Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/72e249bd-3eef-46c0-8f18-1395e1082092.roa
File: 72e249bd-3eef-46c0-8f18-1395e1082092.roa (raw, json)
Hash identifier: S5yrSSQbhMjWMEtqq9iDb5nalK3IX3zyK8F+Lq+WOIE=
Subject key identifier: 02:BF:42:2D:AB:88:12:91:93:DD:1E:6F:17:59:01:8E:05:84:12:1F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 399CC0BD08D2D679D587813C1FAACBFA14B020D7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/72e249bd-3eef-46c0-8f18-1395e1082092.roa
Signing time: Wed 20 Dec 2023 00:00:00 +0000
ROA not before: Wed 20 Dec 2023 00:00:00 +0000
ROA not after: Wed 24 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:9c:c0:bd:08:d2:d6:79:d5:87:81:3c:1f:aa:cb:fa:14:b0:20:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 20 00:00:00 2023 GMT
Not After : Jan 24 23:59:59 2024 GMT
Subject: serialNumber=ec9648a61767ae9dc694e4c8173406be0cdb50b50c5ab900dbccf58ee1347e96, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2c:26:46:b0:10:d1:6d:a1:30:f0:e1:6f:7c:
97:0a:39:fa:88:3f:2a:ab:1c:45:27:f3:eb:3a:cb:
81:a4:d8:54:25:ce:13:59:e3:36:2d:e2:28:11:e4:
07:a6:f1:0d:c9:0d:d7:b3:66:6b:a1:c7:d0:fc:93:
de:89:57:00:c7:fd:02:19:b7:83:ba:33:be:2b:2c:
8f:58:15:27:78:a8:3f:91:4d:fe:62:60:99:f0:da:
0c:c5:b1:bd:c3:8e:16:4f:de:fe:8e:47:4e:97:69:
38:d9:de:c3:7f:9e:f6:27:38:bf:95:d7:3d:cc:8e:
58:73:7d:86:ed:54:39:27:90:6b:4f:1f:c4:a7:5c:
a1:be:26:1e:a7:18:83:d3:1a:9d:7a:90:f4:a2:47:
05:a4:87:3d:70:68:12:d8:21:eb:16:57:26:05:d6:
15:45:92:a0:fc:7c:61:f4:6a:b1:de:13:4f:71:54:
ab:04:e3:3d:66:6b:bd:b0:c9:9d:a2:c5:0a:34:3a:
40:8d:d6:e0:a8:a4:c6:29:66:a8:bb:66:11:09:8c:
d7:02:a2:f1:7e:70:78:f3:ea:28:fa:6b:58:b3:81:
dd:3f:a8:50:36:56:a9:ef:9a:29:c9:b6:51:96:ee:
8c:ee:d5:f2:45:a0:71:5a:0e:d1:7c:40:a1:96:e8:
96:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BF:42:2D:AB:88:12:91:93:DD:1E:6F:17:59:01:8E:05:84:12:1F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/72e249bd-3eef-46c0-8f18-1395e1082092.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:1b:cc:26:22:44:ef:55:63:2c:43:33:14:a2:dd:6d:61:19:
1d:3c:f3:0d:98:7a:a0:22:86:5e:79:99:87:b5:9b:01:ee:d6:
f8:8a:76:53:77:3c:8e:18:bd:06:f1:24:a8:b3:bc:87:0b:11:
9b:37:67:51:60:dc:cf:74:bf:2e:08:71:50:99:28:5c:f2:e3:
4e:3a:91:fa:8e:df:1b:47:b6:79:56:e6:39:b0:a3:8b:c4:50:
ae:17:9e:24:c9:12:07:47:ca:90:aa:92:dc:97:c2:1b:b9:4e:
78:74:ed:bc:18:c7:09:8f:cb:cb:89:73:29:e3:a7:c5:55:06:
4b:3a:7a:3a:18:d9:2c:61:bb:0e:18:41:89:4f:ae:25:38:3d:
ed:88:d1:7c:10:46:3f:23:ec:b1:d4:ab:08:ec:1a:77:2f:bf:
2f:b0:d1:c2:ad:a0:ac:59:ed:a5:b7:57:5d:71:a7:8e:a9:e2:
df:ec:a7:3e:d4:a5:7c:2c:c7:2d:fc:ed:0f:4b:9c:41:16:a3:
88:b5:b7:54:dd:6d:ac:51:61:0e:f0:14:8f:14:18:de:2f:27:
45:f2:ec:9b:5f:8b:fd:bb:46:4c:35:25:4d:60:6f:f4:5b:e6:
d2:81:17:08:af:a3:c4:f7:71:a1:c5:99:c2:c4:62:31:ea:89:
08:ea:1d:6e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOZzAvQjS1nnVh4E8H6rL+hSwINcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIwMDAwMDAwWhcNMjQwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYzk2NDhhNjE3NjdhZTlkYzY5NGU0YzgxNzM0MDZiZTBj
ZGI1MGI1MGM1YWI5MDBkYmNjZjU4ZWUxMzQ3ZTk2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXLCZGsBDRbaEw8OFvfJcKOfqIPyqrHEUn8+s6y4Gk2FQl
zhNZ4zYt4igR5Aem8Q3JDdezZmuhx9D8k96JVwDH/QIZt4O6M74rLI9YFSd4qD+R
Tf5iYJnw2gzFsb3DjhZP3v6OR06XaTjZ3sN/nvYnOL+V1z3MjlhzfYbtVDknkGtP
H8SnXKG+Jh6nGIPTGp16kPSiRwWkhz1waBLYIesWVyYF1hVFkqD8fGH0arHeE09x
VKsE4z1ma72wyZ2ixQo0OkCN1uCopMYpZqi7ZhEJjNcCovF+cHjz6ij6a1izgd0/
qFA2VqnvminJtlGW7ozu1fJFoHFaDtF8QKGW6JadAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAr9CLauIEpGT3R5vF1kBjgWEEh8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcyZTI0OWJkLTNlZWYtNDZjMC04ZjE4LTEzOTVlMTA4MjA5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAB0bzCYiRO9VYyxDMxSi3W1hGR08
8w2YeqAihl55mYe1mwHu1viKdlN3PI4YvQbxJKizvIcLEZs3Z1Fg3M90vy4IcVCZ
KFzy4046kfqO3xtHtnlW5jmwo4vEUK4XniTJEgdHypCqktyXwhu5Tnh07bwYxwmP
y8uJcynjp8VVBks6ejoY2Sxhuw4YQYlPriU4Pe2I0XwQRj8j7LHUqwjsGncvvy+w
0cKtoKxZ7aW3V11xp46p4t/spz7UpXwsxy387Q9LnEEWo4i1t1TdbaxRYQ7wFI8U
GN4vJ0Xy7Jtfi/27Rkw1JU1gb/Rb5tKBFwivo8T3caHFmcLEYjHqiQjqHW4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:20:00 2025 by rpki-client