Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b18a57b2-d95a-46a9-968b-2f517bf34d61.roa
File: b18a57b2-d95a-46a9-968b-2f517bf34d61.roa (raw, json)
Hash identifier: AubaKgx7r1v1Tko+IeM7vpapbRXI2PiKJF5J0wYGR4M=
Subject key identifier: 87:09:68:9D:92:18:EE:F2:5F:7D:03:C0:53:95:30:E4:49:F7:D2:15
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 66838A2E6B8735CE0EE783B654612082BAE1927D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b18a57b2-d95a-46a9-968b-2f517bf34d61.roa
Signing time: Mon 11 Dec 2023 00:00:00 +0000
ROA not before: Mon 11 Dec 2023 00:00:00 +0000
ROA not after: Mon 15 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:83:8a:2e:6b:87:35:ce:0e:e7:83:b6:54:61:20:82:ba:e1:92:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 11 00:00:00 2023 GMT
Not After : Jan 15 23:59:59 2024 GMT
Subject: serialNumber=2ed2bfd315a25bad83285f5f4d490ccd1a8e7dccf5da587ea82034ead8b7e7d1, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a8:09:46:c3:fc:17:2d:bf:d7:95:1c:15:cf:
52:e9:70:3d:58:78:38:e7:e6:19:72:d6:dd:50:f9:
de:84:7c:4e:18:1b:d5:89:6e:b6:f6:1d:0a:77:89:
4a:38:19:ab:5d:7d:21:45:74:64:a2:07:58:e0:57:
7f:9e:4d:31:32:3e:dc:54:b8:10:c9:4b:38:83:06:
ae:4b:68:f6:c6:37:33:42:45:7a:04:c7:72:b9:19:
5d:8c:c1:8b:38:65:c0:81:de:a9:1d:28:9d:ef:04:
e9:5e:00:f0:62:dd:d3:62:dc:c5:aa:00:22:0b:41:
91:bc:ae:38:ec:de:9e:97:57:b7:d2:b8:16:55:3b:
9a:20:20:d7:8f:9b:b8:b7:09:83:0a:39:89:7b:cc:
99:18:e1:a6:e5:8e:ef:ca:52:c9:55:91:0b:40:9b:
6b:14:be:40:63:18:16:f9:af:32:2c:a4:13:64:7c:
1f:1b:82:7d:f8:7b:15:30:fe:d9:74:49:ef:5b:32:
24:e6:09:14:5d:68:ea:4e:09:36:1a:93:0e:5f:4b:
f7:59:11:a4:dc:08:a1:59:9f:47:3c:73:a7:6a:7a:
34:2d:13:03:c7:11:66:26:47:23:40:4b:55:23:02:
5d:0a:a4:c9:c4:d8:7a:f9:e1:e2:99:94:2d:34:1d:
b2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:09:68:9D:92:18:EE:F2:5F:7D:03:C0:53:95:30:E4:49:F7:D2:15
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b18a57b2-d95a-46a9-968b-2f517bf34d61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
61:5f:5d:c8:04:4f:92:24:e6:e7:8b:98:0f:dd:69:52:e7:b1:
ba:ed:4b:35:4e:55:e2:77:44:74:7d:c6:c1:06:59:4a:15:c9:
dd:0b:73:28:6d:5b:17:35:27:04:f7:16:35:ea:05:ce:c3:2a:
97:b3:e8:57:55:e3:7d:9e:4b:89:e6:56:1e:91:ee:e4:f7:4d:
4c:1d:ca:67:67:4b:73:68:14:20:27:c8:49:55:0b:a5:b7:8e:
7c:ab:41:ab:22:63:1b:d4:f2:3e:c2:35:20:b8:2c:bb:06:43:
bb:85:a6:b2:31:74:d8:06:7c:b1:b1:5a:c3:69:12:dd:8c:97:
d4:08:1b:db:09:32:02:75:07:78:fb:21:8b:64:1a:7d:61:21:
07:52:36:51:f8:3c:17:d2:90:88:57:fe:4c:8f:a4:d8:be:34:
d8:21:80:3a:f2:47:9b:b9:09:0e:2f:47:aa:89:7a:77:bd:b6:
c3:c6:90:c6:f6:f0:42:00:69:ca:33:47:d8:c7:02:10:7f:01:
ea:02:d5:04:18:81:2b:9a:47:e1:2f:70:5c:69:80:90:53:af:
c7:af:32:67:f1:8b:67:af:41:fb:1e:63:88:6e:52:f1:52:d5:
2f:eb:94:23:8f:fb:7c:a6:08:1c:21:35:b8:23:de:a8:3f:98:
9b:58:c1:5c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZoOKLmuHNc4O54O2VGEggrrhkn0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjExMDAwMDAwWhcNMjQwMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZWQyYmZkMzE1YTI1YmFkODMyODVmNWY0ZDQ5MGNjZDFh
OGU3ZGNjZjVkYTU4N2VhODIwMzRlYWQ4YjdlN2QxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9qAlGw/wXLb/XlRwVz1LpcD1YeDjn5hly1t1Q+d6EfE4Y
G9WJbrb2HQp3iUo4GatdfSFFdGSiB1jgV3+eTTEyPtxUuBDJSziDBq5LaPbGNzNC
RXoEx3K5GV2MwYs4ZcCB3qkdKJ3vBOleAPBi3dNi3MWqACILQZG8rjjs3p6XV7fS
uBZVO5ogINePm7i3CYMKOYl7zJkY4ablju/KUslVkQtAm2sUvkBjGBb5rzIspBNk
fB8bgn34exUw/tl0Se9bMiTmCRRdaOpOCTYakw5fS/dZEaTcCKFZn0c8c6dqejQt
EwPHEWYmRyNAS1UjAl0KpMnE2Hr54eKZlC00HbJ1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhwlonZIY7vJffQPAU5Uw5En30hUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IxOGE1N2IyLWQ5NWEtNDZhOS05NjhiLTJmNTE3YmYzNGQ2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGFfXcgET5Ik5ueLmA/daVLnsbrt
SzVOVeJ3RHR9xsEGWUoVyd0LcyhtWxc1JwT3FjXqBc7DKpez6FdV432eS4nmVh6R
7uT3TUwdymdnS3NoFCAnyElVC6W3jnyrQasiYxvU8j7CNSC4LLsGQ7uFprIxdNgG
fLGxWsNpEt2Ml9QIG9sJMgJ1B3j7IYtkGn1hIQdSNlH4PBfSkIhX/kyPpNi+NNgh
gDryR5u5CQ4vR6qJene9tsPGkMb28EIAacozR9jHAhB/AeoC1QQYgSuaR+EvcFxp
gJBTr8evMmfxi2evQfseY4huUvFS1S/rlCOP+3ymCBwhNbgj3qg/mJtYwVw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:45:07 2025 by rpki-client