Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7218b0fc-f355-4ae5-902b-fc818e5c03d7.roa
File: 7218b0fc-f355-4ae5-902b-fc818e5c03d7.roa (raw, json)
Hash identifier: H+24lwLA1/w8F3lZfQXbTr6m5tsU4OsPUFnPzqbYsqY=
Subject key identifier: 87:F7:6D:3A:93:12:38:B6:B4:D3:5A:8C:55:6D:13:4D:C1:A1:6C:94
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 42F2A96F70D0ADD69ECC246ADD4F685E67EB4B01
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7218b0fc-f355-4ae5-902b-fc818e5c03d7.roa
Signing time: Thu 28 Sep 2023 00:00:00 +0000
ROA not before: Thu 28 Sep 2023 00:00:00 +0000
ROA not after: Thu 02 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:f2:a9:6f:70:d0:ad:d6:9e:cc:24:6a:dd:4f:68:5e:67:eb:4b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 28 00:00:00 2023 GMT
Not After : Nov 2 23:59:59 2023 GMT
Subject: serialNumber=bf67455eed547c67493c399f986c98b4cc3a6108b7b02b9e2afd49408d0b2a9d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6e:f6:82:ac:94:f6:20:bd:fa:1f:85:ae:ce:
8b:0d:db:ac:13:47:f0:40:da:01:58:eb:fb:00:96:
6a:f8:a7:cf:ec:82:58:78:13:93:39:aa:b2:ad:9c:
e0:f7:86:b9:4b:2d:3c:51:bc:0d:cb:6d:b9:10:a8:
4a:4e:b7:cb:31:97:7a:29:58:c8:e7:67:14:dd:5a:
23:7b:8c:3d:9e:2e:ae:0a:32:23:6a:aa:a7:0b:62:
63:79:d4:35:70:f2:db:3f:d8:af:b1:7e:3f:c6:55:
6d:d9:62:d0:6b:3a:d0:8c:85:61:39:20:62:56:ff:
0b:2b:4d:c2:16:d5:90:69:e5:29:8c:62:dc:a0:27:
9e:3f:7c:6c:7b:4f:8c:6e:fe:a6:e9:9a:17:5d:56:
41:fb:ba:f0:ca:18:fe:85:8c:00:a1:b7:b2:40:01:
45:a6:e7:02:82:9a:e1:e0:31:a7:2c:04:eb:b1:f8:
37:3b:41:d5:2c:ca:82:3a:c4:23:ea:da:c5:7a:14:
5b:b0:13:ec:32:c6:c6:74:dc:5b:34:2b:1d:6f:7f:
a5:a6:78:7e:d9:db:68:a8:40:cc:4f:9a:64:88:e4:
c8:09:61:fa:7c:ce:4b:41:c3:f1:23:83:52:85:fa:
20:de:61:43:a2:b4:24:80:6d:7f:5e:1a:11:bc:7b:
c3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F7:6D:3A:93:12:38:B6:B4:D3:5A:8C:55:6D:13:4D:C1:A1:6C:94
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7218b0fc-f355-4ae5-902b-fc818e5c03d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
48:fe:3b:48:b9:83:e9:26:fe:4b:94:61:35:5e:8e:39:85:13:
5e:40:79:bf:89:16:93:1b:4f:7b:e7:3a:5d:73:86:14:12:70:
1b:15:84:ab:af:5b:ac:59:32:3b:46:b9:74:50:54:c9:48:27:
f0:24:d9:1d:73:42:5e:91:eb:51:89:74:f7:21:e6:84:18:0f:
39:f3:2c:4d:8f:61:88:a4:64:7f:bb:aa:ba:9a:e2:6a:52:2a:
55:40:b1:40:b7:15:a0:e4:10:5f:90:c3:6d:e2:43:66:17:45:
e3:dc:0b:24:ba:54:e9:7e:90:78:19:57:e9:e7:c5:f0:b4:39:
70:53:b3:04:44:7b:2a:01:52:a0:21:6d:d6:6d:83:9e:d2:ed:
6e:43:88:9a:64:65:5a:37:cf:9e:b4:f7:e4:7d:da:fc:6f:d9:
7d:9f:26:ff:16:14:e9:ed:38:d4:0e:9d:d8:64:92:04:52:42:
c6:b5:89:bb:da:c0:e2:4a:68:3b:18:b4:3e:67:62:4a:a6:79:
6a:63:7f:65:0d:97:17:58:20:d3:61:09:d8:c9:12:97:38:2f:
6b:e2:7f:66:0a:37:87:91:91:96:54:86:06:ff:2c:6b:d0:76:
9a:90:cf:b0:00:5e:ac:67:2f:ba:02:63:88:3f:35:10:53:e5:
6d:8a:72:7a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQvKpb3DQrdaezCRq3U9oXmfrSwEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTI4MDAwMDAwWhcNMjMxMTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjY3NDU1ZWVkNTQ3YzY3NDkzYzM5OWY5ODZjOThiNGNj
M2E2MTA4YjdiMDJiOWUyYWZkNDk0MDhkMGIyYTlkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDebvaCrJT2IL36H4WuzosN26wTR/BA2gFY6/sAlmr4p8/s
glh4E5M5qrKtnOD3hrlLLTxRvA3LbbkQqEpOt8sxl3opWMjnZxTdWiN7jD2eLq4K
MiNqqqcLYmN51DVw8ts/2K+xfj/GVW3ZYtBrOtCMhWE5IGJW/wsrTcIW1ZBp5SmM
YtygJ54/fGx7T4xu/qbpmhddVkH7uvDKGP6FjACht7JAAUWm5wKCmuHgMacsBOux
+Dc7QdUsyoI6xCPq2sV6FFuwE+wyxsZ03Fs0Kx1vf6WmeH7Z22ioQMxPmmSI5MgJ
Yfp8zktBw/Ejg1KF+iDeYUOitCSAbX9eGhG8e8NhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh/dtOpMSOLa001qMVW0TTcGhbJQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcyMThiMGZjLWYzNTUtNGFlNS05MDJiLWZjODE4ZTVjMDNkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEj+O0i5g+km/kuUYTVejjmFE15A
eb+JFpMbT3vnOl1zhhQScBsVhKuvW6xZMjtGuXRQVMlIJ/Ak2R1zQl6R61GJdPch
5oQYDznzLE2PYYikZH+7qrqa4mpSKlVAsUC3FaDkEF+Qw23iQ2YXRePcCyS6VOl+
kHgZV+nnxfC0OXBTswREeyoBUqAhbdZtg57S7W5DiJpkZVo3z5609+R92vxv2X2f
Jv8WFOntONQOndhkkgRSQsa1ibvawOJKaDsYtD5nYkqmeWpjf2UNlxdYINNhCdjJ
Epc4L2vif2YKN4eRkZZUhgb/LGvQdpqQz7AAXqxnL7oCY4g/NRBT5W2Kcno=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:59:44 2025 by rpki-client