Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d4a169e-8587-4d90-8478-0a317dc34151.roa
File: 8d4a169e-8587-4d90-8478-0a317dc34151.roa (raw, json)
Hash identifier: DQpX1CCVzS5qdxwAk9fDkPYnjogOnMHwv1+gklMyomk=
Subject key identifier: 85:8C:01:2D:19:E3:F6:F5:E9:F8:66:35:FD:12:44:46:06:88:79:BF
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6B6244B8C8AD9C07ED81DD65359E20525C0CD6B1
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d4a169e-8587-4d90-8478-0a317dc34151.roa
Signing time: Tue 05 Nov 2024 00:00:00 +0000
ROA not before: Tue 05 Nov 2024 00:00:00 +0000
ROA not after: Tue 10 Dec 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:62:44:b8:c8:ad:9c:07:ed:81:dd:65:35:9e:20:52:5c:0c:d6:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 5 00:00:00 2024 GMT
Not After : Dec 10 23:59:59 2024 GMT
Subject: serialNumber=4004bca23afbbce979571a76bccce0db0b8f2dc3d7ee9cc6d3bbbb6e630be3b6, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:38:db:9c:64:f1:34:0a:c6:10:08:6a:cb:24:
d6:50:5c:05:ab:a2:4a:ee:2a:14:8f:bb:73:c8:ed:
80:95:55:86:f8:84:97:db:9a:11:ec:64:58:5e:d2:
79:ab:54:55:8f:2e:ab:71:8b:fc:35:7b:58:16:2d:
8b:51:c2:0b:66:0b:4f:20:38:f9:5c:fb:02:43:1f:
ab:55:f0:77:87:55:41:89:17:51:a1:a4:93:04:b9:
4c:b4:6b:8e:a2:75:b4:0d:12:70:3b:1e:d0:bd:fd:
3b:5c:07:10:2a:c5:2a:3b:b3:4d:fe:d7:1d:93:69:
56:5e:f0:89:0e:10:97:f1:a6:41:db:a1:ae:e6:e3:
c8:19:3f:d9:43:39:8d:2b:9b:b8:8f:8f:5e:93:63:
1f:20:ed:70:dd:53:a0:ee:ec:a3:c5:a6:59:7a:f5:
22:78:ef:2b:82:a3:09:49:cf:21:cf:c3:e3:f6:db:
7a:29:6f:85:c1:0b:d5:a6:70:d6:74:db:03:9d:ee:
ce:a9:c9:6f:08:2e:6c:9b:37:00:2f:fd:81:95:1a:
4d:a8:9c:9a:5a:c1:e5:79:80:c4:bd:6c:2c:31:a3:
84:41:a7:77:ee:d2:52:c9:e6:f1:ce:88:02:e6:d1:
4c:e5:54:da:a1:af:d6:0c:58:9a:ce:b1:6e:04:49:
4c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8C:01:2D:19:E3:F6:F5:E9:F8:66:35:FD:12:44:46:06:88:79:BF
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d4a169e-8587-4d90-8478-0a317dc34151.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:2a:07:a8:ff:74:3b:a3:92:02:8b:1b:cb:86:0e:61:d4:d3:
73:4c:0b:e3:cb:9b:26:de:a0:39:ea:27:18:4e:df:d1:f3:2f:
66:8f:f1:85:92:0b:5f:08:64:c2:62:e7:b9:9c:b8:52:fc:c6:
8a:9f:de:01:72:26:ff:a0:ad:62:82:fd:a7:96:58:13:79:94:
45:44:2c:59:ee:3a:00:7a:78:e8:12:21:07:42:a8:a0:fe:5d:
1b:56:db:3e:70:0a:70:29:a6:ba:37:b5:5b:c4:6c:05:3d:e3:
cd:86:c6:a6:0f:8b:ec:14:67:ab:ad:a6:82:e5:4c:67:7e:70:
0d:94:d2:23:58:5e:e5:74:51:49:e6:f5:6b:16:97:4b:07:f2:
82:94:c2:1b:cc:59:a3:4f:b2:73:44:57:69:f7:b6:bf:e3:9d:
9a:6c:88:75:34:a9:8a:a2:44:66:96:4f:bf:ff:7e:d1:2d:24:
20:0f:ba:49:81:38:48:de:87:34:dd:00:8f:17:a1:c1:1d:03:
ce:b7:fa:80:54:47:4a:21:d1:3e:87:5e:c3:1e:5e:5d:8f:63:
bb:e0:09:2b:c9:b8:ed:df:cb:95:76:70:3e:54:b5:70:1f:95:
d8:57:db:4b:b9:fd:b8:58:56:fd:a2:cf:10:ff:24:3d:b2:aa:
37:e5:8b:9b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa2JEuMitnAftgd1lNZ4gUlwM1rEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MDA0YmNhMjNhZmJiY2U5Nzk1NzFhNzZiY2NjZTBkYjBi
OGYyZGMzZDdlZTljYzZkM2JiYmI2ZTYzMGJlM2I2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUONucZPE0CsYQCGrLJNZQXAWrokruKhSPu3PI7YCVVYb4
hJfbmhHsZFhe0nmrVFWPLqtxi/w1e1gWLYtRwgtmC08gOPlc+wJDH6tV8HeHVUGJ
F1GhpJMEuUy0a46idbQNEnA7HtC9/TtcBxAqxSo7s03+1x2TaVZe8IkOEJfxpkHb
oa7m48gZP9lDOY0rm7iPj16TYx8g7XDdU6Du7KPFpll69SJ47yuCowlJzyHPw+P2
23opb4XBC9WmcNZ02wOd7s6pyW8ILmybNwAv/YGVGk2onJpaweV5gMS9bCwxo4RB
p3fu0lLJ5vHOiALm0UzlVNqhr9YMWJrOsW4ESUzhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhYwBLRnj9vXp+GY1/RJERgaIeb8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhkNGExNjllLTg1ODctNGQ5MC04NDc4LTBhMzE3ZGMzNDE1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD8qB6j/dDujkgKLG8uGDmHU03NM
C+PLmybeoDnqJxhO39HzL2aP8YWSC18IZMJi57mcuFL8xoqf3gFyJv+grWKC/aeW
WBN5lEVELFnuOgB6eOgSIQdCqKD+XRtW2z5wCnAppro3tVvEbAU9482GxqYPi+wU
Z6utpoLlTGd+cA2U0iNYXuV0UUnm9WsWl0sH8oKUwhvMWaNPsnNEV2n3tr/jnZps
iHU0qYqiRGaWT7//ftEtJCAPukmBOEjehzTdAI8XocEdA863+oBUR0oh0T6HXsMe
Xl2PY7vgCSvJuO3fy5V2cD5UtXAfldhX20u5/bhYVv2izxD/JD2yqjfli5s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:34:59 2025 by rpki-client