Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b007a132-899b-4673-8980-ff5b250de167.roa
File: b007a132-899b-4673-8980-ff5b250de167.roa (raw, json)
Hash identifier: DDgJSFN95I7oc7W4923J2YWJzy9MkkifrtqpiUuz8N4=
Subject key identifier: 5D:6E:79:D5:C2:9C:B3:CB:3B:09:34:8B:FA:59:8C:2C:7F:0F:22:B4
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 68F3F17E70FBD8FEFC50FE85F3B59B41B70734AA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b007a132-899b-4673-8980-ff5b250de167.roa
Signing time: Wed 25 Oct 2023 00:00:00 +0000
ROA not before: Wed 25 Oct 2023 00:00:00 +0000
ROA not after: Wed 29 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f3:f1:7e:70:fb:d8:fe:fc:50:fe:85:f3:b5:9b:41:b7:07:34:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 25 00:00:00 2023 GMT
Not After : Nov 29 23:59:59 2023 GMT
Subject: serialNumber=eaf7762ada56dace1dca8859fafc37427e809e9c8f2251a702ecf98d1d2ab1d4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:96:a9:da:77:cd:b3:82:c4:74:2b:2b:73:
b9:34:90:8c:94:a5:29:5c:7a:bc:ec:00:2a:85:3c:
f2:ea:03:56:66:02:aa:60:53:ed:b2:f2:52:26:82:
3c:ff:ef:a3:52:22:f8:d3:73:5d:37:b3:b7:ae:eb:
c1:aa:59:45:a1:06:82:75:5e:4b:ee:0c:10:59:a0:
20:88:00:84:21:70:d5:82:73:5a:f9:44:a1:2c:5c:
b0:fb:d4:6a:b0:94:a6:6e:c8:09:70:09:4f:81:bd:
a6:52:d8:ea:e5:6e:02:1c:84:01:19:39:25:31:54:
61:85:66:bd:5b:be:ad:c0:9c:a4:23:15:e3:a9:fa:
47:50:3b:22:01:2f:bb:34:d0:46:cf:3b:f9:38:ce:
33:f9:fa:e4:ef:c8:5f:c0:3c:04:ec:e9:6e:0b:d0:
91:33:52:04:2a:f5:f5:50:5c:f2:c2:53:d6:17:d1:
32:58:fe:3a:46:0a:8d:26:81:aa:4e:dc:ab:b6:59:
7b:a3:36:bb:50:75:c3:7e:3b:8b:66:1b:4c:6d:25:
7e:e9:a0:09:db:84:33:89:bf:95:c1:72:3f:9e:f7:
ce:af:24:49:d2:03:02:ab:5f:ba:75:0b:13:36:98:
8b:56:4a:81:d8:1e:78:97:00:fd:50:a1:cf:73:33:
f3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6E:79:D5:C2:9C:B3:CB:3B:09:34:8B:FA:59:8C:2C:7F:0F:22:B4
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b007a132-899b-4673-8980-ff5b250de167.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a3:30:fc:d0:df:9f:fc:2d:f9:3c:68:cc:35:52:7d:5f:cf:
6d:78:f7:94:ce:6d:01:ea:75:23:c7:8c:4d:ab:5b:b2:f8:fb:
12:90:f2:cc:aa:da:da:5d:71:6c:0c:56:dc:1f:8f:0d:50:33:
f0:67:3b:24:a4:10:eb:dd:0f:8c:53:d3:6a:75:28:15:95:59:
d4:04:86:f4:4c:39:38:57:98:c8:77:9b:48:f7:cf:20:7c:25:
9b:a7:1c:41:2d:7d:7e:fc:67:eb:4e:bb:60:1b:42:99:16:26:
6b:5a:59:62:19:e1:84:a3:c3:6c:a8:cb:3a:04:50:86:2a:2f:
b3:c8:d3:e3:62:a9:ac:14:ed:47:ea:4d:23:b3:78:54:a9:28:
d2:b7:da:7b:bc:20:17:d8:52:bc:09:c2:04:72:0a:ac:1e:54:
b3:5a:3d:6c:c0:62:7c:9e:c6:ec:b0:52:40:de:b4:40:b2:c7:
8e:a8:29:66:bb:21:54:20:3e:a0:62:d7:da:fd:85:cf:20:68:
ed:1e:31:18:d3:78:e6:cd:fa:95:c9:13:02:96:4f:18:b8:60:
af:61:04:e7:b3:de:ea:ea:f7:03:5f:95:88:d2:29:28:ea:4f:
b7:1c:de:f1:3e:0a:98:b3:b9:22:ce:77:60:ef:06:d2:d7:da:
d3:24:d9:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaPPxfnD72P78UP6F87WbQbcHNKowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDI1MDAwMDAwWhcNMjMxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWY3NzYyYWRhNTZkYWNlMWRjYTg4NTlmYWZjMzc0Mjdl
ODA5ZTljOGYyMjUxYTcwMmVjZjk4ZDFkMmFiMWQ0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRl5ap2nfNs4LEdCsrc7k0kIyUpSlcerzsACqFPPLqA1Zm
AqpgU+2y8lImgjz/76NSIvjTc103s7eu68GqWUWhBoJ1XkvuDBBZoCCIAIQhcNWC
c1r5RKEsXLD71GqwlKZuyAlwCU+BvaZS2OrlbgIchAEZOSUxVGGFZr1bvq3AnKQj
FeOp+kdQOyIBL7s00EbPO/k4zjP5+uTvyF/APATs6W4L0JEzUgQq9fVQXPLCU9YX
0TJY/jpGCo0mgapO3Ku2WXujNrtQdcN+O4tmG0xtJX7poAnbhDOJv5XBcj+e986v
JEnSAwKrX7p1CxM2mItWSoHYHniXAP1Qoc9zM/M5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXW551cKcs8s7CTSL+lmMLH8PIrQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IwMDdhMTMyLTg5OWItNDY3My04OTgwLWZmNWIyNTBkZTE2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIWjMPzQ35/8Lfk8aMw1Un1fz214
95TObQHqdSPHjE2rW7L4+xKQ8syq2tpdcWwMVtwfjw1QM/BnOySkEOvdD4xT02p1
KBWVWdQEhvRMOThXmMh3m0j3zyB8JZunHEEtfX78Z+tOu2AbQpkWJmtaWWIZ4YSj
w2yoyzoEUIYqL7PI0+NiqawU7UfqTSOzeFSpKNK32nu8IBfYUrwJwgRyCqweVLNa
PWzAYnyexuywUkDetECyx46oKWa7IVQgPqBi19r9hc8gaO0eMRjTeObN+pXJEwKW
Txi4YK9hBOez3urq9wNflYjSKSjqT7cc3vE+CpizuSLOd2DvBtLX2tMk2Vs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:37:50 2025 by rpki-client