Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d948cbb-70fb-4af8-a2ee-5920bcd6afda.roa
File: 8d948cbb-70fb-4af8-a2ee-5920bcd6afda.roa (raw, json)
Hash identifier: YFMghxOhrlhQnzagQ/BuzSCETFdmnoISj9y9iP+qz1E=
Subject key identifier: 17:87:36:B9:DC:36:CC:A2:4E:AE:4B:FB:AA:EC:9D:37:7F:3D:8F:D5
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 627AC3747FB8F233D781CF12DBB5D5A077CDED13
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d948cbb-70fb-4af8-a2ee-5920bcd6afda.roa
Signing time: Sat 02 Nov 2024 00:00:00 +0000
ROA not before: Sat 02 Nov 2024 00:00:00 +0000
ROA not after: Sat 07 Dec 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:7a:c3:74:7f:b8:f2:33:d7:81:cf:12:db:b5:d5:a0:77:cd:ed:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 2 00:00:00 2024 GMT
Not After : Dec 7 23:59:59 2024 GMT
Subject: serialNumber=f851146de786faa6ab65a27d01304f9f62962ff20144f60546f4ec38853ed7ea, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0a:5d:0e:ff:98:79:1b:54:89:18:ac:03:76:
96:ec:e8:4c:85:2c:af:72:66:b1:76:d4:80:e3:04:
42:32:aa:9a:b1:aa:77:e7:e7:3a:59:0f:15:82:1d:
8d:36:91:54:03:7a:3d:1c:5a:5c:f2:2a:ef:14:91:
6b:b9:30:d2:ab:2a:61:dd:9c:6d:c4:93:37:6a:bb:
c4:5b:94:f2:e2:a0:a6:d2:1a:f3:c1:a3:7c:84:47:
fa:54:8f:fe:d5:5d:e6:45:0f:9d:39:67:22:a4:29:
cf:07:6f:58:0d:48:d5:d0:9e:fd:3d:a1:57:6a:a5:
76:e2:ce:dc:de:dd:0f:9c:62:ea:de:d8:3f:a3:0f:
90:2e:be:f7:7a:15:38:31:96:c3:f2:17:d6:bd:26:
d1:56:72:12:09:50:c8:f4:03:f1:e6:a2:95:60:74:
a2:f0:8a:25:13:88:34:7c:e5:be:c3:03:4d:2e:7d:
6a:50:3b:75:ae:fe:68:20:89:fc:86:54:ff:da:83:
90:33:8b:af:3f:42:61:5f:28:7a:46:77:af:72:2b:
f1:48:6a:a2:7b:15:d0:31:95:b1:3c:53:92:55:b5:
42:02:13:8d:ad:8c:13:72:ee:bc:83:db:a9:25:15:
99:e9:f3:50:c1:bf:25:6e:42:38:27:74:53:72:56:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:87:36:B9:DC:36:CC:A2:4E:AE:4B:FB:AA:EC:9D:37:7F:3D:8F:D5
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d948cbb-70fb-4af8-a2ee-5920bcd6afda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:5c:c4:d7:bc:ea:df:91:a6:d7:1b:4a:20:89:ed:05:96:f6:
f0:e8:3d:ba:3a:96:6b:40:2b:99:44:76:28:da:17:5f:04:ee:
c5:09:c7:88:5c:8c:24:54:13:78:9d:c0:41:94:a8:49:0b:0f:
7c:9d:f4:8b:f9:f5:85:d0:d5:40:e3:b2:3a:3f:9c:f0:e3:5c:
05:c1:08:1b:7d:2d:a3:9a:97:80:f2:79:5c:7e:5e:ca:dd:6d:
8b:57:67:18:1b:99:aa:0b:38:d1:53:12:f9:09:ef:07:e8:c2:
0f:fc:05:25:52:f2:04:00:e7:1e:c1:45:76:83:2a:93:dc:6d:
a2:cf:a1:c5:4a:c3:06:09:88:f4:7f:66:04:8a:b7:aa:78:10:
da:63:76:30:1e:a6:04:e0:cb:b1:47:02:46:7e:e0:1e:91:e7:
fe:1f:3e:9f:73:50:66:97:36:94:0b:a0:38:48:a5:c1:aa:87:
2a:29:77:63:1d:25:9d:90:45:6f:ef:a5:52:6c:d7:17:c7:e3:
5d:df:59:3d:c5:11:7f:b8:1a:74:a9:a9:e9:c5:de:35:0d:3c:
42:a1:6e:a4:0f:36:56:bb:0e:60:37:d2:91:23:43:57:5d:91:
8e:b6:20:10:84:58:b0:2b:c2:48:76:9c:64:d0:17:4f:c1:c2:
d2:61:ac:f5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYnrDdH+48jPXgc8S27XVoHfN7RMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTAyMDAwMDAwWhcNMjQxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmODUxMTQ2ZGU3ODZmYWE2YWI2NWEyN2QwMTMwNGY5ZjYy
OTYyZmYyMDE0NGY2MDU0NmY0ZWMzODg1M2VkN2VhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqCl0O/5h5G1SJGKwDdpbs6EyFLK9yZrF21IDjBEIyqpqx
qnfn5zpZDxWCHY02kVQDej0cWlzyKu8UkWu5MNKrKmHdnG3Ekzdqu8RblPLioKbS
GvPBo3yER/pUj/7VXeZFD505ZyKkKc8Hb1gNSNXQnv09oVdqpXbiztze3Q+cYure
2D+jD5Auvvd6FTgxlsPyF9a9JtFWchIJUMj0A/HmopVgdKLwiiUTiDR85b7DA00u
fWpQO3Wu/mggifyGVP/ag5Azi68/QmFfKHpGd69yK/FIaqJ7FdAxlbE8U5JVtUIC
E42tjBNy7ryD26klFZnp81DBvyVuQjgndFNyVmdbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUF4c2udw2zKJOrkv7quydN389j9UwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhkOTQ4Y2JiLTcwZmItNGFmOC1hMmVlLTU5MjBiY2Q2YWZkYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADpcxNe86t+RptcbSiCJ7QWW9vDo
Pbo6lmtAK5lEdijaF18E7sUJx4hcjCRUE3idwEGUqEkLD3yd9Iv59YXQ1UDjsjo/
nPDjXAXBCBt9LaOal4DyeVx+XsrdbYtXZxgbmaoLONFTEvkJ7wfowg/8BSVS8gQA
5x7BRXaDKpPcbaLPocVKwwYJiPR/ZgSKt6p4ENpjdjAepgTgy7FHAkZ+4B6R5/4f
Pp9zUGaXNpQLoDhIpcGqhyopd2MdJZ2QRW/vpVJs1xfH413fWT3FEX+4GnSpqenF
3jUNPEKhbqQPNla7DmA30pEjQ1ddkY62IBCEWLArwkh2nGTQF0/BwtJhrPU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:57 2025 by rpki-client