Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8788653b-a487-4ef6-bd5a-bce14a57e001.roa
File: 8788653b-a487-4ef6-bd5a-bce14a57e001.roa (raw, json)
Hash identifier: +CtGAaHYJj7NL5SDBdwIFv9sV29QiNHr5ZVNuIV3AYo=
Subject key identifier: 01:77:CA:C6:E0:8A:EB:0F:D7:C9:CC:A7:50:BF:95:3F:14:D9:A3:17
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 12E9CB4A8D5792B817D34615171B0B87D38179EE
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8788653b-a487-4ef6-bd5a-bce14a57e001.roa
Signing time: Tue 02 Jul 2024 00:00:00 +0000
ROA not before: Tue 02 Jul 2024 00:00:00 +0000
ROA not after: Tue 06 Aug 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:e9:cb:4a:8d:57:92:b8:17:d3:46:15:17:1b:0b:87:d3:81:79:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 2 00:00:00 2024 GMT
Not After : Aug 6 23:59:59 2024 GMT
Subject: serialNumber=df67d801695390757a8b33f7f1146085490c60da89424eae56641baca00efbe0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e6:83:76:8c:28:69:c2:44:6f:fd:ce:89:56:
06:94:6e:49:ab:93:25:fb:2f:a9:b7:7d:70:9c:3f:
9a:dd:66:3b:0a:d1:ed:1c:77:39:ab:43:25:bd:66:
72:79:87:d2:ce:46:ed:15:cb:3a:27:61:52:0e:2e:
c6:cf:b1:58:cd:84:79:8d:d1:f1:86:29:a1:b8:1c:
01:c9:18:34:ab:33:2a:a0:4f:3b:7e:c3:55:73:67:
2b:4f:c4:c3:1b:88:11:be:51:11:3d:1c:69:14:77:
a3:46:91:e6:1b:0d:e2:d4:c0:b3:37:64:e0:69:12:
31:d7:9f:de:0f:8b:50:6a:31:af:38:ee:74:7e:c8:
65:0a:7d:88:21:c9:4f:65:20:f9:d9:76:7a:2e:37:
31:6d:7c:be:97:a9:17:95:1a:ff:42:2c:11:c6:23:
90:d6:ac:f7:43:bb:92:7b:49:ce:22:27:60:70:2e:
c2:fc:e4:19:f3:84:93:a6:e2:0b:b5:ac:68:27:d7:
6c:a5:0b:17:c9:12:e4:76:ee:c0:b6:16:0e:00:b9:
62:bf:71:b8:64:45:92:19:b2:71:19:86:4e:f4:e9:
8d:93:5c:a0:7d:2a:dc:ec:b4:df:64:c7:f7:83:df:
82:6d:7c:15:b0:48:b2:1f:2d:28:8f:82:9f:dd:9e:
98:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:77:CA:C6:E0:8A:EB:0F:D7:C9:CC:A7:50:BF:95:3F:14:D9:A3:17
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8788653b-a487-4ef6-bd5a-bce14a57e001.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:fe:ac:fb:47:39:23:1a:d1:e9:16:03:4e:d5:60:72:40:83:
e0:d6:93:5c:ce:31:2a:0b:8c:ac:06:b9:01:4d:af:c5:bd:28:
b5:09:34:0c:d6:58:d8:3d:a5:40:59:7f:b4:b2:58:89:05:7b:
0e:0d:62:f4:86:6a:83:38:70:0d:33:61:58:15:42:6f:ca:20:
02:15:c9:ea:c4:96:c4:11:8b:7c:44:f3:e7:3a:03:5a:80:f8:
fd:cc:ea:92:92:73:b6:4f:f0:f8:48:1f:c3:79:41:9e:b8:a2:
22:42:3e:3b:e5:d0:1b:92:51:8f:f6:21:2d:59:64:19:17:60:
1a:1b:4a:53:e0:10:85:55:d7:ca:5f:ce:ab:30:35:90:bc:a0:
1d:15:f6:df:ca:fd:0d:68:31:a3:4a:eb:53:4d:d1:a1:d3:0f:
a4:e6:13:a5:05:9f:fe:1d:c4:7c:34:f2:4d:84:6d:61:80:79:
1e:10:c6:99:dc:8e:af:7c:dd:aa:e7:03:ad:84:f7:1f:c2:db:
a6:74:70:bb:20:f5:e6:d7:26:12:3d:bb:a2:d8:b4:19:e3:38:
d8:dd:5c:0e:d9:40:4b:31:77:1f:da:9f:68:3d:b1:44:4e:e6:
16:77:2e:59:9b:d6:30:e9:53:96:fb:d9:35:82:ac:51:19:f7:
9c:04:58:aa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEunLSo1XkrgX00YVFxsLh9OBee4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzAyMDAwMDAwWhcNMjQwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZjY3ZDgwMTY5NTM5MDc1N2E4YjMzZjdmMTE0NjA4NTQ5
MGM2MGRhODk0MjRlYWU1NjY0MWJhY2EwMGVmYmUwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDX5oN2jChpwkRv/c6JVgaUbkmrkyX7L6m3fXCcP5rdZjsK
0e0cdzmrQyW9ZnJ5h9LORu0VyzonYVIOLsbPsVjNhHmN0fGGKaG4HAHJGDSrMyqg
Tzt+w1VzZytPxMMbiBG+URE9HGkUd6NGkeYbDeLUwLM3ZOBpEjHXn94Pi1BqMa84
7nR+yGUKfYghyU9lIPnZdnouNzFtfL6XqReVGv9CLBHGI5DWrPdDu5J7Sc4iJ2Bw
LsL85BnzhJOm4gu1rGgn12ylCxfJEuR27sC2Fg4AuWK/cbhkRZIZsnEZhk706Y2T
XKB9KtzstN9kx/eD34JtfBWwSLIfLSiPgp/dnpjnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAXfKxuCK6w/XycynUL+VPxTZoxcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg3ODg2NTNiLWE0ODctNGVmNi1iZDVhLWJjZTE0YTU3ZTAwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALH+rPtHOSMa0ekWA07VYHJAg+DW
k1zOMSoLjKwGuQFNr8W9KLUJNAzWWNg9pUBZf7SyWIkFew4NYvSGaoM4cA0zYVgV
Qm/KIAIVyerElsQRi3xE8+c6A1qA+P3M6pKSc7ZP8PhIH8N5QZ64oiJCPjvl0BuS
UY/2IS1ZZBkXYBobSlPgEIVV18pfzqswNZC8oB0V9t/K/Q1oMaNK61NN0aHTD6Tm
E6UFn/4dxHw08k2EbWGAeR4Qxpncjq983arnA62E9x/C26Z0cLsg9ebXJhI9u6LY
tBnjONjdXA7ZQEsxdx/an2g9sURO5hZ3Llmb1jDpU5b72TWCrFEZ95wEWKo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:23:42 2025 by rpki-client