Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/99c74b3a-5a74-412b-a1d0-641608c667f8.roa
File: 99c74b3a-5a74-412b-a1d0-641608c667f8.roa (raw, json)
Hash identifier: cG/2btu3qKT/OuPup+lZrzoPz1YN9F4B6BHWT2XLuqU=
Subject key identifier: CD:CA:AA:C9:DC:A6:9E:7F:DC:65:8B:BC:43:0E:1E:64:BF:E4:E4:8E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3464019450140AA4DCDE3E6896F147058B50010D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/99c74b3a-5a74-412b-a1d0-641608c667f8.roa
Signing time: Tue 26 Nov 2024 00:00:00 +0000
ROA not before: Tue 26 Nov 2024 00:00:00 +0000
ROA not after: Tue 31 Dec 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:64:01:94:50:14:0a:a4:dc:de:3e:68:96:f1:47:05:8b:50:01:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 26 00:00:00 2024 GMT
Not After : Dec 31 23:59:59 2024 GMT
Subject: serialNumber=3506616234ae2ffaf344fc5f95f0d2ef352f931ffd6326a3d8eb3bc966be7a78, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e0:b1:9f:16:de:e0:56:57:9a:f6:76:86:41:
5f:d4:20:92:3b:31:56:06:81:9d:d8:5e:ec:9a:95:
05:06:38:bb:7c:a7:ff:98:88:b4:b7:17:51:1e:6f:
a3:66:ae:2c:91:80:7f:f9:59:8d:2c:b8:c1:df:bc:
e7:f9:d4:96:54:48:34:93:cc:8b:aa:80:7f:16:1d:
2b:34:2e:a2:fa:b7:e3:53:e5:d1:e2:03:bb:92:dc:
cf:9a:3c:fc:88:e5:f3:73:d3:81:56:12:8f:ca:b9:
ee:28:c5:57:be:5c:34:e6:e2:10:a6:55:3c:ee:33:
2f:70:05:d8:77:cb:63:f8:a2:d9:8d:a1:55:7a:38:
6b:4f:78:10:98:e3:55:0c:b1:43:e9:34:e0:da:87:
ac:d0:5e:12:b2:d7:ce:38:90:f4:31:90:6b:fd:ad:
47:d6:ec:97:55:f7:bd:93:94:7c:82:38:9c:02:92:
33:11:d6:03:c9:05:93:99:99:cf:d5:e0:48:b4:be:
36:c4:54:f5:7d:f1:fa:ae:53:ed:37:0a:5f:82:b2:
b1:e6:2e:44:58:58:4c:1f:a0:4f:19:dd:0f:2e:9b:
09:7c:c3:e0:5e:fd:4d:32:4d:53:85:8d:e4:8f:df:
f8:60:23:fa:0c:65:4d:3e:3f:10:36:9b:73:10:61:
8a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CA:AA:C9:DC:A6:9E:7F:DC:65:8B:BC:43:0E:1E:64:BF:E4:E4:8E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/99c74b3a-5a74-412b-a1d0-641608c667f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:47:6c:a9:58:62:a7:a6:b5:ec:9f:2c:3a:60:15:4f:0f:ad:
fb:4a:af:cc:ad:74:81:da:78:49:5e:ad:08:0a:49:60:1c:8b:
41:ef:df:86:9f:6c:2a:2e:12:5a:0d:7f:9b:53:20:0a:19:a3:
a4:2a:66:7c:16:be:44:98:51:33:5a:cc:f7:28:63:76:fe:af:
bf:27:18:c3:cd:33:f7:cf:19:2f:eb:93:24:4f:16:ef:b1:0a:
41:36:3b:a2:de:4f:7a:15:ae:b2:52:8c:15:07:d0:f9:ab:fc:
57:0d:75:0e:79:bf:0b:f8:ee:28:60:49:d8:d7:31:33:6d:7e:
64:09:13:82:dd:e1:92:b4:46:63:1a:88:f9:45:c7:94:34:0d:
3b:d4:53:02:18:21:3f:7f:2d:68:25:1a:25:20:0b:89:dc:25:
25:97:a2:be:d3:0b:bf:d7:3b:d2:ef:16:e9:07:95:00:96:3e:
87:3f:d5:b1:38:32:31:a7:c1:e4:35:db:95:32:a3:73:c8:20:
fb:c1:2f:72:2b:93:ab:96:57:1b:b0:80:6d:98:42:46:ac:e3:
f4:4a:a7:07:83:38:c1:1b:c6:30:c8:a8:82:58:e8:b3:9a:12:
11:fb:8f:03:03:5f:1c:53:d2:88:a4:cf:85:4d:c0:fb:38:20:
49:81:b3:40
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNGQBlFAUCqTc3j5olvFHBYtQAQ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTI2MDAwMDAwWhcNMjQxMjMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTA2NjE2MjM0YWUyZmZhZjM0NGZjNWY5NWYwZDJlZjM1
MmY5MzFmZmQ2MzI2YTNkOGViM2JjOTY2YmU3YTc4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx4LGfFt7gVlea9naGQV/UIJI7MVYGgZ3YXuyalQUGOLt8
p/+YiLS3F1Eeb6NmriyRgH/5WY0suMHfvOf51JZUSDSTzIuqgH8WHSs0LqL6t+NT
5dHiA7uS3M+aPPyI5fNz04FWEo/Kue4oxVe+XDTm4hCmVTzuMy9wBdh3y2P4otmN
oVV6OGtPeBCY41UMsUPpNODah6zQXhKy1844kPQxkGv9rUfW7JdV972TlHyCOJwC
kjMR1gPJBZOZmc/V4Ei0vjbEVPV98fquU+03Cl+CsrHmLkRYWEwfoE8Z3Q8umwl8
w+Be/U0yTVOFjeSP3/hgI/oMZU0+PxA2m3MQYYqdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzcqqydymnn/cZYu8Qw4eZL/k5I4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzk5Yzc0YjNhLTVhNzQtNDEyYi1hMWQwLTY0MTYwOGM2NjdmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAC9HbKlYYqemteyfLDpgFU8PrftK
r8ytdIHaeElerQgKSWAci0Hv34afbCouEloNf5tTIAoZo6QqZnwWvkSYUTNazPco
Y3b+r78nGMPNM/fPGS/rkyRPFu+xCkE2O6LeT3oVrrJSjBUH0Pmr/FcNdQ55vwv4
7ihgSdjXMTNtfmQJE4Ld4ZK0RmMaiPlFx5Q0DTvUUwIYIT9/LWglGiUgC4ncJSWX
or7TC7/XO9LvFukHlQCWPoc/1bE4MjGnweQ125Uyo3PIIPvBL3Irk6uWVxuwgG2Y
Qkas4/RKpweDOMEbxjDIqIJY6LOaEhH7jwMDXxxT0oikz4VNwPs4IEmBs0A=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:18:20 2025 by rpki-client