a9:87:5a:22:a6:ae:a0:f1:ca:60:
fa:58:e4:e2:d1:ed:13:d9:5a:7b:d1:91:c8:fd:ac:
c7:b7:2b:54:ff:df:58:15:7a:c5:f3:a1:ae:b1:3b:
ea:f5:e9:da:20:2c:f9:de:ac:ed:19:ea:49:21:c8:
15:ff:bd:46:96:a8:90:99:65:65:6f:7f:02:21:53:
85:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CE:F6:B4:10:B1:D0:18:99:EA:F6:A6:B5:48:59:01:F9:C2:68:10
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/651b35ea-1d53-4994-b827-53871cb3868f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
36:3f:62:bc:bb:b7:41:09:bc:af:32:94:16:6a:42:1a:7b:66:
eb:7e:24:b9:e8:8a:5f:99:a9:59:9f:06:d4:9c:11:f7:7f:c2:
a4:8d:8d:bb:0e:75:97:3a:e4:44:2c:55:b3:6a:71:99:48:73:
8c:d3:8e:19:43:21:27:4b:94:2a:22:f8:87:e5:a2:ce:a6:cd:
87:fa:be:f7:48:ae:84:bb:70:fe:64:9a:b2:d5:ae:3d:7f:b9:
cd:88:b9:e9:e1:f8:81:fc:48:21:1a:2e:30:a1:c7:c5:2a:37:
5c:c3:ed:30:e4:93:82:5d:46:59:6f:35:00:18:94:6b:5e:4e:
86:5c:41:09:b0:42:c6:91:eb:d5:b9:1c:2a:a0:a7:00:d0:15:
7b:a6:36:73:af:24:b8:0a:cb:97:ad:72:1f:91:36:11:e5:10:
8a:8d:3e:02:54:b3:d0:f2:81:f1:3f:a4:21:06:4f:2b:04:26:
be:82:36:ba:2c:10:45:5c:2c:43:b3:fc:4a:77:71:23:75:f6:
b7:33:4a:bc:48:cc:a2:d8:26:81:78:ab:24:59:fa:fc:17:12:
95:8c:b7:ea:47:cb:72:b0:88:63:03:9f:05:09:12:82:39:fe:
ee:81:9d:26:f4:7a:27:7b:b5:79:d8:52:c3:3f:47:09:36:08:
76:56:0a:95
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa3i77YjVYRECAQglojx2M/JXsgowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTE2MDAwMDAwWhcNMjMxMDIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzZWRiYjUyNzRiZjhlYjY0MzQxMGUzMWFhNjM4NzdmY2E4
YTM3ODY2MTQ2ZTI1ZWQxZjI5ZTE5NjdhYjM4NjM1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpoXr2YPf9XAgXlvbnhEqCVdCpUu+GPNS5qD3bIpWwWQBv
uloNK+/Y9+sIwExK8BZ2L/Z5Q1I7V0hlj7QrBif6PNJImVVOiqOWeLiOt1u36ha2
cfzn3m8xz+kSjp7sQxdulYNYVgpwSNlwoiAT3daMsCUPZaIOlAsd9bHJzSnWLGTC
4OO32fUxCoWztMS6B3Vk8t6hYS0J9QRyOw4IZoe7749PYsNSSbbqNeBRVOUEsdpB
GQO+lf3aqYdaIqauoPHKYPpY5OLR7RPZWnvRkcj9rMe3K1T/31gVesXzoa6xO+r1
6dogLPnerO0Z6kkhyBX/vUaWqJCZZWVvfwIhU4V3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUD872tBCx0BiZ6vamtUhZAfnCaBAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzY1MWIzNWVhLTFkNTMtNDk5NC1iODI3LTUzODcxY2IzODY4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADY/Yry7t0EJvK8ylBZqQhp7Zut+
JLnoil+ZqVmfBtScEfd/wqSNjbsOdZc65EQsVbNqcZlIc4zTjhlDISdLlCoi+Ifl
os6mzYf6vvdIroS7cP5kmrLVrj1/uc2Iuenh+IH8SCEaLjChx8UqN1zD7TDkk4Jd
RllvNQAYlGteToZcQQmwQsaR69W5HCqgpwDQFXumNnOvJLgKy5etch+RNhHlEIqN
PgJUs9DygfE/pCEGTysEJr6CNrosEEVcLEOz/Ep3cSN19rczSrxIzKLYJoF4qyRZ
+vwXEpWMt+pHy3KwiGMDnwUJEoI5/u6BnSb0eid7tXnYUsM/Rwk2CHZWCpU=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:23:50 2025 by rpki-client