Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a5dcc86c-1bfd-4fb5-a3f3-5e75f9ef0f20.roa
File: a5dcc86c-1bfd-4fb5-a3f3-5e75f9ef0f20.roa (raw, json)
Hash identifier: FNqXvgaTEFjbnbIO226/BHhC4ZkMQdhPKjwD8NS2dLo=
Subject key identifier: AF:8A:9E:F5:F8:5C:7C:18:2B:83:E7:56:77:4A:A3:61:7F:80:FA:1A
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 20B79BA8874211D21806B3D2A180D6A4BD88A664
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a5dcc86c-1bfd-4fb5-a3f3-5e75f9ef0f20.roa
Signing time: Sun 03 Dec 2023 00:00:00 +0000
ROA not before: Sun 03 Dec 2023 00:00:00 +0000
ROA not after: Sun 07 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b7:9b:a8:87:42:11:d2:18:06:b3:d2:a1:80:d6:a4:bd:88:a6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 3 00:00:00 2023 GMT
Not After : Jan 7 23:59:59 2024 GMT
Subject: serialNumber=9a3b4c762e6ba0699985b26354643cfe12e5d7713975d6b7dfd8f51ca084b218, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a7:49:80:02:a8:92:b9:5e:73:fa:a2:c2:98:
0f:e1:cc:00:65:a0:49:e3:4d:b6:a5:8d:8c:44:88:
72:97:5d:d8:f5:f3:3b:e1:fd:ab:fa:13:45:ba:7f:
98:62:b7:d6:c9:bf:a2:9e:95:27:73:c2:e2:05:f8:
83:ba:0b:e6:0f:6f:0e:fe:81:90:09:e7:38:66:c4:
41:d9:ac:df:8e:1a:c7:bb:d5:b8:1c:d9:c2:e2:00:
a3:02:ae:82:96:e7:cf:ec:ce:eb:d0:20:25:fe:99:
6a:84:5e:f3:63:99:d8:e3:ef:37:4f:7e:fc:ea:68:
af:28:cf:1d:dd:d3:fc:29:db:87:0a:67:ee:33:d5:
c5:30:2f:0c:65:21:20:6c:c9:e4:97:38:db:b1:35:
ff:70:78:36:12:e1:73:c0:63:4b:3c:15:d9:d1:98:
de:c1:ca:15:d8:0d:cb:78:7d:40:15:cb:61:47:10:
d4:bd:6c:9f:e6:b5:97:19:08:4a:a1:6b:0d:cf:5d:
77:8f:1b:8a:c1:65:9d:2f:08:2b:e6:0a:65:c8:22:
ea:18:5b:8f:ed:5a:11:8e:82:7a:91:b7:b2:32:8b:
13:13:13:af:52:72:26:b7:a7:5a:8b:5c:19:27:f3:
1b:cb:3c:77:a4:08:f9:92:ce:41:77:d3:56:e8:1f:
55:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8A:9E:F5:F8:5C:7C:18:2B:83:E7:56:77:4A:A3:61:7F:80:FA:1A
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a5dcc86c-1bfd-4fb5-a3f3-5e75f9ef0f20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
58:4a:6a:63:cb:f1:97:bd:5e:c1:35:b2:43:b5:62:8f:d9:4d:
7a:ba:14:cb:4c:80:a1:ab:24:46:57:e6:74:9a:7e:a1:65:1d:
98:90:d7:19:cb:2b:1e:34:1c:12:b9:40:2c:8c:4d:28:b4:45:
9b:55:70:b1:d0:5e:8d:4d:2a:bb:ab:20:68:a1:b0:50:2e:b8:
6c:1b:79:7b:ee:08:85:4c:b4:ff:b3:91:e6:b4:3d:aa:0d:b9:
02:c5:d3:b3:87:00:46:22:a1:27:15:d3:9b:4a:fa:22:a0:b4:
f0:5c:2e:05:37:c4:8e:05:1a:da:c3:c6:2a:03:54:06:64:d8:
cc:7b:96:e4:3f:c9:b9:4a:fe:56:c7:c9:49:7a:fc:0a:9b:0a:
03:77:b2:26:4c:b6:58:4f:63:64:df:a0:bd:bb:8f:30:c5:ed:
4d:34:07:d4:dc:3f:98:d0:dd:ef:28:4e:89:52:fe:97:73:80:
ef:13:56:f2:4c:25:59:b1:6a:e4:15:31:23:28:0e:58:c8:14:
3b:ba:b3:6c:f3:40:d3:b2:39:cc:5c:32:d2:19:be:b3:ec:0e:
13:b0:af:96:86:1c:b9:a5:97:41:b5:9f:8e:8f:ed:59:83:52:
d4:9b:06:43:9a:da:aa:4e:bf:b7:ce:1e:c6:cb:88:58:8f:5c:
46:c4:b9:1e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUILebqIdCEdIYBrPSoYDWpL2IpmQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjAzMDAwMDAwWhcNMjQwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTNiNGM3NjJlNmJhMDY5OTk4NWIyNjM1NDY0M2NmZTEy
ZTVkNzcxMzk3NWQ2YjdkZmQ4ZjUxY2EwODRiMjE4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHp0mAAqiSuV5z+qLCmA/hzABloEnjTbaljYxEiHKXXdj1
8zvh/av6E0W6f5hit9bJv6KelSdzwuIF+IO6C+YPbw7+gZAJ5zhmxEHZrN+OGse7
1bgc2cLiAKMCroKW58/szuvQICX+mWqEXvNjmdjj7zdPfvzqaK8ozx3d0/wp24cK
Z+4z1cUwLwxlISBsyeSXONuxNf9weDYS4XPAY0s8FdnRmN7ByhXYDct4fUAVy2FH
ENS9bJ/mtZcZCEqhaw3PXXePG4rBZZ0vCCvmCmXIIuoYW4/tWhGOgnqRt7IyixMT
E69Scia3p1qLXBkn8xvLPHekCPmSzkF301boH1X5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUr4qe9fhcfBgrg+dWd0qjYX+A+howHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2E1ZGNjODZjLTFiZmQtNGZiNS1hM2YzLTVlNzVmOWVmMGYyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFhKamPL8Ze9XsE1skO1Yo/ZTXq6
FMtMgKGrJEZX5nSafqFlHZiQ1xnLKx40HBK5QCyMTSi0RZtVcLHQXo1NKrurIGih
sFAuuGwbeXvuCIVMtP+zkea0PaoNuQLF07OHAEYioScV05tK+iKgtPBcLgU3xI4F
GtrDxioDVAZk2Mx7luQ/yblK/lbHyUl6/AqbCgN3siZMtlhPY2TfoL27jzDF7U00
B9TcP5jQ3e8oTolS/pdzgO8TVvJMJVmxauQVMSMoDljIFDu6s2zzQNOyOcxcMtIZ
vrPsDhOwr5aGHLmll0G1n46P7VmDUtSbBkOa2qpOv7fOHsbLiFiPXEbEuR4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:50:32 2025 by rpki-client