Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7f248c35-1760-4f74-aae9-7f0e2233d5bd.roa
File: 7f248c35-1760-4f74-aae9-7f0e2233d5bd.roa (raw, json)
Hash identifier: eELU5MAmMsIXmvVbCYXuLSJ8rPKDwSol4fYRbUhjE5o=
Subject key identifier: 39:32:7D:EA:F8:87:63:41:A1:06:2E:01:C3:3A:3E:5C:42:40:65:2A
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 52180703497E7C060F11212B7F1454EDD74589B4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7f248c35-1760-4f74-aae9-7f0e2233d5bd.roa
Signing time: Wed 12 Feb 2025 00:00:00 +0000
ROA not before: Wed 12 Feb 2025 00:00:00 +0000
ROA not after: Wed 19 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:18:07:03:49:7e:7c:06:0f:11:21:2b:7f:14:54:ed:d7:45:89:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 12 00:00:00 2025 GMT
Not After : Mar 19 23:59:59 2025 GMT
Subject: serialNumber=eee7a2e96bc2fd4b0643a6835c5fcfa6d295ca2a74fc48489ea97e0843e3e19c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:dc:32:72:65:db:d8:14:90:ea:03:e9:4d:a6:
f7:83:a3:0f:c3:a5:a1:19:23:66:cc:9b:ee:b4:73:
78:20:70:16:69:a1:22:f3:31:3b:3c:e0:62:de:9e:
10:d1:15:55:77:00:7e:48:3e:63:08:b2:fc:4e:1a:
d8:b9:5b:01:02:2d:aa:67:55:fd:80:20:74:76:90:
5d:8a:c7:dd:0b:e8:ca:f7:ad:fa:2b:d1:29:08:57:
b5:54:b1:91:d7:11:3d:0b:08:cc:34:4c:04:5d:36:
1a:9e:4b:0a:bc:e0:cf:d6:77:97:02:ab:02:71:88:
89:75:c9:39:ca:92:dd:08:48:44:76:96:e4:65:17:
8a:1a:74:45:56:9e:af:39:1d:3f:74:58:da:3f:57:
94:be:03:95:d4:99:28:e9:22:02:d7:9c:76:2b:2b:
ff:ea:86:cc:41:5c:62:fd:8a:73:88:a7:2b:dc:a4:
cb:1f:0c:5f:6d:e6:18:ed:d6:1e:c0:c2:36:f1:66:
d6:5b:f2:44:96:78:ff:14:15:d2:05:ba:ab:96:bd:
88:2e:2c:53:be:2c:c1:22:11:19:f1:98:d6:ef:ad:
03:75:6d:34:62:1c:fa:58:e1:65:f3:f3:e4:93:84:
72:67:1f:bd:68:88:4f:d8:d5:cb:f3:4d:56:fb:5b:
52:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:32:7D:EA:F8:87:63:41:A1:06:2E:01:C3:3A:3E:5C:42:40:65:2A
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7f248c35-1760-4f74-aae9-7f0e2233d5bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
02:c8:57:2e:e0:f4:bc:c8:c1:ad:f9:67:6e:b8:c8:c1:9d:54:
90:09:a4:11:82:f4:72:44:02:a9:fb:80:1a:ab:0e:17:44:45:
3c:fd:7a:47:74:4f:37:1c:22:59:e8:dc:49:9c:1a:71:db:f0:
1e:2e:6b:05:2d:74:58:6e:10:4a:ba:1e:03:68:9a:77:09:e4:
f9:34:7a:34:43:88:a5:ce:12:4c:6f:d6:f9:3b:7b:c4:e3:bd:
bf:40:77:80:5a:94:ff:10:8c:83:62:ca:94:09:51:1b:74:a3:
9a:f0:8d:70:2c:61:41:5d:45:f2:2c:c6:c0:76:39:c8:d9:98:
1d:81:d4:55:ad:56:d3:0c:e2:e5:d0:76:6e:2b:51:1b:e9:3c:
70:cd:1d:4c:f2:bf:19:30:05:86:24:00:0e:7a:6a:83:fc:ba:
7c:bc:73:06:21:80:89:42:53:73:91:78:76:b9:52:31:c8:bf:
48:6e:4e:2d:4f:8f:6c:07:13:35:66:c9:07:2b:7b:10:0b:5e:
78:2d:25:68:ce:0f:c0:6d:bd:18:34:1e:8e:95:3d:2b:00:47:
2a:d9:61:90:75:30:5b:5c:dc:e9:5d:72:60:fa:de:13:71:c9:
62:24:6a:ea:1c:4d:28:a2:2c:bc:e7:9c:05:e2:a1:bb:4b:95:
0d:32:e2:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUhgHA0l+fAYPESErfxRU7ddFibQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjEyMDAwMDAwWhcNMjUwMzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZWU3YTJlOTZiYzJmZDRiMDY0M2E2ODM1YzVmY2ZhNmQy
OTVjYTJhNzRmYzQ4NDg5ZWE5N2UwODQzZTNlMTljMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCw3DJyZdvYFJDqA+lNpveDow/DpaEZI2bMm+60c3ggcBZp
oSLzMTs84GLenhDRFVV3AH5IPmMIsvxOGti5WwECLapnVf2AIHR2kF2Kx90L6Mr3
rfor0SkIV7VUsZHXET0LCMw0TARdNhqeSwq84M/Wd5cCqwJxiIl1yTnKkt0ISER2
luRlF4oadEVWnq85HT90WNo/V5S+A5XUmSjpIgLXnHYrK//qhsxBXGL9inOIpyvc
pMsfDF9t5hjt1h7AwjbxZtZb8kSWeP8UFdIFuquWvYguLFO+LMEiERnxmNbvrQN1
bTRiHPpY4WXz8+SThHJnH71oiE/Y1cvzTVb7W1LvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOTJ96viHY0GhBi4Bwzo+XEJAZSowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdmMjQ4YzM1LTE3NjAtNGY3NC1hYWU5LTdmMGUyMjMzZDViZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAALIVy7g9LzIwa35Z264yMGdVJAJ
pBGC9HJEAqn7gBqrDhdERTz9ekd0TzccIlno3EmcGnHb8B4uawUtdFhuEEq6HgNo
mncJ5Pk0ejRDiKXOEkxv1vk7e8Tjvb9Ad4BalP8QjINiypQJURt0o5rwjXAsYUFd
RfIsxsB2OcjZmB2B1FWtVtMM4uXQdm4rURvpPHDNHUzyvxkwBYYkAA56aoP8uny8
cwYhgIlCU3OReHa5UjHIv0huTi1Pj2wHEzVmyQcrexALXngtJWjOD8BtvRg0Ho6V
PSsARyrZYZB1MFtc3OldcmD63hNxyWIkauocTSiiLLznnAXiobtLlQ0y4nw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:10:59 2025 by rpki-client