Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a7cb3588-1ce2-4ce6-8e2d-ca46ff51ec7c.roa
File: a7cb3588-1ce2-4ce6-8e2d-ca46ff51ec7c.roa (raw, json)
Hash identifier: oTyoM0pRgaBSnhvoA/sUYNWPCMAyGBHo72ODp17AcYg=
Subject key identifier: 04:8B:03:76:4A:A1:D6:9E:64:A2:E5:AA:32:C6:C5:33:2C:0B:AF:4C
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2FDCDE27D3985328288CAB898E4548DC0DA8674E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a7cb3588-1ce2-4ce6-8e2d-ca46ff51ec7c.roa
Signing time: Mon 18 Dec 2023 00:00:00 +0000
ROA not before: Mon 18 Dec 2023 00:00:00 +0000
ROA not after: Mon 22 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:dc:de:27:d3:98:53:28:28:8c:ab:89:8e:45:48:dc:0d:a8:67:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 18 00:00:00 2023 GMT
Not After : Jan 22 23:59:59 2024 GMT
Subject: serialNumber=db57eaf48bf9de9d1c9ed561933549e6e20db6ac9cf15422a25f6429844a5dec, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:bb:e1:8c:7e:b2:5e:12:4f:2f:5e:b4:3b:
1c:24:23:d3:e5:42:c3:8b:85:a6:3b:9f:18:41:28:
fa:e6:ca:13:cc:52:27:55:06:24:2d:fb:9e:14:3c:
a3:0a:f0:8a:a0:27:0d:c9:fa:9c:25:14:00:7e:da:
82:16:ec:50:7a:a5:23:9c:96:c4:44:70:5b:f2:71:
9a:46:4b:42:de:a4:40:2c:b5:a9:73:69:e8:e8:a6:
d5:88:27:5a:8f:e2:b0:52:24:a5:03:92:c2:04:9d:
ea:9b:6d:0a:18:df:84:0c:78:f8:6b:8b:58:dc:81:
67:ec:c7:aa:b5:92:ad:fe:86:b9:c4:19:5c:c3:c5:
4e:98:f6:6c:79:75:5f:b7:6d:cc:7b:b8:47:4c:77:
97:6b:47:97:d8:a3:0b:8a:8f:53:35:e0:0a:e8:24:
e4:9b:8c:c2:69:16:82:77:d1:5c:80:ad:3c:3f:31:
f3:54:85:0e:17:62:36:e7:c3:0a:41:2b:b9:8b:d0:
e1:0a:44:fd:40:e0:ec:c3:07:f5:2b:37:23:21:bd:
31:9d:35:74:b0:26:7c:5b:7b:37:65:9b:4c:37:ca:
f0:31:59:fb:2b:b7:00:92:1a:67:49:48:a9:3e:91:
e2:68:75:4d:24:0e:79:d5:74:d4:51:44:b2:9c:49:
df:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8B:03:76:4A:A1:D6:9E:64:A2:E5:AA:32:C6:C5:33:2C:0B:AF:4C
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a7cb3588-1ce2-4ce6-8e2d-ca46ff51ec7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
28:96:59:7d:63:80:60:8c:f6:b8:53:d2:22:8c:17:d6:74:3f:
a7:b8:54:63:14:46:c4:c8:f0:fd:4d:6f:e8:d3:2b:68:38:42:
13:56:ba:49:2f:cd:c3:c7:25:43:1c:bc:ee:e3:c9:b5:5c:26:
40:1c:6b:14:c5:c7:d7:44:99:ea:03:94:51:94:ac:be:d6:5c:
e2:35:98:5f:c1:67:e5:d4:1c:8f:95:2f:26:86:e4:fe:5a:3e:
8b:b9:e2:18:85:bc:80:62:9c:0f:5a:2a:2b:5f:d9:83:35:7c:
d3:dc:b9:21:40:1f:71:a7:52:a8:60:d7:8a:ad:dc:ae:da:7b:
77:05:e4:32:a5:0e:eb:7c:27:ba:3e:a3:e1:28:ac:f4:2c:40:
29:6e:68:97:a0:18:ed:b7:2b:74:1e:ab:97:07:d2:18:3b:b5:
46:5e:9c:d4:3c:2a:84:3e:dc:35:b0:8a:14:6f:2b:87:16:5a:
7e:a8:b1:e8:e7:32:3c:bb:a4:a5:a0:43:ff:6d:6b:13:da:79:
e9:8a:b8:00:9b:a9:69:7c:e0:6d:ea:83:0b:96:8f:86:7b:ce:
4c:53:49:c1:55:02:d4:bd:fb:a4:c6:b5:2d:7e:75:32:ba:1f:
47:bc:75:84:6b:98:69:ed:b0:ee:ad:d5:ae:b2:c1:97:b2:7e:
37:7a:14:2a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL9zeJ9OYUygojKuJjkVI3A2oZ04wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjE4MDAwMDAwWhcNMjQwMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjU3ZWFmNDhiZjlkZTlkMWM5ZWQ1NjE5MzM1NDllNmUy
MGRiNmFjOWNmMTU0MjJhMjVmNjQyOTg0NGE1ZGVjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvtLvhjH6yXhJPL160OxwkI9PlQsOLhaY7nxhBKPrmyhPM
UidVBiQt+54UPKMK8IqgJw3J+pwlFAB+2oIW7FB6pSOclsREcFvycZpGS0LepEAs
talzaejoptWIJ1qP4rBSJKUDksIEneqbbQoY34QMePhri1jcgWfsx6q1kq3+hrnE
GVzDxU6Y9mx5dV+3bcx7uEdMd5drR5fYowuKj1M14AroJOSbjMJpFoJ30VyArTw/
MfNUhQ4XYjbnwwpBK7mL0OEKRP1A4OzDB/UrNyMhvTGdNXSwJnxbezdlm0w3yvAx
WfsrtwCSGmdJSKk+keJodU0kDnnVdNRRRLKcSd85AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBIsDdkqh1p5kouWqMsbFMywLr0wwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2E3Y2IzNTg4LTFjZTItNGNlNi04ZTJkLWNhNDZmZjUxZWM3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACiWWX1jgGCM9rhT0iKMF9Z0P6e4
VGMURsTI8P1Nb+jTK2g4QhNWukkvzcPHJUMcvO7jybVcJkAcaxTFx9dEmeoDlFGU
rL7WXOI1mF/BZ+XUHI+VLyaG5P5aPou54hiFvIBinA9aKitf2YM1fNPcuSFAH3Gn
Uqhg14qt3K7ae3cF5DKlDut8J7o+o+EorPQsQCluaJegGO23K3Qeq5cH0hg7tUZe
nNQ8KoQ+3DWwihRvK4cWWn6osejnMjy7pKWgQ/9taxPaeemKuACbqWl84G3qgwuW
j4Z7zkxTScFVAtS9+6TGtS1+dTK6H0e8dYRrmGntsO6t1a6ywZeyfjd6FCo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:52:15 2025 by rpki-client