Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7730e53c-89b2-45a4-bc7f-f54674e2cef7.roa
File: 7730e53c-89b2-45a4-bc7f-f54674e2cef7.roa (raw, json)
Hash identifier: aHcz+iiVH33OE/T5LcK1vAZcuSsRbnduT72VApLgBUU=
Subject key identifier: DF:14:E0:AF:74:8F:86:F4:71:EB:B0:0C:AF:E5:02:4F:CF:1C:9E:62
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2B1F8B80EF70471E7A231BE8B1389019A80BBB21
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7730e53c-89b2-45a4-bc7f-f54674e2cef7.roa
Signing time: Sat 10 Feb 2024 00:00:00 +0000
ROA not before: Sat 10 Feb 2024 00:00:00 +0000
ROA not after: Sat 16 Mar 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:1f:8b:80:ef:70:47:1e:7a:23:1b:e8:b1:38:90:19:a8:0b:bb:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 10 00:00:00 2024 GMT
Not After : Mar 16 23:59:59 2024 GMT
Subject: serialNumber=ca2b50e7eb84d0f9cbcf717b3e763bae1681394aef5b6ad4211f4602bf6f83b4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e7:cc:5b:f6:b7:b8:34:23:b0:3b:ab:9f:dd:
5f:75:f1:c6:f0:00:1a:4e:2a:c4:71:41:aa:a8:f4:
25:8c:33:38:1b:12:90:20:90:ce:a8:0c:ba:71:ec:
1f:17:e0:1f:3c:9a:19:56:1b:13:70:b3:39:a7:0d:
ec:88:cd:6f:76:fc:13:8e:6b:06:76:a0:87:09:5e:
1a:9e:db:9a:cb:14:f8:3a:22:2b:af:32:13:98:f1:
e4:60:46:08:ad:76:40:41:43:49:a1:26:0b:15:74:
1f:f9:92:20:22:d6:3d:5f:87:b6:e6:16:4b:8b:fb:
9c:c7:72:34:96:6f:4f:36:29:36:0e:35:78:c0:ff:
73:d1:2c:96:df:a5:7a:3d:b6:3b:6b:7f:8d:8e:c7:
e6:a4:38:e2:75:3b:6f:41:5d:91:92:34:fc:ee:43:
29:9d:d8:b1:d7:99:05:ba:b2:74:73:8f:80:53:8c:
74:3f:b4:aa:99:67:8b:55:f7:49:ca:1d:cd:90:b4:
63:ca:25:48:08:e6:50:ea:98:8c:79:2a:f2:4b:00:
7e:ca:06:2e:bc:4c:a7:5d:46:2e:bb:da:c8:a8:53:
8d:ba:f6:35:1a:5f:fd:60:5a:09:90:07:3b:e7:98:
89:20:7c:dd:7e:6d:6d:b0:fe:1b:cb:02:a0:50:68:
0a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:14:E0:AF:74:8F:86:F4:71:EB:B0:0C:AF:E5:02:4F:CF:1C:9E:62
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7730e53c-89b2-45a4-bc7f-f54674e2cef7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:34:02:23:65:07:7c:05:16:91:6c:90:f0:03:79:55:16:10:
52:27:98:04:c1:ed:be:22:a6:a0:40:77:2b:6c:d5:57:e0:82:
d9:69:4d:ef:6d:b5:2b:7b:34:50:b2:ca:e5:dd:e2:5e:43:df:
52:d2:5e:75:ae:84:d5:45:fd:1f:51:cd:a8:27:1f:c7:48:65:
0d:1d:4d:45:7b:60:b9:99:00:c0:e6:7e:4d:52:33:ca:c2:14:
fa:94:b3:ec:f3:46:2a:83:35:e7:1d:db:23:a7:24:76:8c:4b:
1d:ba:49:ae:2e:80:60:5e:75:c3:a7:5b:f0:6f:1c:31:4d:c5:
69:af:66:e4:48:c6:aa:22:f5:f8:99:ce:60:07:cf:0f:98:70:
6c:c3:b7:b4:4a:c6:65:23:35:99:8c:49:b3:81:bf:af:46:3a:
4f:6a:73:5f:ca:eb:47:d8:34:87:40:dd:89:0f:bc:00:51:36:
ca:1e:91:44:e4:d3:d0:cd:9e:dd:1f:7a:1f:53:b2:8e:3b:bc:
f4:62:8e:7e:50:5e:9f:fb:44:83:57:64:8a:82:82:02:59:8f:
48:b7:de:94:fa:23:c7:69:94:e6:fc:7c:66:84:49:9c:5d:d9:
ec:f0:45:b0:ec:98:a5:10:be:27:26:29:21:65:d5:9c:b1:75:
69:b0:06:61
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKx+LgO9wRx56IxvosTiQGagLuyEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMjEwMDAwMDAwWhcNMjQwMzE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTJiNTBlN2ViODRkMGY5Y2JjZjcxN2IzZTc2M2JhZTE2
ODEzOTRhZWY1YjZhZDQyMTFmNDYwMmJmNmY4M2I0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI58xb9re4NCOwO6uf3V918cbwABpOKsRxQaqo9CWMMzgb
EpAgkM6oDLpx7B8X4B88mhlWGxNwszmnDeyIzW92/BOOawZ2oIcJXhqe25rLFPg6
IiuvMhOY8eRgRgitdkBBQ0mhJgsVdB/5kiAi1j1fh7bmFkuL+5zHcjSWb082KTYO
NXjA/3PRLJbfpXo9tjtrf42Ox+akOOJ1O29BXZGSNPzuQymd2LHXmQW6snRzj4BT
jHQ/tKqZZ4tV90nKHc2QtGPKJUgI5lDqmIx5KvJLAH7KBi68TKddRi672sioU426
9jUaX/1gWgmQBzvnmIkgfN1+bW2w/hvLAqBQaAr/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3xTgr3SPhvRx67AMr+UCT88cnmIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc3MzBlNTNjLTg5YjItNDVhNC1iYzdmLWY1NDY3NGUyY2VmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADs0AiNlB3wFFpFskPADeVUWEFIn
mATB7b4ipqBAdyts1VfggtlpTe9ttSt7NFCyyuXd4l5D31LSXnWuhNVF/R9Rzagn
H8dIZQ0dTUV7YLmZAMDmfk1SM8rCFPqUs+zzRiqDNecd2yOnJHaMSx26Sa4ugGBe
dcOnW/BvHDFNxWmvZuRIxqoi9fiZzmAHzw+YcGzDt7RKxmUjNZmMSbOBv69GOk9q
c1/K60fYNIdA3YkPvABRNsoekUTk09DNnt0feh9Tso47vPRijn5QXp/7RINXZIqC
ggJZj0i33pT6I8dplOb8fGaESZxd2ezwRbDsmKUQvicmKSFl1ZyxdWmwBmE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:58:47 2025 by rpki-client