Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ed08ce7-c854-438a-a074-7186e717fb41.roa
File: 7ed08ce7-c854-438a-a074-7186e717fb41.roa (raw, json)
Hash identifier: gpHix4HusqOLnjT0gd9GaYX63Eiopd9wUc1PItg0/bA=
Subject key identifier: 55:FB:D7:9D:63:F8:AB:F6:CB:C1:47:B7:D6:5F:5F:16:8F:6C:FB:5E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3F20401A9A7DB44304D428E3CF1B4D34790EC5E7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ed08ce7-c854-438a-a074-7186e717fb41.roa
Signing time: Fri 01 Sep 2023 00:00:00 +0000
ROA not before: Fri 01 Sep 2023 00:00:00 +0000
ROA not after: Fri 06 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:20:40:1a:9a:7d:b4:43:04:d4:28:e3:cf:1b:4d:34:79:0e:c5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 1 00:00:00 2023 GMT
Not After : Oct 6 23:59:59 2023 GMT
Subject: serialNumber=3d829a4717791f096b2ace04e43cfd49f8415865f9a4980be731ec42c3e67a2d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b4:4b:75:a0:65:0f:61:80:0b:8e:89:7b:0f:
39:bd:79:f6:5f:1c:f5:fc:95:56:96:8a:47:df:7a:
35:09:53:d8:9c:49:9d:68:e9:53:db:1a:6b:0e:e4:
26:df:74:92:0e:91:ae:dc:41:b8:24:20:02:c6:24:
15:0d:71:12:dc:ab:a4:64:85:81:81:53:53:93:b6:
6f:87:5b:4c:c7:e1:db:94:57:f3:37:3c:6b:a5:27:
5e:44:49:6e:b5:49:3a:e7:fe:83:52:21:ba:f8:55:
19:cc:02:60:2e:90:77:dc:76:27:c4:c7:fa:b6:0b:
1c:38:9f:e8:c4:27:23:4b:ae:9e:f4:2f:0e:32:12:
92:f9:17:16:3e:f3:8f:04:60:c5:6a:4b:29:80:33:
1d:da:0a:74:f9:ad:32:3f:47:2a:2b:45:e9:0a:32:
57:72:05:69:23:a2:2b:38:7d:07:89:3c:7b:b0:3a:
6b:b6:64:f4:82:4b:2e:d8:20:86:f8:a4:d7:8e:77:
fe:c4:f1:07:70:39:00:1b:69:d4:30:52:e0:89:d3:
52:b2:d2:db:e2:4e:aa:9b:c1:d3:ab:7f:cc:a1:8b:
c5:77:2a:02:38:30:12:f9:e2:53:05:55:cb:ed:f2:
59:21:6a:d6:46:ea:d1:29:20:4b:2c:53:e2:71:3a:
70:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FB:D7:9D:63:F8:AB:F6:CB:C1:47:B7:D6:5F:5F:16:8F:6C:FB:5E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ed08ce7-c854-438a-a074-7186e717fb41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
97:0f:f4:21:7b:17:0c:ae:e4:c4:72:16:3e:a2:8d:c9:2a:11:
56:b6:00:35:e8:9d:72:ec:2b:1e:8f:c4:a4:93:e5:73:1f:e8:
ad:41:94:4b:90:0a:4d:a3:a1:8a:fd:ce:f8:7f:44:08:1e:f3:
54:48:9a:fb:04:c2:87:a1:8e:91:2c:14:f1:79:1b:5b:41:e1:
7f:6c:fe:d2:ea:a8:da:42:dc:8d:21:ab:13:7a:3c:ff:95:67:
3d:d7:5d:ea:ab:9c:92:0c:17:8b:d9:40:8e:49:e1:d7:56:03:
17:4c:e7:a6:36:64:61:80:7b:df:0e:3d:d3:e3:1f:06:f7:f7:
a0:d0:19:2e:71:93:8e:fc:29:97:e9:3d:00:c1:dd:e1:32:6e:
f3:66:8d:a1:83:24:1f:31:a5:db:e0:ea:f4:36:29:2f:7e:9d:
6f:6f:19:2b:8a:46:c6:13:94:df:6d:40:0e:72:27:65:93:9e:
eb:cc:b4:c0:f5:23:d3:74:c1:47:16:f7:a1:64:f2:4d:5b:91:
8d:50:f4:f8:a7:24:b5:cf:33:93:2e:7b:f5:d7:19:5c:52:09:
c3:c6:7f:fb:93:41:ea:d3:a1:b9:8e:93:85:c2:ef:85:ec:65:
67:32:52:67:91:2a:5b:47:82:5f:26:70:64:30:f8:0e:0d:b7:
c6:7e:b8:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPyBAGpp9tEME1CjjzxtNNHkOxecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTAxMDAwMDAwWhcNMjMxMDA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZDgyOWE0NzE3NzkxZjA5NmIyYWNlMDRlNDNjZmQ0OWY4
NDE1ODY1ZjlhNDk4MGJlNzMxZWM0MmMzZTY3YTJkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXtEt1oGUPYYALjol7Dzm9efZfHPX8lVaWikffejUJU9ic
SZ1o6VPbGmsO5CbfdJIOka7cQbgkIALGJBUNcRLcq6RkhYGBU1OTtm+HW0zH4duU
V/M3PGulJ15ESW61STrn/oNSIbr4VRnMAmAukHfcdifEx/q2Cxw4n+jEJyNLrp70
Lw4yEpL5FxY+848EYMVqSymAMx3aCnT5rTI/RyorRekKMldyBWkjois4fQeJPHuw
Omu2ZPSCSy7YIIb4pNeOd/7E8QdwOQAbadQwUuCJ01Ky0tviTqqbwdOrf8yhi8V3
KgI4MBL54lMFVcvt8lkhatZG6tEpIEssU+JxOnB1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVfvXnWP4q/bLwUe31l9fFo9s+14wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdlZDA4Y2U3LWM4NTQtNDM4YS1hMDc0LTcxODZlNzE3ZmI0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJcP9CF7Fwyu5MRyFj6ijckqEVa2
ADXonXLsKx6PxKST5XMf6K1BlEuQCk2joYr9zvh/RAge81RImvsEwoehjpEsFPF5
G1tB4X9s/tLqqNpC3I0hqxN6PP+VZz3XXeqrnJIMF4vZQI5J4ddWAxdM56Y2ZGGA
e98OPdPjHwb396DQGS5xk478KZfpPQDB3eEybvNmjaGDJB8xpdvg6vQ2KS9+nW9v
GSuKRsYTlN9tQA5yJ2WTnuvMtMD1I9N0wUcW96Fk8k1bkY1Q9PinJLXPM5Mue/XX
GVxSCcPGf/uTQerTobmOk4XC74XsZWcyUmeRKltHgl8mcGQw+A4Nt8Z+uGA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:19:31 2025 by rpki-client