Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7afada9c-009c-48a2-a3e8-157410c844b1.roa
File: 7afada9c-009c-48a2-a3e8-157410c844b1.roa (raw, json)
Hash identifier: j3nTnGMBFMChnecmAzTa3pObSELYC0cgDVlDO09/l6Y=
Subject key identifier: E5:D2:27:48:4F:B6:7C:45:CD:DC:00:4B:1C:05:C0:99:A7:32:E2:DB
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 37CA41DA7E8B131F8FED7B88B2EE46A9E7BBE856
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7afada9c-009c-48a2-a3e8-157410c844b1.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:ca:41:da:7e:8b:13:1f:8f:ed:7b:88:b2:ee:46:a9:e7:bb:e8:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=be187a4a8f4c5ef56e0b0251b07f82c1ae09fa92608e77503028846bdde409de, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9b:7c:d7:2d:84:fd:a1:44:71:c6:8c:3c:07:
3c:9f:f8:5d:a2:9e:fc:30:9e:60:02:4b:a6:74:29:
66:35:66:63:4a:22:ee:85:ed:40:e1:74:ac:16:4e:
0f:4c:6a:22:90:b4:b4:dc:c7:df:02:55:81:00:a7:
30:ad:ad:3e:fb:75:f3:57:60:d0:9e:c9:4a:e4:75:
76:5c:da:a6:24:f8:89:ce:32:da:69:cd:07:ad:3a:
af:ed:21:e1:0f:c9:1f:05:1b:68:f8:d2:e4:89:fb:
c1:d5:fe:dd:f1:4f:4a:ca:dd:d6:e2:90:44:76:6a:
c4:99:7f:58:b0:ff:64:c1:37:2a:82:81:6e:fe:ef:
c8:cc:64:61:7d:43:42:cb:81:7d:5f:f4:7f:34:d9:
67:a4:31:07:41:86:99:7b:80:9e:78:d7:6a:9f:65:
73:39:f7:8b:3f:7a:83:a4:0d:02:73:8a:2f:55:07:
ae:da:d4:9b:46:b5:ef:1b:a8:26:35:21:ad:5b:53:
5a:b1:a6:37:9d:31:4e:43:b4:2c:cb:ca:df:16:b5:
ea:22:55:6c:26:4b:c3:c7:ee:7a:29:f1:51:09:df:
1a:09:d2:3f:73:fb:92:08:2e:d5:d1:a0:68:1a:a1:
5b:6d:16:b1:30:8b:0b:5f:08:ca:e5:7e:83:ea:ac:
d4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D2:27:48:4F:B6:7C:45:CD:DC:00:4B:1C:05:C0:99:A7:32:E2:DB
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7afada9c-009c-48a2-a3e8-157410c844b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:49:31:fa:9f:cd:ac:2d:3f:39:15:5c:e7:b1:6d:8e:1e:5f:
f3:c4:e9:39:c0:64:73:6b:14:20:17:f3:7f:5e:c8:eb:b0:63:
2b:0a:75:91:c3:b1:3a:29:9f:62:dc:f4:72:86:49:fe:99:4c:
6c:84:91:c8:cb:34:48:37:6c:42:2e:62:7e:fd:28:34:c5:a0:
c8:17:d1:fd:8d:92:69:8a:63:5e:d5:17:93:fe:42:cb:b4:f8:
69:1a:e0:78:e9:4e:9a:ba:2c:7f:a1:eb:47:58:aa:36:3d:1a:
24:60:d0:b3:82:36:45:a9:bf:79:e3:e6:85:eb:48:9f:f8:7b:
95:f8:a7:ba:c1:47:d2:8c:18:66:18:76:93:51:c7:4e:65:3e:
d3:b0:ca:be:87:c2:34:0a:fe:de:28:35:c0:e6:4b:81:78:58:
a3:e6:f8:43:dc:a8:d8:a1:12:9d:a9:6a:12:20:33:a9:6a:08:
ac:a0:ef:04:ac:c0:5a:86:55:c5:4c:65:db:07:6f:88:a3:18:
ea:97:5a:ae:7d:bb:8f:ea:68:e5:07:e2:75:77:cf:1c:87:5b:
90:89:aa:c5:3b:bc:0c:fe:cd:a6:fd:d7:c8:de:e3:1c:34:47:
48:dd:b3:1d:5c:8e:0f:3e:12:e2:41:3d:8f:cb:e8:df:43:80:
ac:91:8a:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUN8pB2n6LEx+P7XuIsu5Gqee76FYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTA2MDAwMDAwWhcNMjMxMDExMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTE4N2E0YThmNGM1ZWY1NmUwYjAyNTFiMDdmODJjMWFl
MDlmYTkyNjA4ZTc3NTAzMDI4ODQ2YmRkZTQwOWRlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCym3zXLYT9oURxxow8Bzyf+F2invwwnmACS6Z0KWY1ZmNK
Iu6F7UDhdKwWTg9MaiKQtLTcx98CVYEApzCtrT77dfNXYNCeyUrkdXZc2qYk+InO
MtppzQetOq/tIeEPyR8FG2j40uSJ+8HV/t3xT0rK3dbikER2asSZf1iw/2TBNyqC
gW7+78jMZGF9Q0LLgX1f9H802WekMQdBhpl7gJ5412qfZXM594s/eoOkDQJzii9V
B67a1JtGte8bqCY1Ia1bU1qxpjedMU5DtCzLyt8WteoiVWwmS8PH7nop8VEJ3xoJ
0j9z+5IILtXRoGgaoVttFrEwiwtfCMrlfoPqrNRFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5dInSE+2fEXN3ABLHAXAmacy4tswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdhZmFkYTljLTAwOWMtNDhhMi1hM2U4LTE1NzQxMGM4NDRiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKlJMfqfzawtPzkVXOexbY4eX/PE
6TnAZHNrFCAX839eyOuwYysKdZHDsTopn2Lc9HKGSf6ZTGyEkcjLNEg3bEIuYn79
KDTFoMgX0f2NkmmKY17VF5P+Qsu0+Gka4HjpTpq6LH+h60dYqjY9GiRg0LOCNkWp
v3nj5oXrSJ/4e5X4p7rBR9KMGGYYdpNRx05lPtOwyr6HwjQK/t4oNcDmS4F4WKPm
+EPcqNihEp2pahIgM6lqCKyg7wSswFqGVcVMZdsHb4ijGOqXWq59u4/qaOUH4nV3
zxyHW5CJqsU7vAz+zab918je4xw0R0jdsx1cjg8+EuJBPY/L6N9DgKyRilk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:58 2025 by rpki-client