Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ed89d09-d7fd-438e-99c5-14bb7f9f5301.roa
File: 9ed89d09-d7fd-438e-99c5-14bb7f9f5301.roa (raw, json)
Hash identifier: ZalKp/DFsavIB94DR3hwM6yxNcgAWXu69V1Nv/9P+vQ=
Subject key identifier: 09:90:4C:CC:31:07:BE:F5:C3:33:2E:6C:BA:00:8D:18:5B:3A:37:02
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 510E25E74C11977A1CFCDFE129419D1F1E40225E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ed89d09-d7fd-438e-99c5-14bb7f9f5301.roa
Signing time: Thu 25 Jan 2024 00:00:00 +0000
ROA not before: Thu 25 Jan 2024 00:00:00 +0000
ROA not after: Thu 29 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:0e:25:e7:4c:11:97:7a:1c:fc:df:e1:29:41:9d:1f:1e:40:22:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 25 00:00:00 2024 GMT
Not After : Feb 29 23:59:59 2024 GMT
Subject: serialNumber=bb2ce54e9f9a76982bfbcaca4b5a12a8d97d1927612cfa249cd8499480b06f49, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ae:64:cf:eb:96:d6:b0:97:08:49:91:03:53:
0c:bc:d0:df:03:8c:bc:d9:5d:b8:b7:49:70:88:2d:
dd:fc:3e:3b:4e:a2:4e:6b:47:55:4c:5b:f5:ec:a5:
dd:b3:1b:01:7f:79:9a:f1:30:5a:39:c5:46:8f:25:
f4:e2:28:55:e3:9b:c5:98:f3:a1:42:53:ff:04:25:
45:d8:cc:e8:2c:39:e3:d3:e3:b8:a0:2c:a5:19:c1:
44:b4:52:0b:77:c9:40:4f:c9:dd:7f:31:f0:e1:32:
34:9a:ea:41:39:b2:47:19:ce:11:90:be:6d:74:4e:
de:a1:42:1a:92:4a:5d:34:fa:bf:3a:6a:db:b4:89:
39:40:01:dc:9a:54:16:e4:5d:0c:ed:b4:f5:e7:a1:
d2:63:8d:14:c4:4f:98:15:ed:e8:d4:9c:0c:32:da:
75:a0:a6:34:51:77:3e:a6:7f:c4:db:a8:3e:8d:fb:
7f:05:2a:b8:d5:1a:60:23:a2:39:33:07:9b:0a:ba:
b9:c3:43:08:49:72:bc:61:11:df:90:f6:2a:ca:7e:
56:2f:d0:7c:07:72:f0:25:49:a6:02:61:9c:87:03:
e6:a1:a9:4f:e0:0f:2a:d6:88:7e:af:f2:ae:e2:1f:
9c:05:00:23:61:d4:17:e1:ff:bc:de:7f:0f:c7:a7:
77:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:90:4C:CC:31:07:BE:F5:C3:33:2E:6C:BA:00:8D:18:5B:3A:37:02
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ed89d09-d7fd-438e-99c5-14bb7f9f5301.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:9e:82:92:47:97:3e:ff:f4:51:6e:86:01:03:e2:56:37:b7:
55:82:68:22:4b:9d:31:9a:4d:82:9a:ec:dd:7e:4c:35:b0:10:
31:1a:8e:85:c5:b8:57:5e:6f:29:84:6d:b8:07:e9:c7:4d:68:
03:b1:10:78:9f:03:94:7c:f9:e9:5a:7b:66:cc:34:45:7e:6d:
93:c9:d8:35:bc:e3:fd:24:00:f3:ed:d5:f7:06:87:65:21:34:
31:ad:2f:76:86:8f:99:a8:bc:5d:89:7a:3d:b8:91:19:49:d9:
f1:3e:b5:84:ef:9a:08:92:9c:ee:8c:53:d8:0b:6e:d2:56:8c:
de:e7:ba:be:4b:1c:71:fa:20:e9:c0:ac:e3:11:70:a3:55:05:
2c:51:54:37:23:8a:7d:54:94:24:39:c9:32:4b:cd:44:60:ff:
71:a7:61:c3:93:a0:2f:2c:77:06:53:47:a0:ad:c7:f0:d9:47:
07:fa:52:24:6c:94:6a:71:a4:5c:5a:62:c6:2b:46:66:fe:26:
52:39:50:78:46:85:07:51:9d:59:28:df:e4:81:ce:f5:bf:1f:
c5:d8:66:1d:19:0f:44:72:7d:2a:38:00:ac:f7:69:36:c0:5b:
e8:35:ef:9c:fb:88:69:00:03:a1:82:96:ad:ed:9c:fd:ad:ec:
fa:3f:a5:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUQ4l50wRl3oc/N/hKUGdHx5AIl4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTI1MDAwMDAwWhcNMjQwMjI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjJjZTU0ZTlmOWE3Njk4MmJmYmNhY2E0YjVhMTJhOGQ5
N2QxOTI3NjEyY2ZhMjQ5Y2Q4NDk5NDgwYjA2ZjQ5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6rmTP65bWsJcISZEDUwy80N8DjLzZXbi3SXCILd38PjtO
ok5rR1VMW/Xspd2zGwF/eZrxMFo5xUaPJfTiKFXjm8WY86FCU/8EJUXYzOgsOePT
47igLKUZwUS0Ugt3yUBPyd1/MfDhMjSa6kE5skcZzhGQvm10Tt6hQhqSSl00+r86
atu0iTlAAdyaVBbkXQzttPXnodJjjRTET5gV7ejUnAwy2nWgpjRRdz6mf8TbqD6N
+38FKrjVGmAjojkzB5sKurnDQwhJcrxhEd+Q9irKflYv0HwHcvAlSaYCYZyHA+ah
qU/gDyrWiH6v8q7iH5wFACNh1Bfh/7zefw/Hp3fzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCZBMzDEHvvXDMy5sugCNGFs6NwIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzllZDg5ZDA5LWQ3ZmQtNDM4ZS05OWM1LTE0YmI3ZjlmNTMwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAE2egpJHlz7/9FFuhgED4lY3t1WC
aCJLnTGaTYKa7N1+TDWwEDEajoXFuFdebymEbbgH6cdNaAOxEHifA5R8+elae2bM
NEV+bZPJ2DW84/0kAPPt1fcGh2UhNDGtL3aGj5movF2Jej24kRlJ2fE+tYTvmgiS
nO6MU9gLbtJWjN7nur5LHHH6IOnArOMRcKNVBSxRVDcjin1UlCQ5yTJLzURg/3Gn
YcOToC8sdwZTR6Ctx/DZRwf6UiRslGpxpFxaYsYrRmb+JlI5UHhGhQdRnVko3+SB
zvW/H8XYZh0ZD0RyfSo4AKz3aTbAW+g175z7iGkAA6GClq3tnP2t7Po/pV0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:49 2025 by rpki-client