Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa1ae637-32a0-4bb3-9796-c7808f67f695.roa
File: aa1ae637-32a0-4bb3-9796-c7808f67f695.roa (raw, json)
Hash identifier: IlD+Qd9zFVPJMpcRYds3dZOxao15Foa0Eim5u3QNqL8=
Subject key identifier: 68:16:78:F5:93:28:8B:BE:60:0B:38:4D:6C:30:AC:F1:35:46:4B:06
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6253208B991901378BA68221A4425502B4EA57AD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa1ae637-32a0-4bb3-9796-c7808f67f695.roa
Signing time: Mon 13 Nov 2023 00:00:00 +0000
ROA not before: Mon 13 Nov 2023 00:00:00 +0000
ROA not after: Mon 18 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:53:20:8b:99:19:01:37:8b:a6:82:21:a4:42:55:02:b4:ea:57:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 13 00:00:00 2023 GMT
Not After : Dec 18 23:59:59 2023 GMT
Subject: serialNumber=bfd6e9cbb12f67f5198103d0dd4fd6b9733a5c4dd1ed0285d2752c677b6e672e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:83:35:29:00:9b:bf:4b:49:b4:84:b9:b4:e4:
0f:91:96:75:d4:fe:05:c5:3f:3f:8e:d4:4a:a7:30:
21:14:ee:06:e1:8a:32:36:86:26:43:7b:09:32:fb:
61:a8:89:de:73:01:2a:e3:a9:f7:56:fd:20:c0:1e:
33:00:dc:b4:98:a4:5d:e4:79:63:3f:7f:73:32:e3:
c8:c1:17:23:53:53:e2:13:c9:3b:2a:2e:35:aa:28:
25:46:f3:b0:bb:69:22:e7:87:93:9c:91:63:05:52:
08:0f:e1:96:a9:33:8c:5b:78:a4:10:e8:8f:dc:88:
dc:79:77:77:2d:c1:f0:44:36:ef:5d:af:ab:d3:48:
0e:1b:34:65:5e:96:0c:b1:20:1f:65:ad:18:f0:cc:
71:e5:2e:0f:cb:9c:b8:20:08:50:44:95:e9:2f:64:
c1:33:59:95:fe:25:15:5b:c1:f2:d7:2f:2a:a2:dd:
1f:a1:0c:db:d8:31:b0:a8:0f:fc:9f:f7:12:5b:47:
12:c5:d9:cf:c4:de:ed:29:ba:6b:2d:f2:33:bc:ce:
3e:f6:8f:8a:2b:e1:04:9b:b8:1a:0d:27:c8:4b:c5:
8d:e0:78:3e:24:b9:62:6d:ca:10:6c:de:b6:f8:3f:
53:ed:12:85:f5:28:37:ac:9b:bb:88:10:1c:60:08:
30:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:16:78:F5:93:28:8B:BE:60:0B:38:4D:6C:30:AC:F1:35:46:4B:06
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa1ae637-32a0-4bb3-9796-c7808f67f695.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3b:d2:9b:d9:c4:37:2e:f1:aa:78:80:23:9a:32:09:43:a8:
d8:cb:1c:07:ef:c0:ea:a8:4d:63:79:ee:fb:42:26:b5:65:b6:
f4:68:f5:9a:39:b2:0e:cd:b0:1a:74:2f:63:63:7b:42:e4:bd:
99:d9:69:46:3d:9c:76:70:09:71:55:2b:1a:bf:9b:18:11:b0:
78:a2:c7:8c:24:55:0e:1e:af:7c:28:b4:7f:4f:2e:99:7f:b6:
bf:ae:fa:9d:eb:08:ea:18:7a:49:0e:c1:ff:07:f7:db:ae:07:
5a:86:4a:27:06:18:f3:49:a8:95:2f:99:a2:e9:8d:65:f2:9b:
78:9e:89:fc:c6:96:ee:a9:07:90:27:26:93:68:79:04:cb:c2:
f1:e0:67:6e:16:db:c9:f5:b7:b1:5e:09:5e:8d:6c:8f:e7:de:
e9:48:40:4b:cc:4c:f8:ee:bb:86:5c:92:ec:df:4a:a8:64:22:
c7:bb:0a:37:c6:05:b3:28:97:ab:b9:d0:af:6e:a6:f7:30:6e:
20:05:4c:e4:be:58:9f:00:c4:67:4f:f7:97:fa:de:cf:06:b1:
a9:ad:d2:0c:41:c8:50:e7:d7:c2:b2:43:73:2d:e3:56:29:2d:
6a:86:55:af:7b:e7:14:7f:1f:44:53:b1:99:87:d6:eb:d9:4f:
3f:9b:18:f9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYlMgi5kZATeLpoIhpEJVArTqV60wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTEzMDAwMDAwWhcNMjMxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZmQ2ZTljYmIxMmY2N2Y1MTk4MTAzZDBkZDRmZDZiOTcz
M2E1YzRkZDFlZDAyODVkMjc1MmM2NzdiNmU2NzJlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwgzUpAJu/S0m0hLm05A+RlnXU/gXFPz+O1EqnMCEU7gbh
ijI2hiZDewky+2Goid5zASrjqfdW/SDAHjMA3LSYpF3keWM/f3My48jBFyNTU+IT
yTsqLjWqKCVG87C7aSLnh5OckWMFUggP4ZapM4xbeKQQ6I/ciNx5d3ctwfBENu9d
r6vTSA4bNGVelgyxIB9lrRjwzHHlLg/LnLggCFBElekvZMEzWZX+JRVbwfLXLyqi
3R+hDNvYMbCoD/yf9xJbRxLF2c/E3u0pumst8jO8zj72j4or4QSbuBoNJ8hLxY3g
eD4kuWJtyhBs3rb4P1PtEoX1KDesm7uIEBxgCDBtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaBZ49ZMoi75gCzhNbDCs8TVGSwYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FhMWFlNjM3LTMyYTAtNGJiMy05Nzk2LWM3ODA4ZjY3ZjY5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFY70pvZxDcu8ap4gCOaMglDqNjL
HAfvwOqoTWN57vtCJrVltvRo9Zo5sg7NsBp0L2Nje0LkvZnZaUY9nHZwCXFVKxq/
mxgRsHiix4wkVQ4er3wotH9PLpl/tr+u+p3rCOoYekkOwf8H99uuB1qGSicGGPNJ
qJUvmaLpjWXym3ieifzGlu6pB5AnJpNoeQTLwvHgZ24W28n1t7FeCV6NbI/n3ulI
QEvMTPjuu4ZckuzfSqhkIse7CjfGBbMol6u50K9upvcwbiAFTOS+WJ8AxGdP95f6
3s8Gsamt0gxByFDn18KyQ3Mt41YpLWqGVa975xR/H0RTsZmH1uvZTz+bGPk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:16:00 2025 by rpki-client