Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/affe5d19-5250-4869-b42c-f2836a892966.roa
File: affe5d19-5250-4869-b42c-f2836a892966.roa (raw, json)
Hash identifier: lzIUyBEcUcLJwiZa+igjYAp2bUHrRF+rI3w2APhcFcU=
Subject key identifier: 13:BD:A3:BB:F4:0E:8C:8E:89:4B:22:E0:FE:15:51:F2:F6:76:9A:0F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2FF7E02DA710AA142DEC0565D15729A2880246B8
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/affe5d19-5250-4869-b42c-f2836a892966.roa
Signing time: Wed 16 Aug 2023 00:00:00 +0000
ROA not before: Wed 16 Aug 2023 00:00:00 +0000
ROA not after: Wed 20 Sep 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:f7:e0:2d:a7:10:aa:14:2d:ec:05:65:d1:57:29:a2:88:02:46:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 16 00:00:00 2023 GMT
Not After : Sep 20 23:59:59 2023 GMT
Subject: serialNumber=8bc0116d002314bbe2869d826c47fde501b720061d80b2cef46ebe6ab1fb0afd, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:39:fe:ab:db:4d:8d:e2:8c:78:bf:4b:13:06:
8f:e9:85:ad:84:62:36:04:fe:7d:47:3e:04:83:01:
3c:c9:6c:a0:bb:61:c2:56:0e:3e:0c:32:63:b0:96:
86:66:58:b3:5b:4b:b2:03:6a:8a:a8:2e:b6:2d:19:
c5:10:3d:86:4d:66:69:c4:32:26:5c:de:c0:09:f8:
3f:db:10:b7:32:cc:08:0e:25:f4:e4:9d:70:85:e2:
a0:b1:18:7f:36:d7:ca:52:84:5e:71:f5:83:0f:09:
18:bc:03:3f:70:d6:92:fb:e6:97:1f:f9:47:ce:8f:
84:1f:f3:ad:98:4c:6e:54:df:ec:02:13:dc:24:70:
c1:2e:4b:84:82:0f:6e:ec:8c:9b:96:0c:5d:5e:36:
c1:11:00:92:2b:81:89:e0:62:d4:a0:2b:52:3c:0a:
e6:f3:ea:7d:9d:d4:72:97:28:cc:57:48:7f:96:00:
a3:4d:71:ca:d6:be:51:2c:bc:c9:10:93:c7:7f:ac:
09:ce:b4:5c:12:02:e0:e1:54:55:4e:d6:b1:ce:31:
73:65:af:e9:b2:cc:e4:0e:75:b6:b8:2c:26:67:75:
33:64:d3:ee:be:7f:26:c1:a5:01:af:cb:47:86:a0:
cf:54:6e:42:93:bb:7d:d1:5e:5e:05:9d:80:79:24:
41:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:BD:A3:BB:F4:0E:8C:8E:89:4B:22:E0:FE:15:51:F2:F6:76:9A:0F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/affe5d19-5250-4869-b42c-f2836a892966.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
32:5d:44:9e:89:7b:b9:41:22:11:be:39:8a:1e:b5:9d:30:cd:
d5:00:60:97:57:f0:17:a1:1a:e9:7b:4e:bc:aa:45:84:f0:7f:
6b:f9:b6:d2:db:d1:2e:f3:d0:ce:9f:46:1d:de:69:7d:54:55:
7c:eb:7d:a1:76:b8:c0:ba:34:c3:64:59:97:0f:a8:44:13:21:
d5:fd:e0:0b:79:bf:4e:54:98:18:16:34:05:8a:03:ef:7b:21:
23:75:ef:7c:30:9d:41:4e:38:09:be:a0:32:2b:8f:0d:df:66:
2e:6b:54:55:6f:63:be:33:cf:ee:da:38:86:88:55:7a:d0:1a:
ab:2f:77:2e:f6:4c:2e:e7:f5:e2:62:67:17:6c:af:75:91:96:
8b:c3:19:b6:b2:19:22:c0:59:1f:0d:dc:a1:06:da:5b:04:20:
73:64:eb:45:a9:d3:d2:a1:32:c8:60:b8:00:3c:9d:96:e5:c6:
15:a8:2f:bc:97:42:6b:13:22:62:e1:0f:09:f0:65:da:2c:3d:
44:6e:8b:bf:25:a3:5f:72:a0:b0:20:9e:01:91:58:9f:b9:22:
d6:13:fb:50:7c:98:f0:a4:f8:3f:20:30:b3:71:c3:af:76:22:
de:75:75:15:b4:bc:98:05:a5:41:fd:95:59:b4:d7:9a:46:55:
31:50:05:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL/fgLacQqhQt7AVl0VcpoogCRrgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODE2MDAwMDAwWhcNMjMwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YmMwMTE2ZDAwMjMxNGJiZTI4NjlkODI2YzQ3ZmRlNTAx
YjcyMDA2MWQ4MGIyY2VmNDZlYmU2YWIxZmIwYWZkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+Of6r202N4ox4v0sTBo/pha2EYjYE/n1HPgSDATzJbKC7
YcJWDj4MMmOwloZmWLNbS7IDaoqoLrYtGcUQPYZNZmnEMiZc3sAJ+D/bELcyzAgO
JfTknXCF4qCxGH8218pShF5x9YMPCRi8Az9w1pL75pcf+UfOj4Qf862YTG5U3+wC
E9wkcMEuS4SCD27sjJuWDF1eNsERAJIrgYngYtSgK1I8Cubz6n2d1HKXKMxXSH+W
AKNNccrWvlEsvMkQk8d/rAnOtFwSAuDhVFVO1rHOMXNlr+myzOQOdba4LCZndTNk
0+6+fybBpQGvy0eGoM9UbkKTu33RXl4FnYB5JEGbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUE72ju/QOjI6JSyLg/hVR8vZ2mg8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FmZmU1ZDE5LTUyNTAtNDg2OS1iNDJjLWYyODM2YTg5Mjk2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADJdRJ6Je7lBIhG+OYoetZ0wzdUA
YJdX8BehGul7TryqRYTwf2v5ttLb0S7z0M6fRh3eaX1UVXzrfaF2uMC6NMNkWZcP
qEQTIdX94At5v05UmBgWNAWKA+97ISN173wwnUFOOAm+oDIrjw3fZi5rVFVvY74z
z+7aOIaIVXrQGqsvdy72TC7n9eJiZxdsr3WRlovDGbayGSLAWR8N3KEG2lsEIHNk
60Wp09KhMshguAA8nZblxhWoL7yXQmsTImLhDwnwZdosPURui78lo19yoLAgngGR
WJ+5ItYT+1B8mPCk+D8gMLNxw692It51dRW0vJgFpUH9lVm015pGVTFQBXY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:34:14 2025 by rpki-client