Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/89ee1d10-6ffa-4aea-818d-d568bd8f2e76.roa
File: 89ee1d10-6ffa-4aea-818d-d568bd8f2e76.roa (raw, json)
Hash identifier: f7E5+924ZAUkUdzeCnrqXCe6GSDbjQxt2/l+XHOYTfo=
Subject key identifier: 82:55:41:F1:83:42:D5:9C:98:A2:4B:FE:D7:86:A0:42:25:60:35:73
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5FCED85510B7A066A017E0B916B5FEC04877F66B
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/89ee1d10-6ffa-4aea-818d-d568bd8f2e76.roa
Signing time: Thu 14 Sep 2023 00:00:00 +0000
ROA not before: Thu 14 Sep 2023 00:00:00 +0000
ROA not after: Thu 19 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:ce:d8:55:10:b7:a0:66:a0:17:e0:b9:16:b5:fe:c0:48:77:f6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 14 00:00:00 2023 GMT
Not After : Oct 19 23:59:59 2023 GMT
Subject: serialNumber=d8c6143f8847e504f4142c0ccd93e2de7927f67818afcd02ec02303baf42e5c4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:80:6d:72:84:f0:16:31:fb:7d:17:e2:ee:16:
a6:d4:6f:eb:ad:97:64:8f:99:87:6b:0c:2c:8e:6f:
d5:28:bb:b4:98:81:a4:cb:53:e2:af:8b:de:19:4f:
d9:75:94:0d:6f:65:da:ef:81:c1:07:af:7e:e5:fc:
71:79:40:5d:a1:0f:bf:66:0e:27:df:53:b5:66:d9:
71:ad:7a:8d:5c:b0:30:97:9b:b6:e8:81:36:1f:ac:
4c:87:c9:ed:d8:a7:95:73:2b:fe:df:1c:6d:18:7a:
17:7e:c0:b5:d4:8c:aa:a7:aa:8c:d3:55:74:04:8e:
96:ef:77:24:04:f6:04:90:82:d9:29:fd:45:fe:8e:
82:d8:5a:75:86:b6:91:a5:dc:74:2f:5a:bf:7f:92:
8b:f0:22:54:52:1e:fb:d4:66:87:c0:e9:a9:aa:e9:
1a:58:7f:8f:c6:ca:08:ec:49:79:2d:b1:79:59:f4:
d0:5a:73:18:37:2f:48:b1:f7:0d:f3:bb:44:51:a7:
83:14:6e:e3:f9:f4:28:02:5d:55:6d:e4:cc:66:2a:
50:3b:ef:65:e9:0e:2f:7e:bf:2d:3b:d1:cf:cb:bf:
2b:cc:ca:61:25:bf:31:57:19:4b:c6:b1:6b:f2:7f:
b2:ec:24:4c:fb:5b:0a:c9:52:f9:f3:01:54:cb:96:
1e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:55:41:F1:83:42:D5:9C:98:A2:4B:FE:D7:86:A0:42:25:60:35:73
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/89ee1d10-6ffa-4aea-818d-d568bd8f2e76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
40:2a:d2:e8:13:d1:df:a6:48:b8:0e:d7:5d:43:3f:56:c2:f0:
51:5e:68:f0:f0:d6:d5:0f:29:6f:ec:da:ef:68:fb:91:f7:9c:
3f:0f:5b:b0:9f:77:53:ef:1e:15:17:a4:9f:d0:d5:22:18:b5:
7f:86:a6:4f:3a:d6:ec:0e:72:81:97:b9:4a:be:8f:e8:06:3f:
d5:9f:ce:7d:c5:fb:78:d3:2b:9b:6a:04:ed:89:3e:53:28:af:
90:f1:64:e9:f5:95:34:79:ba:d2:87:07:34:2a:94:55:03:6c:
8d:f3:5b:91:59:01:4b:0d:0e:6f:2d:22:64:a2:20:c1:43:c7:
34:60:c6:d4:a5:e8:48:05:a8:2e:17:3f:6c:0f:49:94:59:63:
29:eb:d3:63:bf:89:42:e5:88:9c:b1:cc:c9:75:63:d6:4f:cf:
97:60:51:e8:6f:4f:0d:91:a6:e2:15:03:2f:ac:c6:fd:cb:9c:
bc:9c:9f:dd:a1:c9:d1:a2:d7:5d:b1:54:29:9f:97:3c:b0:da:
aa:2a:2e:4d:41:17:b0:56:a4:c7:22:7a:46:d8:18:35:4f:36:
20:34:6c:4c:89:08:85:cc:e6:81:2d:a7:fc:5f:fe:6c:af:98:
bf:a3:21:a9:28:13:ed:91:a8:98:8a:78:a9:c8:e1:46:2f:1a:
30:3b:0e:5f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUX87YVRC3oGagF+C5FrX+wEh39mswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTE0MDAwMDAwWhcNMjMxMDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkOGM2MTQzZjg4NDdlNTA0ZjQxNDJjMGNjZDkzZTJkZTc5
MjdmNjc4MThhZmNkMDJlYzAyMzAzYmFmNDJlNWM0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCagG1yhPAWMft9F+LuFqbUb+utl2SPmYdrDCyOb9Uou7SY
gaTLU+Kvi94ZT9l1lA1vZdrvgcEHr37l/HF5QF2hD79mDiffU7Vm2XGteo1csDCX
m7bogTYfrEyHye3Yp5VzK/7fHG0Yehd+wLXUjKqnqozTVXQEjpbvdyQE9gSQgtkp
/UX+joLYWnWGtpGl3HQvWr9/kovwIlRSHvvUZofA6amq6RpYf4/GygjsSXktsXlZ
9NBacxg3L0ix9w3zu0RRp4MUbuP59CgCXVVt5MxmKlA772XpDi9+vy070c/LvyvM
ymElvzFXGUvGsWvyf7LsJEz7WwrJUvnzAVTLlh6xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUglVB8YNC1ZyYokv+14agQiVgNXMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg5ZWUxZDEwLTZmZmEtNGFlYS04MThkLWQ1NjhiZDhmMmU3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEAq0ugT0d+mSLgO111DP1bC8FFe
aPDw1tUPKW/s2u9o+5H3nD8PW7Cfd1PvHhUXpJ/Q1SIYtX+Gpk861uwOcoGXuUq+
j+gGP9Wfzn3F+3jTK5tqBO2JPlMor5DxZOn1lTR5utKHBzQqlFUDbI3zW5FZAUsN
Dm8tImSiIMFDxzRgxtSl6EgFqC4XP2wPSZRZYynr02O/iULliJyxzMl1Y9ZPz5dg
UehvTw2RpuIVAy+sxv3LnLycn92hydGi112xVCmflzyw2qoqLk1BF7BWpMciekbY
GDVPNiA0bEyJCIXM5oEtp/xf/myvmL+jIakoE+2RqJiKeKnI4UYvGjA7Dl8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:23:23 2025 by rpki-client