Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67a43581-183a-47d0-bac7-873fbc92a364.roa
File: 67a43581-183a-47d0-bac7-873fbc92a364.roa (raw, json)
Hash identifier: XQqw1MziD5RYndsENll+ISLo1QIm9scm9IRZYmi1rvI=
Subject key identifier: 1B:E5:1C:77:21:A0:FB:75:EE:8D:0A:8F:37:9D:E8:AE:1A:7B:6B:AA
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4D3BC766D3FFA17476A7C08AE3C59232055EAEC6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67a43581-183a-47d0-bac7-873fbc92a364.roa
Signing time: Tue 25 Feb 2025 06:18:21 +0000
ROA not before: Tue 25 Feb 2025 06:18:21 +0000
ROA not after: Tue 01 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:3b:c7:66:d3:ff:a1:74:76:a7:c0:8a:e3:c5:92:32:05:5e:ae:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 25 06:18:21 2025 GMT
Not After : Apr 1 23:59:59 2025 GMT
Subject: serialNumber=46d968cf7f2d670fa310d06465d03f7cd0b530c4ec5fd9b3588d20c8f33ff8c4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6f:3c:01:79:4c:aa:af:80:45:e5:30:7e:e0:
e9:57:23:0e:60:75:da:5d:63:38:f8:7e:b3:6d:b1:
39:af:c7:af:7c:f3:4f:f5:7f:06:81:76:c2:c3:a3:
1e:3f:f5:74:03:52:0a:47:f9:fa:2f:1a:d0:5c:8c:
68:4a:90:4b:c7:9c:f7:fb:9e:47:99:c6:b1:97:8d:
d7:93:5e:01:3c:ea:45:9a:5b:36:d6:ce:7a:6c:87:
69:3c:4a:69:47:45:f3:ee:3e:e6:6e:54:cf:49:28:
ce:35:4d:21:25:9c:82:c7:2f:52:83:40:46:9f:16:
70:db:f8:f2:ac:b9:88:9b:1f:ef:ab:5b:42:03:9c:
2b:ef:7d:13:af:db:34:7b:cd:e9:ab:78:b5:b4:89:
3a:ec:e7:e4:b5:d0:05:a8:ca:56:99:23:b0:fc:7e:
92:ab:88:66:bb:0e:97:c1:fc:e0:86:6f:27:f7:55:
b0:b6:72:3b:9b:68:6b:41:4f:d6:78:b0:88:d6:26:
2a:28:d9:64:0b:0a:9a:45:6e:8c:c0:94:c5:04:ae:
09:9e:9a:88:0d:89:c6:03:19:9a:ab:0f:91:99:f5:
d5:0a:1a:05:d9:fe:89:95:f2:bf:55:5e:74:23:1a:
e9:11:7e:7e:48:07:4f:85:28:62:f5:2f:4d:ac:7c:
1e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E5:1C:77:21:A0:FB:75:EE:8D:0A:8F:37:9D:E8:AE:1A:7B:6B:AA
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67a43581-183a-47d0-bac7-873fbc92a364.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b1:2e:fc:f7:a9:5e:aa:a6:72:8b:93:78:68:5f:d5:19:0a:
c8:35:41:a4:e4:97:dc:6f:cb:16:83:b7:4e:ca:c9:56:f6:99:
08:4b:7c:5f:bb:02:56:89:9e:d2:b4:54:7d:33:55:5a:34:9c:
60:4c:f1:df:50:79:e4:10:0a:4f:2f:2d:be:b5:f9:d5:ef:48:
22:36:6d:1b:7c:07:80:aa:8b:a6:2a:96:ff:ad:e2:ec:15:92:
d7:72:03:34:47:07:83:30:7c:3f:7a:7d:5d:2b:9d:68:c5:9f:
69:2d:0c:8b:08:2d:41:7f:39:f7:89:4f:af:fd:2d:4a:6a:fa:
b2:46:2e:46:03:62:c8:13:16:fb:12:f9:76:33:10:b2:33:2f:
3d:62:20:52:0b:e4:9f:ac:f8:b4:6b:0c:83:4c:95:8b:8e:c2:
03:d8:fb:cc:fa:1c:34:f3:38:13:3c:1e:c2:d1:c1:21:26:a9:
7f:a3:89:78:3e:1b:96:1f:5c:3a:04:0a:7b:35:90:01:84:48:
d1:38:44:22:2f:d8:f8:2d:5b:3f:2f:75:3e:40:d9:31:06:15:
61:bd:a3:67:a6:9d:62:8c:48:3a:1c:7b:53:1f:8c:d3:cc:31:
30:b6:6f:3d:6d:62:b9:ff:e3:03:c2:a2:b7:0c:dd:49:8f:36:
26:76:6d:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTTvHZtP/oXR2p8CK48WSMgVersYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjI1MDYxODIxWhcNMjUwNDAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NmQ5NjhjZjdmMmQ2NzBmYTMxMGQwNjQ2NWQwM2Y3Y2Qw
YjUzMGM0ZWM1ZmQ5YjM1ODhkMjBjOGYzM2ZmOGM0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMbzwBeUyqr4BF5TB+4OlXIw5gddpdYzj4frNtsTmvx698
80/1fwaBdsLDox4/9XQDUgpH+fovGtBcjGhKkEvHnPf7nkeZxrGXjdeTXgE86kWa
WzbWznpsh2k8SmlHRfPuPuZuVM9JKM41TSElnILHL1KDQEafFnDb+PKsuYibH++r
W0IDnCvvfROv2zR7zemreLW0iTrs5+S10AWoylaZI7D8fpKriGa7DpfB/OCGbyf3
VbC2cjubaGtBT9Z4sIjWJioo2WQLCppFbozAlMUErgmemogNicYDGZqrD5GZ9dUK
GgXZ/omV8r9VXnQjGukRfn5IB0+FKGL1L02sfB4RAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUG+UcdyGg+3XujQqPN53orhp7a6owHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzY3YTQzNTgxLTE4M2EtNDdkMC1iYWM3LTg3M2ZiYzkyYTM2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA6xLvz3qV6qpnKLk3hoX9UZCsg1
QaTkl9xvyxaDt07KyVb2mQhLfF+7AlaJntK0VH0zVVo0nGBM8d9QeeQQCk8vLb61
+dXvSCI2bRt8B4Cqi6Yqlv+t4uwVktdyAzRHB4MwfD96fV0rnWjFn2ktDIsILUF/
OfeJT6/9LUpq+rJGLkYDYsgTFvsS+XYzELIzLz1iIFIL5J+s+LRrDINMlYuOwgPY
+8z6HDTzOBM8HsLRwSEmqX+jiXg+G5YfXDoECns1kAGESNE4RCIv2PgtWz8vdT5A
2TEGFWG9o2emnWKMSDoce1MfjNPMMTC2bz1tYrn/4wPCorcM3UmPNiZ2bZ4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:01:51 2025 by rpki-client