Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a455e17f-f23b-4dfe-b9ab-507774be9874.roa
File: a455e17f-f23b-4dfe-b9ab-507774be9874.roa (raw, json)
Hash identifier: f38D0bpgreb9SRaiHtVvmRJqUW7jvC/JTlh0PCdzDyw=
Subject key identifier: 2B:99:07:89:CA:B0:2D:D1:07:71:20:02:D4:FA:89:F2:5C:73:32:C3
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 07654395E8C083CC63B48F58E1A79F32DFD966A5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a455e17f-f23b-4dfe-b9ab-507774be9874.roa
Signing time: Wed 12 Jul 2023 00:00:00 +0000
ROA not before: Wed 12 Jul 2023 00:00:00 +0000
ROA not after: Wed 16 Aug 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:65:43:95:e8:c0:83:cc:63:b4:8f:58:e1:a7:9f:32:df:d9:66:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 12 00:00:00 2023 GMT
Not After : Aug 16 23:59:59 2023 GMT
Subject: serialNumber=639046826808abd430226f7d5d3c5b1b766447b17eeba9791e98a5a64511a56d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c8:db:6b:88:b0:c2:ba:c0:32:67:86:42:6b:
82:99:fe:e1:83:00:7a:05:84:ca:ce:31:9c:07:79:
3f:93:05:45:35:55:d6:71:f1:51:1e:8c:4e:52:a0:
9d:5b:58:b4:d3:3e:e6:c8:a8:bf:c7:ba:e3:08:47:
ec:d5:11:f0:ca:2f:aa:84:b6:01:2c:c9:16:21:bc:
7e:94:71:82:d7:5a:6f:a7:5e:c8:7c:f0:2c:80:8c:
8a:fd:a9:17:71:a5:de:74:f8:ed:c5:25:63:a5:aa:
0d:e8:f8:b1:97:da:41:c7:47:21:37:76:ef:bd:7a:
97:12:1d:5c:b0:1d:32:bc:f1:cd:dd:7d:80:86:93:
01:31:99:1e:f3:fb:6d:59:c8:0e:82:10:eb:c5:c2:
0a:a0:2a:ea:81:f2:1d:1f:51:c6:ba:f6:74:c4:86:
c2:e9:20:29:39:29:ba:bb:37:c4:4e:2b:9a:9d:7a:
bf:b5:f1:95:9a:c5:ab:57:34:85:db:7b:8b:74:85:
9f:b7:04:da:89:74:9c:33:1c:1e:4d:e2:fd:9e:18:
1c:07:39:23:ad:91:e0:9a:c4:f5:55:bb:da:2c:60:
c1:5b:48:21:22:b1:af:9f:7b:a3:db:cd:90:40:32:
87:61:53:41:b4:0a:ce:85:e4:2f:34:72:a9:d3:61:
49:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:99:07:89:CA:B0:2D:D1:07:71:20:02:D4:FA:89:F2:5C:73:32:C3
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a455e17f-f23b-4dfe-b9ab-507774be9874.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
87:18:4c:47:6f:f2:26:53:d1:e7:dc:39:c3:70:ca:99:8b:96:
3c:02:62:e4:68:00:65:1e:4b:e5:a7:e6:ec:b4:60:b5:45:e8:
2b:5d:54:de:35:23:48:5a:73:a4:33:69:cc:e5:bf:ae:e0:19:
c2:dc:b2:45:dd:8b:c1:84:ba:e3:2e:df:8a:47:72:dd:fa:c5:
9b:55:9f:78:53:34:24:b8:dc:64:d3:36:fc:e4:80:89:80:2f:
e0:c6:56:4a:24:0d:6a:ca:36:64:18:da:d8:9e:31:ee:28:15:
8b:f1:46:43:bb:84:40:08:3c:81:b4:69:4c:0e:7f:8e:9c:31:
9c:af:81:e9:6d:5f:a3:05:02:a1:e0:7b:3d:74:52:d3:5b:14:
3d:83:67:af:c9:77:0e:bf:13:62:73:55:cf:8a:ba:74:18:6e:
67:ad:03:57:0a:7f:4b:9a:1b:a2:cb:8f:78:0d:8b:5b:32:52:
8f:22:58:47:39:97:fd:9e:a4:79:18:7d:fa:9b:77:b1:61:c4:
74:bd:0e:0f:8f:8a:7a:53:72:3a:26:b1:d0:8d:18:5e:d4:28:
b4:72:53:f3:20:cf:9b:d0:d1:e2:4d:71:63:ab:53:77:ea:6c:
c2:01:25:e3:16:d5:aa:53:e9:da:16:6d:83:dc:56:37:92:1d:
8c:fb:94:7d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUB2VDlejAg8xjtI9Y4aefMt/ZZqUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzEyMDAwMDAwWhcNMjMwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MzkwNDY4MjY4MDhhYmQ0MzAyMjZmN2Q1ZDNjNWIxYjc2
NjQ0N2IxN2VlYmE5NzkxZTk4YTVhNjQ1MTFhNTZkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwyNtriLDCusAyZ4ZCa4KZ/uGDAHoFhMrOMZwHeT+TBUU1
VdZx8VEejE5SoJ1bWLTTPubIqL/HuuMIR+zVEfDKL6qEtgEsyRYhvH6UcYLXWm+n
Xsh88CyAjIr9qRdxpd50+O3FJWOlqg3o+LGX2kHHRyE3du+9epcSHVywHTK88c3d
fYCGkwExmR7z+21ZyA6CEOvFwgqgKuqB8h0fUca69nTEhsLpICk5Kbq7N8ROK5qd
er+18ZWaxatXNIXbe4t0hZ+3BNqJdJwzHB5N4v2eGBwHOSOtkeCaxPVVu9osYMFb
SCEisa+fe6PbzZBAModhU0G0Cs6F5C80cqnTYUldAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUK5kHicqwLdEHcSAC1PqJ8lxzMsMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2E0NTVlMTdmLWYyM2ItNGRmZS1iOWFiLTUwNzc3NGJlOTg3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIcYTEdv8iZT0efcOcNwypmLljwC
YuRoAGUeS+Wn5uy0YLVF6CtdVN41I0hac6Qzaczlv67gGcLcskXdi8GEuuMu34pH
ct36xZtVn3hTNCS43GTTNvzkgImAL+DGVkokDWrKNmQY2tieMe4oFYvxRkO7hEAI
PIG0aUwOf46cMZyvgeltX6MFAqHgez10UtNbFD2DZ6/Jdw6/E2JzVc+KunQYbmet
A1cKf0uaG6LLj3gNi1syUo8iWEc5l/2epHkYffqbd7FhxHS9Dg+PinpTcjomsdCN
GF7UKLRyU/Mgz5vQ0eJNcWOrU3fqbMIBJeMW1apT6doWbYPcVjeSHYz7lH0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:43:43 2025 by rpki-client