Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ae4626f-ec04-4dfd-8122-033af0962b13.roa
File: 9ae4626f-ec04-4dfd-8122-033af0962b13.roa (raw, json)
Hash identifier: E/ypxDGaca0UtgsQ04KSXUgMOfTIOyDt5QmtG5ztSWU=
Subject key identifier: 57:1E:CE:42:6A:7E:BB:32:0D:B0:E2:D3:F3:E3:69:41:C0:3C:76:A7
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4B203BA231521A4B53725856933FF3901CF43691
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ae4626f-ec04-4dfd-8122-033af0962b13.roa
Signing time: Tue 30 Jul 2024 00:00:00 +0000
ROA not before: Tue 30 Jul 2024 00:00:00 +0000
ROA not after: Tue 03 Sep 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:20:3b:a2:31:52:1a:4b:53:72:58:56:93:3f:f3:90:1c:f4:36:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 30 00:00:00 2024 GMT
Not After : Sep 3 23:59:59 2024 GMT
Subject: serialNumber=88d545f632322c3018a910283d40521704781cc645b4fcb56050361eb7d9580e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:27:f8:a1:73:98:1f:a3:d5:ad:4c:73:e4:
0f:a8:7e:62:24:cd:69:b8:1d:6b:cf:1c:3d:07:02:
fa:fe:f5:62:5b:bc:26:10:c7:e5:52:79:d3:4c:b1:
24:39:bb:f7:15:d1:02:6f:da:e6:a3:2f:8b:d4:63:
62:97:79:e0:d6:8e:87:e0:48:fc:42:b5:cb:13:ca:
b1:74:fe:a1:85:35:7f:33:30:8a:3d:9a:b5:31:d8:
d2:fa:81:80:5c:0b:9d:9a:18:96:1d:55:93:55:55:
64:2e:4b:5c:8d:73:6b:ba:96:76:10:29:df:2f:ab:
17:84:a6:9c:4e:a3:c9:ae:94:20:56:53:9a:51:82:
9e:c0:70:ff:a6:1c:12:70:f9:7a:70:f8:97:a9:98:
2c:a3:3a:48:12:03:c3:7f:63:aa:7a:2e:40:07:7d:
f9:84:66:5a:9a:78:43:0b:df:82:4b:b1:15:e0:87:
d8:d7:72:c0:ec:8a:0b:c3:e9:84:ed:18:ae:82:63:
b1:c5:bd:ab:86:74:0a:77:0e:30:2e:0d:ab:99:f0:
6f:06:a7:84:9a:61:16:7f:cb:4f:44:bc:62:43:07:
b9:4a:56:5c:05:12:bf:e6:5f:4f:d7:85:0e:c6:b6:
e5:5c:91:7a:5c:71:c4:31:ca:82:8f:6d:e3:77:6c:
97:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1E:CE:42:6A:7E:BB:32:0D:B0:E2:D3:F3:E3:69:41:C0:3C:76:A7
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ae4626f-ec04-4dfd-8122-033af0962b13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f0:0e:37:04:bc:53:98:05:54:3e:a8:39:f8:b6:c9:d3:49:
19:d6:77:6c:cd:73:b3:c1:a0:36:c6:e3:98:54:65:3b:36:6c:
2f:19:77:fb:78:37:e2:1d:a4:f9:ef:9b:ed:ef:1e:cd:c3:d4:
0d:53:58:47:bc:b9:b5:01:69:51:34:0f:fa:00:91:ce:38:76:
da:17:00:d8:f0:d2:70:ba:e1:02:09:8e:5f:c4:69:e5:f4:8c:
93:da:11:d3:0c:8d:b6:18:db:87:47:19:48:92:ee:b5:8e:02:
c4:8b:8d:0c:ec:58:0a:9f:c1:d0:4d:3d:cd:d2:c8:f5:9c:1a:
0a:1d:b4:eb:9b:a3:2b:0e:76:0f:fe:70:d9:71:e6:ff:13:24:
14:ff:5b:85:fd:d2:38:26:04:ef:9f:6e:3e:c0:0a:de:af:6e:
b9:eb:e8:91:0b:cf:5f:89:0a:a1:86:f6:b7:97:ec:81:85:9e:
47:ce:92:0b:e6:bc:ad:24:56:eb:73:cb:c3:53:03:90:e2:7c:
2b:16:a0:b5:60:c5:ed:2d:1a:07:2a:63:ec:ed:37:c6:5e:39:
83:15:82:7e:72:b5:44:62:af:f6:0a:90:90:bc:31:a9:2c:83:
e6:b4:52:9f:e9:d2:07:2f:80:c2:4c:09:11:60:46:8f:fe:95:
26:e6:f7:24
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSyA7ojFSGktTclhWkz/zkBz0NpEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzMwMDAwMDAwWhcNMjQwOTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4OGQ1NDVmNjMyMzIyYzMwMThhOTEwMjgzZDQwNTIxNzA0
NzgxY2M2NDViNGZjYjU2MDUwMzYxZWI3ZDk1ODBlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzHCf4oXOYH6PVrUxz5A+ofmIkzWm4HWvPHD0HAvr+9WJb
vCYQx+VSedNMsSQ5u/cV0QJv2uajL4vUY2KXeeDWjofgSPxCtcsTyrF0/qGFNX8z
MIo9mrUx2NL6gYBcC52aGJYdVZNVVWQuS1yNc2u6lnYQKd8vqxeEppxOo8mulCBW
U5pRgp7AcP+mHBJw+Xpw+JepmCyjOkgSA8N/Y6p6LkAHffmEZlqaeEML34JLsRXg
h9jXcsDsigvD6YTtGK6CY7HFvauGdAp3DjAuDauZ8G8Gp4SaYRZ/y09EvGJDB7lK
VlwFEr/mX0/XhQ7GtuVckXpcccQxyoKPbeN3bJeNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVx7OQmp+uzINsOLT8+NpQcA8dqcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzlhZTQ2MjZmLWVjMDQtNGRmZC04MTIyLTAzM2FmMDk2MmIxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIXwDjcEvFOYBVQ+qDn4tsnTSRnW
d2zNc7PBoDbG45hUZTs2bC8Zd/t4N+IdpPnvm+3vHs3D1A1TWEe8ubUBaVE0D/oA
kc44dtoXANjw0nC64QIJjl/EaeX0jJPaEdMMjbYY24dHGUiS7rWOAsSLjQzsWAqf
wdBNPc3SyPWcGgodtOuboysOdg/+cNlx5v8TJBT/W4X90jgmBO+fbj7ACt6vbrnr
6JELz1+JCqGG9reX7IGFnkfOkgvmvK0kVutzy8NTA5DifCsWoLVgxe0tGgcqY+zt
N8ZeOYMVgn5ytURir/YKkJC8Maksg+a0Up/p0gcvgMJMCRFgRo/+lSbm9yQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:04:25 2025 by rpki-client