Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b09d9e24-c7c5-49a4-803e-cac3fd5ef33c.roa
File: b09d9e24-c7c5-49a4-803e-cac3fd5ef33c.roa (raw, json)
Hash identifier: rZCtSqnDfxNZUaJT00UBN2w31uCodzbGJHDazzi/C14=
Subject key identifier: 48:C1:2F:ED:6F:A6:CB:8A:4F:5B:FE:C6:E5:F4:93:8C:62:1E:14:FF
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 35D5A38173689BFEEEDE972A2029CA495E600126
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b09d9e24-c7c5-49a4-803e-cac3fd5ef33c.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:d5:a3:81:73:68:9b:fe:ee:de:97:2a:20:29:ca:49:5e:60:01:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=869cafa8f353d9a50749183a45529ebc8183a6b89e8a68d2813940d3374cd352, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:aa:f3:55:da:66:16:ac:ae:ae:5f:35:2d:94:
f2:29:71:b4:b4:54:3f:85:28:e7:eb:ad:2e:b5:98:
f6:6e:57:73:b0:0a:51:51:2b:03:95:c7:e3:61:da:
09:f3:5d:3b:16:19:40:3e:c1:e0:98:60:c5:0d:6d:
a9:37:14:bf:9e:eb:af:51:9d:a9:b7:b3:03:bc:34:
f4:8b:e3:d0:db:56:52:0e:49:cc:07:40:27:dd:20:
63:20:b6:17:57:22:bc:a7:a5:86:58:2c:9c:dd:9f:
b1:70:30:e8:60:14:7c:15:73:a4:69:00:0a:e9:af:
c1:c3:41:17:a1:df:2b:0d:e9:a4:b4:57:6e:a1:a0:
ac:45:9e:97:b1:e0:49:13:b2:89:05:29:33:2d:9d:
d7:23:d0:5c:cd:50:8d:14:74:d2:6c:5e:99:a4:57:
c9:3e:ae:3f:93:06:6b:92:1e:9f:d6:15:af:86:d4:
c3:21:03:12:68:06:6a:11:9a:5f:fd:7e:fa:1b:c1:
bc:ff:5f:7a:33:a5:1b:94:70:dd:3c:0b:28:51:23:
93:f1:8f:9f:75:74:4e:4f:32:03:2d:12:db:ca:21:
b0:cf:db:cf:35:2d:b4:b8:76:fc:cd:1d:fe:db:8d:
72:7a:3b:53:7a:7f:2b:26:38:cc:99:0f:a5:d1:b7:
d9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C1:2F:ED:6F:A6:CB:8A:4F:5B:FE:C6:E5:F4:93:8C:62:1E:14:FF
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b09d9e24-c7c5-49a4-803e-cac3fd5ef33c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
17:59:a0:a8:03:fd:ad:b2:c8:75:9b:2a:9d:ce:c5:2e:2f:15:
31:7f:7f:f4:03:08:ff:ab:d9:09:d1:03:1c:0e:43:28:25:aa:
db:ac:d8:c9:0e:43:fa:a2:08:a1:18:a9:05:b8:89:55:87:14:
b6:86:02:11:f2:32:96:25:ef:a3:84:cb:bc:a8:3d:0c:8c:4f:
b8:80:2b:b5:54:de:e3:2a:3a:c8:f5:30:11:6e:0b:a1:74:e9:
84:e0:0a:fc:0f:05:37:25:63:56:ba:14:e2:50:ca:e6:1f:9d:
3a:0b:a2:5d:9f:ad:f8:30:a6:53:2a:bb:41:be:15:a0:ff:2e:
f7:0a:c7:8d:e9:6c:f3:fe:3d:85:6f:05:cc:8c:2a:b4:40:0f:
91:78:91:66:1c:f9:ab:ae:fa:e4:8e:95:18:12:9b:07:f7:a8:
28:1c:ee:eb:66:c7:37:e9:66:e6:0b:53:c1:19:a4:40:8c:c7:
db:89:ff:c4:bb:3a:6c:9a:12:25:b1:6c:3d:6a:eb:03:1f:bf:
46:9d:b7:9d:93:e1:2f:1a:1c:04:c8:ea:f2:48:29:24:5b:e2:
64:c9:62:9a:8c:5b:da:3c:37:41:01:9b:43:10:77:1e:20:65:
da:96:56:dc:68:c3:9a:e8:50:5f:44:e4:ee:28:89:c0:e9:cb:
42:ec:ff:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNdWjgXNom/7u3pcqICnKSV5gASYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjE2MDAwMDAwWhcNMjUwMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NjljYWZhOGYzNTNkOWE1MDc0OTE4M2E0NTUyOWViYzgx
ODNhNmI4OWU4YTY4ZDI4MTM5NDBkMzM3NGNkMzUyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBqvNV2mYWrK6uXzUtlPIpcbS0VD+FKOfrrS61mPZuV3Ow
ClFRKwOVx+Nh2gnzXTsWGUA+weCYYMUNbak3FL+e669Rnam3swO8NPSL49DbVlIO
ScwHQCfdIGMgthdXIrynpYZYLJzdn7FwMOhgFHwVc6RpAArpr8HDQReh3ysN6aS0
V26hoKxFnpex4EkTsokFKTMtndcj0FzNUI0UdNJsXpmkV8k+rj+TBmuSHp/WFa+G
1MMhAxJoBmoRml/9fvobwbz/X3ozpRuUcN08CyhRI5Pxj591dE5PMgMtEtvKIbDP
2881LbS4dvzNHf7bjXJ6O1N6fysmOMyZD6XRt9k3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSMEv7W+my4pPW/7G5fSTjGIeFP8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IwOWQ5ZTI0LWM3YzUtNDlhNC04MDNlLWNhYzNmZDVlZjMzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABdZoKgD/a2yyHWbKp3OxS4vFTF/
f/QDCP+r2QnRAxwOQyglqtus2MkOQ/qiCKEYqQW4iVWHFLaGAhHyMpYl76OEy7yo
PQyMT7iAK7VU3uMqOsj1MBFuC6F06YTgCvwPBTclY1a6FOJQyuYfnToLol2frfgw
plMqu0G+FaD/LvcKx43pbPP+PYVvBcyMKrRAD5F4kWYc+auu+uSOlRgSmwf3qCgc
7utmxzfpZuYLU8EZpECMx9uJ/8S7OmyaEiWxbD1q6wMfv0adt52T4S8aHATI6vJI
KSRb4mTJYpqMW9o8N0EBm0MQdx4gZdqWVtxow5roUF9E5O4oicDpy0Ls/1s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:54 2025 by rpki-client