Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70e3c746-e6ab-4085-8df7-993529d26f2e.roa
File: 70e3c746-e6ab-4085-8df7-993529d26f2e.roa (raw, json)
Hash identifier: iOAIdbjEXKAjgWOyZ8lRZjs/Ik2sXvH8xtsCr4HPx6o=
Subject key identifier: 90:15:DA:6E:BD:9F:5D:A1:08:50:7C:18:42:75:DD:EC:4D:4F:D6:0E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5082A01C6BAB671378FECEC021B6680617006DAD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70e3c746-e6ab-4085-8df7-993529d26f2e.roa
Signing time: Sun 17 Dec 2023 00:00:00 +0000
ROA not before: Sun 17 Dec 2023 00:00:00 +0000
ROA not after: Sun 21 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:82:a0:1c:6b:ab:67:13:78:fe:ce:c0:21:b6:68:06:17:00:6d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 17 00:00:00 2023 GMT
Not After : Jan 21 23:59:59 2024 GMT
Subject: serialNumber=5cb6febf58bf1ab2e56adaab8610365f40b451061a90362be8f2bc67d1a59950, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d9:f1:e6:93:ee:a8:dd:0f:a0:92:09:20:24:
15:cc:c8:04:c8:28:ed:9d:d9:dc:c0:6d:c1:72:fe:
8b:f1:ed:6d:03:be:77:89:a2:f6:b6:0e:03:1e:91:
b8:d5:a2:b5:a7:5c:28:30:ff:42:95:41:c7:c7:61:
77:90:a0:01:cd:ca:ff:f6:a4:15:4c:9f:e8:1d:45:
79:b5:04:85:41:20:97:db:85:8d:f3:63:3b:c5:69:
00:eb:4f:76:e0:80:ec:13:34:6f:bd:1c:4a:01:e8:
e2:fa:4a:db:4a:82:22:51:3a:4d:1f:65:f9:90:a6:
5c:f4:c9:e9:56:03:08:75:7a:3e:df:a3:98:57:c2:
07:b5:a5:18:f3:64:d8:1e:0e:b4:b4:bd:f9:6d:5e:
e7:6d:4c:a8:ac:b9:28:a4:11:7b:ac:8f:3f:3c:d6:
ab:fd:07:71:db:1e:0a:10:4a:80:98:e3:45:60:e9:
26:2e:b1:bc:56:36:07:25:ba:a9:cb:9f:f8:47:8e:
75:c7:cf:46:51:de:74:c1:d4:fc:b3:6f:e6:52:bb:
80:87:8b:8c:76:f7:54:cd:94:3b:82:ee:71:8e:a8:
ed:c4:77:09:02:19:ca:15:5b:72:f4:20:c7:0c:32:
e7:5b:eb:a3:35:ae:2c:6a:0a:34:c7:18:fe:71:f2:
e5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:15:DA:6E:BD:9F:5D:A1:08:50:7C:18:42:75:DD:EC:4D:4F:D6:0E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70e3c746-e6ab-4085-8df7-993529d26f2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
12:08:73:21:7b:41:76:30:fa:ca:7c:5d:b9:57:f6:14:a3:f2:
b7:1f:79:5c:3c:eb:d9:c1:0a:58:a4:3d:cc:35:68:55:0a:44:
c9:f6:9b:64:02:de:f3:49:82:fb:01:64:7a:a4:8d:ea:5a:e9:
b2:e3:ae:ad:01:c0:38:62:af:f2:dd:6d:85:5e:64:c4:09:3f:
dd:ac:de:0b:1d:95:11:90:56:ff:6c:13:73:da:19:83:ed:2f:
5f:3e:2b:5f:80:ae:2a:04:25:95:66:e3:ac:aa:6c:de:ae:47:
b6:00:a4:96:4a:45:74:0d:7b:4a:85:0c:04:b6:1d:1b:aa:3c:
d0:83:08:ee:65:9c:7a:13:19:ad:6e:15:26:67:6d:1e:02:e5:
8d:e1:9f:78:1c:d2:05:96:af:c0:c1:46:53:e7:18:14:5f:ba:
68:5e:7e:16:bc:df:6a:95:2f:db:ba:6d:db:0b:72:ce:82:88:
19:26:e6:15:e0:99:ed:27:1a:f6:30:03:29:69:f9:9d:05:4e:
d2:6f:d8:06:03:18:5c:d5:09:8e:87:50:8c:1a:41:e0:67:01:
00:5c:77:f3:ea:77:15:f3:13:ba:42:69:c6:82:b9:84:ef:94:
47:fa:cb:30:57:85:d7:97:36:1c:1b:38:8e:64:0b:14:58:f1:
75:0d:ec:d3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUIKgHGurZxN4/s7AIbZoBhcAba0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjE3MDAwMDAwWhcNMjQwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2I2ZmViZjU4YmYxYWIyZTU2YWRhYWI4NjEwMzY1ZjQw
YjQ1MTA2MWE5MDM2MmJlOGYyYmM2N2QxYTU5OTUwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs2fHmk+6o3Q+gkgkgJBXMyATIKO2d2dzAbcFy/ovx7W0D
vneJova2DgMekbjVorWnXCgw/0KVQcfHYXeQoAHNyv/2pBVMn+gdRXm1BIVBIJfb
hY3zYzvFaQDrT3bggOwTNG+9HEoB6OL6SttKgiJROk0fZfmQplz0yelWAwh1ej7f
o5hXwge1pRjzZNgeDrS0vfltXudtTKisuSikEXusjz881qv9B3HbHgoQSoCY40Vg
6SYusbxWNgcluqnLn/hHjnXHz0ZR3nTB1Pyzb+ZSu4CHi4x291TNlDuC7nGOqO3E
dwkCGcoVW3L0IMcMMudb66M1rixqCjTHGP5x8uVPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkBXabr2fXaEIUHwYQnXd7E1P1g4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcwZTNjNzQ2LWU2YWItNDA4NS04ZGY3LTk5MzUyOWQyNmYyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABIIcyF7QXYw+sp8XblX9hSj8rcf
eVw869nBClikPcw1aFUKRMn2m2QC3vNJgvsBZHqkjepa6bLjrq0BwDhir/LdbYVe
ZMQJP92s3gsdlRGQVv9sE3PaGYPtL18+K1+ArioEJZVm46yqbN6uR7YApJZKRXQN
e0qFDAS2HRuqPNCDCO5lnHoTGa1uFSZnbR4C5Y3hn3gc0gWWr8DBRlPnGBRfumhe
fha832qVL9u6bdsLcs6CiBkm5hXgme0nGvYwAylp+Z0FTtJv2AYDGFzVCY6HUIwa
QeBnAQBcd/PqdxXzE7pCacaCuYTvlEf6yzBXhdeXNhwbOI5kCxRY8XUN7NM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:07:05 2025 by rpki-client