Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/888cb0dc-007f-4d09-8e11-02c465e62580.roa
File: 888cb0dc-007f-4d09-8e11-02c465e62580.roa (raw, json)
Hash identifier: OMssv050BGD/oanUCuZ/d0k59g6pm94YLQIz6rxHxww=
Subject key identifier: 7A:E8:20:7E:2E:13:AA:A4:F3:98:00:11:01:0C:A1:BC:BB:8E:9F:CB
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6BA8D17106EAB6DA9E1BAF011A2CC0CD9C0D9F02
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/888cb0dc-007f-4d09-8e11-02c465e62580.roa
Signing time: Wed 20 Sep 2023 00:00:00 +0000
ROA not before: Wed 20 Sep 2023 00:00:00 +0000
ROA not after: Wed 25 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:a8:d1:71:06:ea:b6:da:9e:1b:af:01:1a:2c:c0:cd:9c:0d:9f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 20 00:00:00 2023 GMT
Not After : Oct 25 23:59:59 2023 GMT
Subject: serialNumber=9d411d1c45492c5e17a5b9c64b33980dca15dd06a71df687687da71cbdc7d1bb, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:50:a8:82:41:3e:df:3d:d8:6d:99:1e:62:63:
89:0e:ca:d0:d3:3f:0e:de:bf:4f:92:71:64:29:a7:
c1:e5:b1:4c:1d:1f:41:ea:a2:bd:04:52:01:8e:94:
e2:db:58:4a:29:1f:dc:85:a3:ce:42:bb:f8:e1:23:
0b:b4:f6:b6:52:73:19:49:31:1a:7a:ac:48:21:92:
ee:9e:44:19:b2:b7:63:4d:3b:fd:45:df:9a:63:b3:
90:c6:c8:cf:79:1a:35:fc:01:98:a7:90:91:49:ed:
d6:3c:59:ea:e4:cb:2c:a8:c1:9c:41:9b:c7:13:83:
25:c5:ca:b6:e5:ef:e9:9f:58:bf:13:87:43:26:7f:
66:6b:ed:57:40:da:8f:15:c6:d1:19:9b:a0:4b:08:
3d:62:d0:c4:e1:8e:04:41:70:65:04:18:a1:4e:66:
42:75:bd:40:ba:ad:88:ec:a3:39:ca:5e:69:ec:75:
42:5e:bc:eb:e3:c8:0e:51:8e:6f:22:55:ee:60:63:
d9:aa:ff:2f:1d:08:37:be:f5:00:dd:e8:db:e9:c0:
e2:09:45:ba:35:20:71:bf:67:d3:51:96:5c:42:bf:
db:79:d7:03:d5:53:83:40:cf:95:c7:29:c0:3e:1e:
e7:cb:0d:57:47:fb:71:23:bb:c9:79:e0:ad:1a:87:
e5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E8:20:7E:2E:13:AA:A4:F3:98:00:11:01:0C:A1:BC:BB:8E:9F:CB
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/888cb0dc-007f-4d09-8e11-02c465e62580.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:ec:7f:86:e5:ac:97:b1:a5:23:aa:2e:20:d4:55:8f:95:9e:
eb:bb:f8:59:85:eb:d1:83:20:03:29:45:f3:bd:be:1c:31:96:
9f:42:27:d5:38:dc:b9:0d:8d:de:4b:ce:f4:15:a8:e2:2d:3e:
10:3f:ad:fa:1a:48:9e:f8:c7:dc:94:7c:10:2d:4e:87:b7:0a:
7e:95:37:7e:97:61:98:18:70:a4:ff:5f:bc:bc:91:4f:20:24:
42:a6:32:cd:36:00:26:df:2f:12:c0:fb:ca:f7:8f:c9:ef:d9:
13:4b:d9:49:f1:e3:a5:10:9c:c3:c2:cd:36:59:d3:25:63:26:
db:1c:6a:cf:b3:71:4e:bd:71:27:67:25:75:96:6f:80:0a:d0:
7e:4d:af:04:d8:45:d3:24:84:dd:93:ab:06:2f:5d:b7:bc:c8:
2b:04:d9:de:5e:63:66:77:2f:fa:a3:3b:a3:a1:d9:46:c0:24:
e5:c9:7b:32:aa:83:72:53:cd:c7:7b:4b:d3:82:d6:55:34:ce:
fc:bf:17:f1:04:75:e8:fa:ee:0c:18:83:42:c0:72:d8:e9:76:
ec:32:97:34:55:4a:f4:b9:1c:3f:ff:9c:6c:07:8a:c2:e7:0b:
eb:56:35:6a:90:ca:e6:41:bc:e9:bd:1f:12:c8:2a:68:b9:32:
15:5e:9f:3c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa6jRcQbqttqeG68BGizAzZwNnwIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTIwMDAwMDAwWhcNMjMxMDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDQxMWQxYzQ1NDkyYzVlMTdhNWI5YzY0YjMzOTgwZGNh
MTVkZDA2YTcxZGY2ODc2ODdkYTcxY2JkYzdkMWJiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXUKiCQT7fPdhtmR5iY4kOytDTPw7ev0+ScWQpp8HlsUwd
H0Hqor0EUgGOlOLbWEopH9yFo85Cu/jhIwu09rZScxlJMRp6rEghku6eRBmyt2NN
O/1F35pjs5DGyM95GjX8AZinkJFJ7dY8WerkyyyowZxBm8cTgyXFyrbl7+mfWL8T
h0Mmf2Zr7VdA2o8VxtEZm6BLCD1i0MThjgRBcGUEGKFOZkJ1vUC6rYjsoznKXmns
dUJevOvjyA5Rjm8iVe5gY9mq/y8dCDe+9QDd6NvpwOIJRbo1IHG/Z9NRllxCv9t5
1wPVU4NAz5XHKcA+HufLDVdH+3Eju8l54K0ah+XZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeuggfi4TqqTzmAARAQyhvLuOn8swHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg4OGNiMGRjLTAwN2YtNGQwOS04ZTExLTAyYzQ2NWU2MjU4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD/sf4blrJexpSOqLiDUVY+Vnuu7
+FmF69GDIAMpRfO9vhwxlp9CJ9U43LkNjd5LzvQVqOItPhA/rfoaSJ74x9yUfBAt
Toe3Cn6VN36XYZgYcKT/X7y8kU8gJEKmMs02ACbfLxLA+8r3j8nv2RNL2Unx46UQ
nMPCzTZZ0yVjJtscas+zcU69cSdnJXWWb4AK0H5NrwTYRdMkhN2TqwYvXbe8yCsE
2d5eY2Z3L/qjO6Oh2UbAJOXJezKqg3JTzcd7S9OC1lU0zvy/F/EEdej67gwYg0LA
ctjpduwylzRVSvS5HD//nGwHisLnC+tWNWqQyuZBvOm9HxLIKmi5MhVenzw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:04:17 2025 by rpki-client