Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b14ef2f7-5e61-4165-9c20-95928eb98cd2.roa
File: b14ef2f7-5e61-4165-9c20-95928eb98cd2.roa (raw, json)
Hash identifier: G6JCLgfASItHwLwVO7d1uS6+X1qtbwEW1lo8JQGOWXU=
Subject key identifier: 1B:6A:66:5A:E6:F2:12:1F:AA:13:FA:9B:51:72:C0:3E:6C:5B:9D:5B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2415A7A06E7918F5BED724D32D3BA0B959E690DA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b14ef2f7-5e61-4165-9c20-95928eb98cd2.roa
Signing time: Mon 14 Oct 2024 00:00:00 +0000
ROA not before: Mon 14 Oct 2024 00:00:00 +0000
ROA not after: Mon 18 Nov 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:15:a7:a0:6e:79:18:f5:be:d7:24:d3:2d:3b:a0:b9:59:e6:90:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 14 00:00:00 2024 GMT
Not After : Nov 18 23:59:59 2024 GMT
Subject: serialNumber=37da82a6ca50ec3028e706016d1a208948fd683a8aee565c97536a2da53eb228, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:92:0a:43:61:db:42:e2:17:1f:e5:51:d0:20:
e8:d1:bd:1a:30:b6:d6:77:8e:03:11:3d:ea:1e:85:
01:ce:f2:ea:5c:c5:07:41:35:cf:fc:80:63:f1:7f:
01:b8:30:b8:f6:d4:64:84:38:39:54:4d:bf:ea:ae:
77:7b:19:d2:66:34:6b:03:35:d8:18:ac:08:77:b8:
4f:63:36:51:c0:3c:ea:ea:80:39:41:d8:b6:a6:52:
1b:f5:23:a2:a6:e4:5d:0c:d9:cf:3a:d1:de:f2:b0:
11:e4:c5:ba:35:26:ac:b4:16:07:5c:33:de:03:cc:
32:af:5a:17:e5:a8:70:d8:b5:dd:c8:55:50:7c:08:
38:56:6f:a0:dd:48:6f:bf:c7:69:42:d1:4e:96:8d:
18:90:52:5a:09:f1:3f:5c:6c:80:e8:12:b0:8b:f5:
bc:42:39:87:f5:cd:99:bf:ea:7b:72:87:03:22:1d:
8b:93:71:b4:3c:57:67:77:cc:77:24:47:9e:bf:ec:
23:04:79:91:e7:cf:af:92:e4:f7:60:9e:2f:83:33:
e7:27:50:36:30:f6:17:5b:77:66:20:81:83:31:85:
8a:18:34:e4:82:5f:e3:4f:f9:7e:2a:c7:78:10:d0:
2b:37:4c:03:62:8d:50:3e:db:0d:b7:96:39:f8:b0:
59:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6A:66:5A:E6:F2:12:1F:AA:13:FA:9B:51:72:C0:3E:6C:5B:9D:5B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b14ef2f7-5e61-4165-9c20-95928eb98cd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
16:51:82:f3:14:63:0a:f5:05:b6:39:d2:14:4a:bd:8b:33:10:
46:b7:2d:64:60:e3:a9:72:3f:62:0e:77:77:36:74:ec:45:e7:
46:a1:a3:be:de:68:e7:04:7a:2c:fa:b4:7d:86:d2:07:82:f4:
19:6c:d8:89:8f:fa:1d:97:e7:fd:d5:f7:06:32:2d:fe:d5:be:
65:1c:2c:91:db:85:26:c3:03:fe:3f:ee:ff:90:ba:92:f0:0a:
94:ab:94:a1:80:62:5f:c8:37:27:ee:dd:da:5d:d3:06:09:8d:
4d:54:25:78:5a:9e:af:2e:0d:5f:65:fb:1f:a3:fc:29:ee:f6:
74:0c:88:45:da:47:cc:3c:7d:90:2b:75:d7:4e:b6:fd:85:9c:
63:96:0d:c5:46:af:dc:64:08:82:93:85:1e:a7:cc:d4:63:22:
29:63:c6:8a:3f:78:66:02:68:fc:fe:52:d4:f2:9c:a5:3c:6b:
96:e2:74:79:b9:51:64:e7:7d:ef:16:8e:f6:d8:21:b3:73:ba:
13:b0:4d:90:2a:5f:da:1f:66:9a:93:48:11:e0:a9:4f:b3:78:
56:e8:e3:42:0e:47:c7:cc:c2:40:9d:5b:db:eb:cd:04:4d:b5:
ed:90:9c:44:28:24:d6:a2:cb:5a:64:ba:b4:97:6e:b8:e8:34:
f8:5a:2f:3b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJBWnoG55GPW+1yTTLTuguVnmkNowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDE0MDAwMDAwWhcNMjQxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzN2RhODJhNmNhNTBlYzMwMjhlNzA2MDE2ZDFhMjA4OTQ4
ZmQ2ODNhOGFlZTU2NWM5NzUzNmEyZGE1M2ViMjI4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTkgpDYdtC4hcf5VHQIOjRvRowttZ3jgMRPeoehQHO8upc
xQdBNc/8gGPxfwG4MLj21GSEODlUTb/qrnd7GdJmNGsDNdgYrAh3uE9jNlHAPOrq
gDlB2LamUhv1I6Km5F0M2c860d7ysBHkxbo1Jqy0FgdcM94DzDKvWhflqHDYtd3I
VVB8CDhWb6DdSG+/x2lC0U6WjRiQUloJ8T9cbIDoErCL9bxCOYf1zZm/6ntyhwMi
HYuTcbQ8V2d3zHckR56/7CMEeZHnz6+S5Pdgni+DM+cnUDYw9hdbd2YggYMxhYoY
NOSCX+NP+X4qx3gQ0Cs3TANijVA+2w23ljn4sFkVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUG2pmWubyEh+qE/qbUXLAPmxbnVswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IxNGVmMmY3LTVlNjEtNDE2NS05YzIwLTk1OTI4ZWI5OGNkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABZRgvMUYwr1BbY50hRKvYszEEa3
LWRg46lyP2IOd3c2dOxF50aho77eaOcEeiz6tH2G0geC9Bls2ImP+h2X5/3V9wYy
Lf7VvmUcLJHbhSbDA/4/7v+QupLwCpSrlKGAYl/INyfu3dpd0wYJjU1UJXhanq8u
DV9l+x+j/Cnu9nQMiEXaR8w8fZArdddOtv2FnGOWDcVGr9xkCIKThR6nzNRjIilj
xoo/eGYCaPz+UtTynKU8a5bidHm5UWTnfe8WjvbYIbNzuhOwTZAqX9ofZpqTSBHg
qU+zeFbo40IOR8fMwkCdW9vrzQRNte2QnEQoJNaiy1pkurSXbrjoNPhaLzs=
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:53:27 2025 by rpki-client