Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ca075ac-601c-42b5-8c19-8fdd1b362843.roa
File: 7ca075ac-601c-42b5-8c19-8fdd1b362843.roa (raw, json)
Hash identifier: agKv18krLqmNqcCJU61HEeGSGtcWn9gLxnXqB3g4r9o=
Subject key identifier: AB:92:BB:99:9C:57:43:E2:08:52:7A:01:4A:37:42:73:EF:28:F8:A2
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 70B78A4D103BA45E92C1660B5C542F248C334A60
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ca075ac-601c-42b5-8c19-8fdd1b362843.roa
Signing time: Thu 20 Jul 2023 00:00:00 +0000
ROA not before: Thu 20 Jul 2023 00:00:00 +0000
ROA not after: Thu 24 Aug 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:b7:8a:4d:10:3b:a4:5e:92:c1:66:0b:5c:54:2f:24:8c:33:4a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 20 00:00:00 2023 GMT
Not After : Aug 24 23:59:59 2023 GMT
Subject: serialNumber=1ca313cef55005e4dea5467d371aa53198f78b5ab788a87a0be2e9de19740ba6, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:ff:7c:09:8c:9a:2d:a9:f2:b4:d9:e7:53:
2b:63:b6:1e:81:ec:69:bc:c3:56:06:a3:a9:c1:b1:
08:f8:df:fc:f0:e4:c0:f7:85:30:83:15:e0:a9:03:
e0:55:7e:13:f8:04:8e:ea:d7:52:cd:5c:32:be:f9:
e9:3a:94:5b:67:a0:a9:28:5f:ce:fd:de:5c:3b:9e:
de:c8:ba:ec:55:79:0e:7a:66:50:bf:bb:74:d2:fd:
93:ec:ae:35:0d:2d:47:87:df:16:be:26:2a:e0:86:
29:51:13:2a:21:ba:4f:b2:1b:c2:41:3d:fc:e0:c8:
19:ed:7c:1d:72:53:b9:97:56:ef:4e:f1:0a:db:6a:
01:47:b3:6b:22:e2:56:34:10:e1:f8:f1:53:25:53:
64:0e:34:95:e8:a5:f7:08:a1:fb:23:2c:79:e7:82:
35:98:2a:68:84:32:0c:22:89:95:aa:a8:7f:4e:07:
2e:90:c9:3b:b8:32:5a:67:b0:10:3d:f9:4f:e7:90:
29:da:7c:66:90:3e:f6:9e:af:8c:dd:b8:05:08:e9:
15:44:f9:03:68:f8:30:51:89:c9:2a:ce:e9:b4:cb:
f5:ba:13:9a:cc:07:50:3f:17:ec:17:fb:bf:b4:55:
c0:20:3b:f7:e1:3c:0a:dd:79:ca:97:b8:de:db:b3:
40:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:92:BB:99:9C:57:43:E2:08:52:7A:01:4A:37:42:73:EF:28:F8:A2
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ca075ac-601c-42b5-8c19-8fdd1b362843.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:cb:4c:04:3e:8b:e3:66:f4:90:d0:fb:4c:35:e2:3d:66:3b:
2d:66:e3:8d:24:53:27:76:87:c0:e9:68:66:6c:f4:02:9c:5d:
45:ca:b3:71:f5:78:34:9f:34:43:3f:68:7d:96:83:ab:85:92:
f6:5a:75:3d:1c:c2:e1:1b:db:78:f1:77:5e:1c:2a:02:97:db:
1e:b4:2d:6a:b7:b6:63:7d:08:df:44:5b:df:69:06:7e:fc:f9:
6d:c8:70:82:7d:74:50:fd:3b:74:ee:c0:84:22:5d:11:da:09:
43:ba:22:8c:a8:11:7e:58:3e:3c:bb:62:cc:b2:b8:69:09:71:
5e:0b:26:8a:84:66:32:19:60:9e:ba:53:c2:fa:a0:14:5b:1b:
ee:08:39:ba:15:88:35:02:8a:d3:58:63:86:e8:d5:9b:d1:9f:
75:2a:f4:09:6d:ab:7a:46:45:a3:ea:db:c7:fe:97:f2:f5:e4:
a4:a2:22:78:31:c4:7a:a2:22:57:50:b1:a9:9e:7b:74:6f:a8:
4c:3a:57:04:4c:ab:ce:56:0c:53:60:7d:80:4a:1e:c6:91:39:
c5:f0:e4:6f:e1:6c:f9:cd:94:28:75:4b:44:e8:3c:2b:6e:2f:
6d:13:27:c0:ae:89:be:0c:a9:e3:8f:ee:6d:ce:c6:ed:13:58:
c3:ab:44:3c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcLeKTRA7pF6SwWYLXFQvJIwzSmAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzIwMDAwMDAwWhcNMjMwODI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2EzMTNjZWY1NTAwNWU0ZGVhNTQ2N2QzNzFhYTUzMTk4
Zjc4YjVhYjc4OGE4N2EwYmUyZTlkZTE5NzQwYmE2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChyf98CYyaLanytNnnUytjth6B7Gm8w1YGo6nBsQj43/zw
5MD3hTCDFeCpA+BVfhP4BI7q11LNXDK++ek6lFtnoKkoX8793lw7nt7IuuxVeQ56
ZlC/u3TS/ZPsrjUNLUeH3xa+JirghilREyohuk+yG8JBPfzgyBntfB1yU7mXVu9O
8QrbagFHs2si4lY0EOH48VMlU2QONJXopfcIofsjLHnngjWYKmiEMgwiiZWqqH9O
By6QyTu4MlpnsBA9+U/nkCnafGaQPvaer4zduAUI6RVE+QNo+DBRickqzum0y/W6
E5rMB1A/F+wX+7+0VcAgO/fhPArdecqXuN7bs0B3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUq5K7mZxXQ+IIUnoBSjdCc+8o+KIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdjYTA3NWFjLTYwMWMtNDJiNS04YzE5LThmZGQxYjM2Mjg0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALbLTAQ+i+Nm9JDQ+0w14j1mOy1m
440kUyd2h8DpaGZs9AKcXUXKs3H1eDSfNEM/aH2Wg6uFkvZadT0cwuEb23jxd14c
KgKX2x60LWq3tmN9CN9EW99pBn78+W3IcIJ9dFD9O3TuwIQiXRHaCUO6IoyoEX5Y
Pjy7YsyyuGkJcV4LJoqEZjIZYJ66U8L6oBRbG+4IOboViDUCitNYY4bo1ZvRn3Uq
9Altq3pGRaPq28f+l/L15KSiIngxxHqiIldQsamee3RvqEw6VwRMq85WDFNgfYBK
HsaROcXw5G/hbPnNlCh1S0ToPCtuL20TJ8Cuib4MqeOP7m3Oxu0TWMOrRDw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 17:50:10 2025 by rpki-client