Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/acb84eae-14c6-409b-821c-68e289682d8b.roa
File: acb84eae-14c6-409b-821c-68e289682d8b.roa (raw, json)
Hash identifier: UaJGFwhKnLAOh3LP2m6ywdHdugpkNmijZMBnJlh08Ww=
Subject key identifier: 89:8C:65:80:12:BD:8D:27:B2:25:43:89:A5:1D:F4:40:D0:59:69:A3
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 7B9A5638098F738FF1D3FFAE11EB34647D93C749
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/acb84eae-14c6-409b-821c-68e289682d8b.roa
Signing time: Fri 10 Nov 2023 00:00:00 +0000
ROA not before: Fri 10 Nov 2023 00:00:00 +0000
ROA not after: Fri 15 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:9a:56:38:09:8f:73:8f:f1:d3:ff:ae:11:eb:34:64:7d:93:c7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 10 00:00:00 2023 GMT
Not After : Dec 15 23:59:59 2023 GMT
Subject: serialNumber=81a1d46e1a94e9fb1c3a68c13da1580bba2ca527a9ba52079da80c86dcfd0cae, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:dd:7b:38:7f:4d:53:38:3a:51:b3:e1:18:da:
11:de:3a:af:30:0e:0d:5a:06:47:e8:d3:04:66:85:
16:e8:ee:90:ca:68:a5:96:b0:ae:9d:9e:e4:87:42:
47:c3:df:89:ea:e3:c2:98:6b:b9:6a:af:e1:96:41:
64:45:2a:f8:99:53:d2:c8:c3:fd:1c:39:33:60:30:
bd:70:36:f3:e4:80:59:87:3d:b8:3c:67:ad:9c:64:
32:07:88:d2:e5:7a:4a:d3:d9:0c:68:4a:c8:9e:84:
34:45:31:85:fa:33:61:62:03:11:eb:c4:f1:56:d5:
85:a3:bf:3c:15:c5:66:0a:c3:aa:9d:b8:da:8a:ce:
36:4c:06:3f:fd:0d:81:40:94:12:ee:8b:88:3c:f3:
3f:10:21:95:56:e8:c3:cf:13:54:8c:5e:df:4f:37:
8e:a7:d8:82:a7:61:14:0b:86:f9:af:41:f0:4b:c0:
1d:f0:4d:0b:9f:1e:bc:ae:dc:fa:f1:0d:0d:d3:15:
75:10:d8:f2:df:6d:92:4e:f6:e5:cf:3e:71:36:4a:
d9:b8:f3:03:44:40:52:81:8b:97:01:7a:f1:9d:f4:
68:e4:44:b5:7c:8d:62:43:2b:38:60:22:8c:6e:d9:
13:39:9f:97:13:f7:e5:7a:ab:1b:01:27:c3:bb:f2:
f7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8C:65:80:12:BD:8D:27:B2:25:43:89:A5:1D:F4:40:D0:59:69:A3
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/acb84eae-14c6-409b-821c-68e289682d8b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
31:3f:f2:66:e5:04:61:a8:dc:d8:5d:7b:fc:42:58:5a:d0:20:
7a:f3:27:f6:98:fa:b2:a5:3f:a3:98:bc:fc:b0:ed:b8:bb:04:
30:d4:ac:d2:ec:4e:47:ad:2c:39:7e:9e:9d:32:80:82:b2:a2:
be:0c:a6:e1:0b:f6:57:59:f5:f9:7f:2d:ef:b7:c8:08:e1:e4:
2a:06:d4:c8:d7:17:76:b8:06:2d:67:c4:1f:6e:ed:8b:89:07:
95:96:83:18:84:4b:bd:aa:ed:9a:44:8f:e8:63:e0:05:8e:32:
67:1f:6c:b3:36:56:fb:35:6d:b7:0b:ea:e6:8f:e9:88:13:60:
f3:40:79:ad:58:42:c3:27:ea:53:85:39:66:c5:eb:d5:05:91:
75:d7:3d:1d:70:19:3c:ec:bc:56:f0:e1:cc:dc:61:1f:05:e0:
18:c5:ad:b4:b9:13:81:99:1f:34:95:d6:2b:da:d2:80:bf:1e:
df:e5:c7:8c:dd:06:54:2b:ea:1f:2d:3f:9d:cd:b1:32:39:2a:
c2:e9:dc:f4:33:8a:f7:f3:ef:87:ec:75:0f:b5:6f:e6:10:2d:
bd:25:a0:20:cc:0b:c2:92:b0:9b:e1:4b:de:75:8b:2a:36:ee:
37:87:83:f7:f2:d9:68:6a:ed:b3:e8:0e:f7:85:1e:e8:08:54:
7a:1b:aa:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe5pWOAmPc4/x0/+uEes0ZH2Tx0kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTEwMDAwMDAwWhcNMjMxMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MWExZDQ2ZTFhOTRlOWZiMWMzYTY4YzEzZGExNTgwYmJh
MmNhNTI3YTliYTUyMDc5ZGE4MGM4NmRjZmQwY2FlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI3Xs4f01TODpRs+EY2hHeOq8wDg1aBkfo0wRmhRbo7pDK
aKWWsK6dnuSHQkfD34nq48KYa7lqr+GWQWRFKviZU9LIw/0cOTNgML1wNvPkgFmH
Pbg8Z62cZDIHiNLlekrT2QxoSsiehDRFMYX6M2FiAxHrxPFW1YWjvzwVxWYKw6qd
uNqKzjZMBj/9DYFAlBLui4g88z8QIZVW6MPPE1SMXt9PN46n2IKnYRQLhvmvQfBL
wB3wTQufHryu3PrxDQ3TFXUQ2PLfbZJO9uXPPnE2Stm48wNEQFKBi5cBevGd9Gjk
RLV8jWJDKzhgIoxu2RM5n5cT9+V6qxsBJ8O78vcrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiYxlgBK9jSeyJUOJpR30QNBZaaMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FjYjg0ZWFlLTE0YzYtNDA5Yi04MjFjLTY4ZTI4OTY4MmQ4Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADE/8mblBGGo3Nhde/xCWFrQIHrz
J/aY+rKlP6OYvPyw7bi7BDDUrNLsTketLDl+np0ygIKyor4MpuEL9ldZ9fl/Le+3
yAjh5CoG1MjXF3a4Bi1nxB9u7YuJB5WWgxiES72q7ZpEj+hj4AWOMmcfbLM2Vvs1
bbcL6uaP6YgTYPNAea1YQsMn6lOFOWbF69UFkXXXPR1wGTzsvFbw4czcYR8F4BjF
rbS5E4GZHzSV1iva0oC/Ht/lx4zdBlQr6h8tP53NsTI5KsLp3PQzivfz74fsdQ+1
b+YQLb0loCDMC8KSsJvhS951iyo27jeHg/fy2Whq7bPoDveFHugIVHobqj4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:52:23 2025 by rpki-client