Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ef20a2b-ca4f-4e92-aab9-ed782e11f329.roa
File: 9ef20a2b-ca4f-4e92-aab9-ed782e11f329.roa (raw, json)
Hash identifier: 7SZd+21mGDe2yuNPz0nia9L3jLnS6w7CMdZd16+qd3Y=
Subject key identifier: A4:0D:1A:0F:57:46:06:42:D0:EC:BB:9D:E1:3C:BF:4B:8F:F8:77:05
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 7702C653F55B6F6AE15E2070FE8540A1BB8D0DA5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ef20a2b-ca4f-4e92-aab9-ed782e11f329.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:02:c6:53:f5:5b:6f:6a:e1:5e:20:70:fe:85:40:a1:bb:8d:0d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=f8fffc104f74977d001669e1448dd634866b205657227885d76f5541d231c547, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8c:21:62:11:16:bb:9b:97:a5:3f:a5:39:a5:
12:04:dc:c9:26:8a:e9:95:3f:b3:db:59:02:93:5e:
05:ee:d0:ec:39:fa:2b:9e:57:e8:33:46:7c:16:bb:
90:50:2a:1e:0e:64:1c:c4:81:19:ba:c4:0d:bc:b6:
c9:cd:94:d6:b7:ba:b2:05:5f:d0:5c:70:c1:30:33:
2b:b3:00:84:01:6a:88:1b:dc:92:03:4b:c0:68:18:
66:51:d8:0e:43:bc:83:64:98:27:bc:05:72:18:58:
f2:73:77:84:5c:41:c9:75:e4:fa:d5:13:67:38:8e:
9c:5d:48:23:da:32:2d:b0:48:34:56:b0:bd:d8:e7:
cb:2f:89:3f:12:ea:36:7e:f3:89:5c:5e:cd:c5:ac:
16:34:0a:65:1d:c7:2d:02:15:8d:82:ec:72:b0:b6:
0a:5c:19:c9:26:af:0a:07:7e:87:60:2a:d8:cf:18:
62:cc:c2:df:4e:6a:64:21:6d:33:23:ae:15:35:cc:
84:e4:47:0d:e8:57:58:a4:ed:14:5f:40:5b:76:20:
6f:e0:4d:f3:92:87:2b:e9:01:31:c0:24:84:f9:dd:
ba:e2:02:a3:e9:b5:5e:70:ee:ea:46:62:b2:67:98:
61:aa:a9:e2:50:ad:6f:77:a7:92:d6:81:b6:88:86:
5b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0D:1A:0F:57:46:06:42:D0:EC:BB:9D:E1:3C:BF:4B:8F:F8:77:05
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/9ef20a2b-ca4f-4e92-aab9-ed782e11f329.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
77:49:1d:6f:51:c2:37:b8:06:17:55:10:b9:9b:86:0c:c0:78:
0d:b1:82:61:73:1c:e6:9f:98:d1:6f:3b:cb:e5:b6:92:a9:d9:
bc:89:5d:a6:23:68:82:cf:db:a3:d8:f8:46:76:7e:dd:9d:47:
94:b0:c6:8b:2e:24:fd:36:c5:d4:19:91:7c:4e:61:0b:07:0a:
95:b3:c1:ba:24:ff:7e:4a:02:80:88:8e:a0:66:1d:4d:c9:ec:
90:a8:ea:1a:57:11:41:2d:97:31:13:75:1a:4b:39:be:e3:ad:
ce:d2:9b:93:0a:78:05:2a:f2:40:22:f4:b7:18:9d:39:b1:ca:
e3:4d:a5:d1:df:57:16:cb:6b:d4:7b:5b:5a:4a:a3:9f:68:74:
26:2d:34:3f:d8:64:e0:88:33:50:51:98:5e:1e:7b:3e:89:e8:
38:45:f0:aa:61:0b:08:ae:b7:b6:8e:7d:b5:a6:f8:2f:86:4e:
fd:0e:23:0f:fb:94:47:90:35:b6:0b:ed:0c:a2:2d:b3:6f:26:
f0:cb:39:c9:a0:2d:63:6c:96:bd:bb:e0:8f:75:0c:0c:fb:4f:
9a:2d:08:d5:0f:8c:3c:55:1a:38:14:7c:12:c9:f0:e4:87:dc:
90:21:f5:cc:70:56:57:9a:b2:37:ba:92:26:b5:d9:3d:8d:60:
f8:59:c5:e9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdwLGU/Vbb2rhXiBw/oVAobuNDaUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzI5MDAwMDAwWhcNMjQwNTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOGZmZmMxMDRmNzQ5NzdkMDAxNjY5ZTE0NDhkZDYzNDg2
NmIyMDU2NTcyMjc4ODVkNzZmNTU0MWQyMzFjNTQ3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKjCFiERa7m5elP6U5pRIE3MkmiumVP7PbWQKTXgXu0Ow5
+iueV+gzRnwWu5BQKh4OZBzEgRm6xA28tsnNlNa3urIFX9BccMEwMyuzAIQBaogb
3JIDS8BoGGZR2A5DvINkmCe8BXIYWPJzd4RcQcl15PrVE2c4jpxdSCPaMi2wSDRW
sL3Y58sviT8S6jZ+84lcXs3FrBY0CmUdxy0CFY2C7HKwtgpcGckmrwoHfodgKtjP
GGLMwt9OamQhbTMjrhU1zITkRw3oV1ik7RRfQFt2IG/gTfOShyvpATHAJIT53bri
AqPptV5w7upGYrJnmGGqqeJQrW93p5LWgbaIhluvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpA0aD1dGBkLQ7Lud4Ty/S4/4dwUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzllZjIwYTJiLWNhNGYtNGU5Mi1hYWI5LWVkNzgyZTExZjMyOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHdJHW9Rwje4BhdVELmbhgzAeA2x
gmFzHOafmNFvO8vltpKp2byJXaYjaILP26PY+EZ2ft2dR5SwxosuJP02xdQZkXxO
YQsHCpWzwbok/35KAoCIjqBmHU3J7JCo6hpXEUEtlzETdRpLOb7jrc7Sm5MKeAUq
8kAi9LcYnTmxyuNNpdHfVxbLa9R7W1pKo59odCYtND/YZOCIM1BRmF4eez6J6DhF
8KphCwiut7aOfbWm+C+GTv0OIw/7lEeQNbYL7QyiLbNvJvDLOcmgLWNslr274I91
DAz7T5otCNUPjDxVGjgUfBLJ8OSH3JAh9cxwVleasje6kia12T2NYPhZxek=
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:31:11 2025 by rpki-client