Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8864cc72-d3ec-449d-a4b6-a256f61b053c.roa
File: 8864cc72-d3ec-449d-a4b6-a256f61b053c.roa (raw, json)
Hash identifier: mq3gbjoZgFlT1aJ2czaTd9w1sIFnm1iGC/raKCBUOCc=
Subject key identifier: A1:9A:01:74:34:13:F5:71:59:71:1D:A1:0E:29:D7:BC:9E:4C:4D:18
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 1C823FF9132E622E62E13AFFF87F4B7B49ADE9D7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8864cc72-d3ec-449d-a4b6-a256f61b053c.roa
Signing time: Wed 05 Mar 2025 02:23:23 +0000
ROA not before: Wed 05 Mar 2025 02:23:23 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:82:3f:f9:13:2e:62:2e:62:e1:3a:ff:f8:7f:4b:7b:49:ad:e9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 5 02:23:23 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: serialNumber=721e597ee1336bf7f1ae9876b30704c6292003f748d6b43e61a455168b9ff1da, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:96:84:f4:60:e7:78:89:9c:33:4b:fc:2b:
7e:2a:4d:f1:2b:6a:5a:81:9a:a2:58:1b:a3:4b:48:
3d:5d:d7:5d:11:56:38:31:5a:75:20:d4:5b:b1:29:
c7:c5:b3:3b:50:17:4c:22:42:df:63:4f:df:61:62:
a8:55:b1:87:49:6f:d1:1c:ba:78:5a:6c:e1:c6:59:
51:92:bf:03:f2:b5:00:76:08:52:84:ca:ce:7d:69:
df:02:07:85:bd:b2:ee:3a:61:90:36:f1:64:26:4b:
2c:40:0b:3b:80:b9:83:e4:fe:94:17:eb:89:20:83:
27:29:82:01:ae:cd:47:4e:91:16:55:1c:1e:e1:74:
ae:ec:ec:51:e1:ab:f6:51:1f:de:09:f2:48:df:0d:
f5:8d:4a:01:02:b1:9b:f3:48:5b:3b:75:14:d0:b3:
85:6f:a3:e6:9d:4a:88:79:a9:3f:2e:5f:4d:3f:0a:
92:a9:29:11:0c:52:a6:97:4e:50:9f:0c:29:90:a5:
65:8f:03:b6:ce:bb:37:d8:d7:57:15:59:92:f0:5d:
3b:fb:4d:5a:3d:d1:65:d3:70:c6:c6:a7:8e:5b:db:
bb:87:00:77:ad:23:25:4a:8f:89:94:34:10:2e:6c:
6e:98:03:ae:34:10:7b:72:a5:8a:38:69:3e:ae:50:
90:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9A:01:74:34:13:F5:71:59:71:1D:A1:0E:29:D7:BC:9E:4C:4D:18
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8864cc72-d3ec-449d-a4b6-a256f61b053c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:1b:24:a5:89:40:0c:9d:62:a4:c5:81:93:b5:27:71:c9:6f:
43:41:98:c9:78:e5:69:6d:c0:79:d5:8f:39:4f:b5:c6:0a:fe:
1d:44:91:58:16:e8:a0:cd:b6:9f:e3:23:a4:ec:8e:43:8b:eb:
7d:f7:40:25:7f:be:09:e3:36:62:a1:18:3b:8e:8f:ab:03:78:
a5:79:0d:31:ee:c4:02:45:8e:ae:a7:14:72:c7:4f:02:0a:89:
e3:99:4a:10:eb:2e:0f:97:5b:2a:c5:78:d5:4e:4a:d7:f5:7f:
b8:f6:82:00:d7:b7:d8:a0:89:f7:47:6b:4b:c6:cb:64:bb:8a:
f4:0d:0e:ec:8c:8d:be:9f:01:14:9e:8e:71:67:46:9c:c9:9e:
ad:ab:16:4f:5f:5c:7e:fc:ee:fd:2e:f8:bf:3b:d5:ef:b4:77:
e4:56:a5:0a:41:7f:88:99:a6:18:ea:24:da:f5:1f:02:26:07:
74:ea:96:0c:a5:b5:17:28:19:ba:f7:b0:01:f4:f3:be:fb:68:
3a:bf:c3:bc:2c:b0:f2:25:b4:8d:19:35:6b:12:ac:59:2e:94:
97:68:6a:b6:f1:bc:22:3f:d8:9e:02:38:bc:af:d7:fb:c0:7a:
ef:7f:91:6a:40:75:7e:22:01:e8:62:ea:2f:7d:56:01:51:cc:
34:53:72:de
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHII/+RMuYi5i4Tr/+H9Le0mt6dcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzA1MDIyMzIzWhcNMjUwNDA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjFlNTk3ZWUxMzM2YmY3ZjFhZTk4NzZiMzA3MDRjNjI5
MjAwM2Y3NDhkNmI0M2U2MWE0NTUxNjhiOWZmMWRhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCufpaE9GDneImcM0v8K34qTfEralqBmqJYG6NLSD1d110R
VjgxWnUg1FuxKcfFsztQF0wiQt9jT99hYqhVsYdJb9EcunhabOHGWVGSvwPytQB2
CFKEys59ad8CB4W9su46YZA28WQmSyxACzuAuYPk/pQX64kggycpggGuzUdOkRZV
HB7hdK7s7FHhq/ZRH94J8kjfDfWNSgECsZvzSFs7dRTQs4Vvo+adSoh5qT8uX00/
CpKpKREMUqaXTlCfDCmQpWWPA7bOuzfY11cVWZLwXTv7TVo90WXTcMbGp45b27uH
AHetIyVKj4mUNBAubG6YA640EHtypYo4aT6uUJCBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoZoBdDQT9XFZcR2hDinXvJ5MTRgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg4NjRjYzcyLWQzZWMtNDQ5ZC1hNGI2LWEyNTZmNjFiMDUzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALYbJKWJQAydYqTFgZO1J3HJb0NB
mMl45WltwHnVjzlPtcYK/h1EkVgW6KDNtp/jI6TsjkOL6333QCV/vgnjNmKhGDuO
j6sDeKV5DTHuxAJFjq6nFHLHTwIKieOZShDrLg+XWyrFeNVOStf1f7j2ggDXt9ig
ifdHa0vGy2S7ivQNDuyMjb6fARSejnFnRpzJnq2rFk9fXH787v0u+L871e+0d+RW
pQpBf4iZphjqJNr1HwImB3TqlgyltRcoGbr3sAH08777aDq/w7wssPIltI0ZNWsS
rFkulJdoarbxvCI/2J4COLyv1/vAeu9/kWpAdX4iAehi6i99VgFRzDRTct4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:56:41 2025 by rpki-client