Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67e27c51-7f0e-458c-be79-95541714e8c5.roa
File: 67e27c51-7f0e-458c-be79-95541714e8c5.roa (raw, json)
Hash identifier: /qWdvvcuCr2PmS6q4IxiQtsrzovE5r6wqPaZvFtn9KY=
Subject key identifier: CA:94:F2:61:F9:23:BD:8E:31:B4:7A:CE:9B:D8:7B:BA:24:8F:AE:B4
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2F13703A6860B8DC80EBFE2A94F2618D2DEA3735
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67e27c51-7f0e-458c-be79-95541714e8c5.roa
Signing time: Tue 04 Mar 2025 23:03:23 +0000
ROA not before: Tue 04 Mar 2025 23:03:23 +0000
ROA not after: Tue 08 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:13:70:3a:68:60:b8:dc:80:eb:fe:2a:94:f2:61:8d:2d:ea:37:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 4 23:03:23 2025 GMT
Not After : Apr 8 23:59:59 2025 GMT
Subject: serialNumber=18d1890d46d2e474f98a61dbbc6ea000a41a753981f9dc6651eec74b7b648cb5, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2b:c3:23:79:88:0f:d0:49:8e:6e:44:32:91:
58:94:a5:f2:29:e8:16:94:5c:50:3c:a7:90:47:c0:
3f:31:cc:55:9d:d1:48:eb:f1:18:82:04:af:e5:79:
5a:74:7e:0a:b2:c6:bf:ae:75:99:ac:4e:58:5a:fe:
3d:1d:f2:1e:b5:d5:04:ae:a4:27:ea:ed:9f:5d:7a:
d8:a8:13:6f:93:5e:a3:61:43:96:27:85:2c:fe:8a:
a3:2d:83:15:d4:53:60:2c:13:f7:ae:50:59:57:f5:
15:3d:fa:b5:01:ed:0f:32:d3:3e:55:9c:ed:d8:6d:
21:01:84:84:8a:34:62:71:4e:c8:0a:2f:e5:04:a0:
00:1a:cb:09:d7:28:7f:c7:ab:ce:e1:37:37:c1:ff:
5a:aa:c9:cb:11:f8:31:21:5d:99:9c:fd:46:97:5c:
9e:e6:08:45:bd:18:c2:e3:e3:89:48:03:e7:f2:7c:
e6:21:77:8a:b9:52:7c:37:57:43:eb:8e:84:1a:60:
1d:c0:f3:f8:64:db:1e:02:05:e7:90:68:28:81:37:
4a:66:d5:99:4c:cb:d9:18:9a:40:38:b0:77:b8:e2:
d3:2f:20:d3:83:98:2e:4b:d1:2e:9b:9d:8d:e9:39:
8b:1d:ca:7d:c8:56:9e:e5:0d:85:c6:af:26:78:ac:
7c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:94:F2:61:F9:23:BD:8E:31:B4:7A:CE:9B:D8:7B:BA:24:8F:AE:B4
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67e27c51-7f0e-458c-be79-95541714e8c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b7:2c:fa:35:fb:bc:b3:c4:ab:45:f1:ac:a4:8c:00:ae:05:
92:8d:c1:5c:04:f8:73:1d:10:89:79:65:ea:9e:17:dd:c6:61:
9b:4b:2b:76:35:31:58:d7:04:e9:d9:d0:b0:11:8a:ed:8f:4e:
1c:b1:cd:f4:c4:7f:a9:7e:98:31:54:b7:bb:13:06:ba:09:61:
b7:42:8b:40:85:7a:ce:a5:1f:d1:fd:ce:d8:4a:50:65:21:ee:
79:d0:5f:96:1d:e4:48:90:8b:43:0c:1e:50:97:e9:fc:63:8f:
44:39:a6:95:70:08:c7:dc:b0:92:f7:5c:53:4d:09:8b:eb:f5:
ce:0b:1b:29:40:a0:3a:a1:85:10:99:72:16:2c:84:21:c3:d6:
bf:17:d6:c3:e2:b5:30:87:0d:62:6b:28:9d:61:2b:9d:9b:eb:
4f:32:d6:a8:d3:e9:b4:59:c2:7f:1e:87:eb:5c:58:61:4a:b1:
1c:cc:5b:4b:34:81:1e:fa:33:63:24:73:8b:7d:4e:71:78:45:
d2:d9:39:62:8f:eb:89:58:c8:80:b9:b3:ae:cd:24:e1:9a:20:
e6:dc:48:a1:10:49:aa:2d:5d:f7:3b:86:ee:aa:bd:3c:cf:9c:
31:f6:3f:c4:2d:79:cc:25:1f:bd:c8:57:4e:f5:28:2e:00:bd:
51:c1:f9:a3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULxNwOmhguNyA6/4qlPJhjS3qNzUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzA0MjMwMzIzWhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOGQxODkwZDQ2ZDJlNDc0Zjk4YTYxZGJiYzZlYTAwMGE0
MWE3NTM5ODFmOWRjNjY1MWVlYzc0YjdiNjQ4Y2I1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCLK8MjeYgP0EmObkQykViUpfIp6BaUXFA8p5BHwD8xzFWd
0Ujr8RiCBK/leVp0fgqyxr+udZmsTlha/j0d8h611QSupCfq7Z9detioE2+TXqNh
Q5YnhSz+iqMtgxXUU2AsE/euUFlX9RU9+rUB7Q8y0z5VnO3YbSEBhISKNGJxTsgK
L+UEoAAaywnXKH/Hq87hNzfB/1qqycsR+DEhXZmc/UaXXJ7mCEW9GMLj44lIA+fy
fOYhd4q5Unw3V0PrjoQaYB3A8/hk2x4CBeeQaCiBN0pm1ZlMy9kYmkA4sHe44tMv
INODmC5L0S6bnY3pOYsdyn3IVp7lDYXGryZ4rHwnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUypTyYfkjvY4xtHrOm9h7uiSPrrQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzY3ZTI3YzUxLTdmMGUtNDU4Yy1iZTc5LTk1NTQxNzE0ZThjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGy3LPo1+7yzxKtF8aykjACuBZKN
wVwE+HMdEIl5ZeqeF93GYZtLK3Y1MVjXBOnZ0LARiu2PThyxzfTEf6l+mDFUt7sT
BroJYbdCi0CFes6lH9H9zthKUGUh7nnQX5Yd5EiQi0MMHlCX6fxjj0Q5ppVwCMfc
sJL3XFNNCYvr9c4LGylAoDqhhRCZchYshCHD1r8X1sPitTCHDWJrKJ1hK52b608y
1qjT6bRZwn8eh+tcWGFKsRzMW0s0gR76M2Mkc4t9TnF4RdLZOWKP64lYyIC5s67N
JOGaIObcSKEQSaotXfc7hu6qvTzPnDH2P8QtecwlH73IV071KC4AvVHB+aM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:21:17 2025 by rpki-client