Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/789ed67f-74a2-4b93-8f96-5ec302df4363.roa
File: 789ed67f-74a2-4b93-8f96-5ec302df4363.roa (raw, json)
Hash identifier: LuehhWty9WhHq7fexNF1bJRKF/4feabKg/Ax7YXKef8=
Subject key identifier: EA:99:F4:00:E7:17:48:46:79:84:D3:30:CE:D7:B3:52:D4:E8:9B:08
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6ADDD17A08F38B0029BC175F662DE16158C8DD3E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/789ed67f-74a2-4b93-8f96-5ec302df4363.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:dd:d1:7a:08:f3:8b:00:29:bc:17:5f:66:2d:e1:61:58:c8:dd:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=d26c592bb0ea7ac072cc9a1267b3ca47f6fffc7ddd20a450ece622b261ed7d17, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:db:ed:16:61:d5:67:cb:f9:35:4b:0d:8a:87:
02:92:ae:49:70:5c:7a:8f:be:4d:0e:01:ad:61:cc:
ac:2d:e1:37:b2:1a:0a:98:93:9d:44:c3:a5:ce:dd:
92:ba:95:d6:1f:36:49:13:bb:a4:37:5e:fc:03:86:
a3:b6:78:3f:c3:0f:b0:1c:e3:64:99:bd:50:3d:9e:
4a:da:ea:e9:3e:37:34:d3:5b:3c:c3:ac:38:e6:88:
35:4b:22:92:71:42:6c:5b:73:e5:29:ee:91:20:25:
a1:a0:45:39:4f:3a:1b:64:f4:27:0f:66:b5:95:43:
51:e4:0a:c0:0a:86:a0:20:66:af:f9:1c:4c:9f:1d:
46:9d:95:31:6b:11:46:65:26:a5:f4:c2:90:63:3d:
09:ce:91:9e:bb:5d:0c:31:96:4e:74:58:7e:db:0e:
73:43:44:74:39:de:f9:89:0e:5d:13:cb:8d:7d:9f:
61:0e:92:38:6b:46:4a:ba:ed:9f:43:b7:5f:9e:24:
40:6d:ba:ce:a2:ac:66:ce:f2:e9:4e:18:5c:0b:5c:
27:60:f7:7a:07:bd:e3:08:31:50:8e:de:16:95:81:
19:ab:ac:62:51:f3:98:e6:ce:ba:59:77:4c:70:e0:
26:da:a8:fc:fe:e3:10:60:8c:ef:87:39:b2:d7:cd:
50:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:99:F4:00:E7:17:48:46:79:84:D3:30:CE:D7:B3:52:D4:E8:9B:08
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/789ed67f-74a2-4b93-8f96-5ec302df4363.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
78:7f:b6:6d:98:ce:57:5c:98:06:5c:d4:42:fc:a0:42:5b:9c:
9d:46:01:a3:33:fc:4f:2e:01:2a:8a:e2:8b:1c:9d:3a:6f:96:
ee:42:de:10:e0:04:64:4f:e9:b5:2f:f1:3d:cf:ab:e5:c5:20:
43:f6:71:1d:82:4c:6e:ce:78:4f:3f:55:ae:c6:a7:d0:e0:5b:
ef:41:d8:67:da:3e:f8:92:db:11:ce:5a:56:39:cf:c4:80:ed:
17:ec:91:5e:0e:14:66:3e:68:a3:32:f5:c4:87:29:98:73:47:
27:29:69:52:6a:e8:1b:46:09:45:fa:9a:92:75:ab:e8:4d:e2:
7a:d3:1e:0c:36:e4:6d:a8:fe:08:35:3d:4d:74:5a:b6:56:f3:
40:8c:50:13:86:99:bd:63:ba:f0:f2:9c:54:01:d4:d6:dc:20:
a1:05:cd:79:4a:ee:c0:89:90:82:84:ce:9c:1d:43:e6:3f:06:
01:9e:e8:e2:8c:ea:a3:41:96:4b:4a:a0:ab:f0:3c:d0:5f:fb:
ff:d3:0a:c0:54:69:35:1c:12:e0:eb:0e:2b:86:04:4e:6c:a8:
38:45:ba:f3:40:45:f1:f9:b2:05:19:38:c2:48:03:17:55:be:
8c:34:61:38:7d:ab:96:6b:f7:52:e3:f2:6f:1a:8c:23:b9:b3:
5b:ad:35:4d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUat3RegjziwApvBdfZi3hYVjI3T4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMjZjNTkyYmIwZWE3YWMwNzJjYzlhMTI2N2IzY2E0N2Y2
ZmZmYzdkZGQyMGE0NTBlY2U2MjJiMjYxZWQ3ZDE3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC92+0WYdVny/k1Sw2KhwKSrklwXHqPvk0OAa1hzKwt4Tey
GgqYk51Ew6XO3ZK6ldYfNkkTu6Q3XvwDhqO2eD/DD7Ac42SZvVA9nkra6uk+NzTT
WzzDrDjmiDVLIpJxQmxbc+Up7pEgJaGgRTlPOhtk9CcPZrWVQ1HkCsAKhqAgZq/5
HEyfHUadlTFrEUZlJqX0wpBjPQnOkZ67XQwxlk50WH7bDnNDRHQ53vmJDl0Ty419
n2EOkjhrRkq67Z9Dt1+eJEBtus6irGbO8ulOGFwLXCdg93oHveMIMVCO3haVgRmr
rGJR85jmzrpZd0xw4CbaqPz+4xBgjO+HObLXzVAJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6pn0AOcXSEZ5hNMwztezUtTomwgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc4OWVkNjdmLTc0YTItNGI5My04Zjk2LTVlYzMwMmRmNDM2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHh/tm2YzldcmAZc1EL8oEJbnJ1G
AaMz/E8uASqK4oscnTpvlu5C3hDgBGRP6bUv8T3Pq+XFIEP2cR2CTG7OeE8/Va7G
p9DgW+9B2GfaPviS2xHOWlY5z8SA7RfskV4OFGY+aKMy9cSHKZhzRycpaVJq6BtG
CUX6mpJ1q+hN4nrTHgw25G2o/gg1PU10WrZW80CMUBOGmb1juvDynFQB1NbcIKEF
zXlK7sCJkIKEzpwdQ+Y/BgGe6OKM6qNBlktKoKvwPNBf+//TCsBUaTUcEuDrDiuG
BE5sqDhFuvNARfH5sgUZOMJIAxdVvow0YTh9q5Zr91Lj8m8ajCO5s1utNU0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:11:05 2025 by rpki-client