Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6358bc3-7956-47c1-bf57-a4912afbd706.roa
File: b6358bc3-7956-47c1-bf57-a4912afbd706.roa (raw, json)
Hash identifier: djK8QNVSy6K+qjrw57AW9fU72YD2dGjAIEV6ksmghoo=
Subject key identifier: 52:42:29:1D:41:A3:89:DD:F7:E2:FA:3C:DC:CB:1B:E9:69:79:18:49
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2EEA1AE3B6821BB2E410B10535C2ADDA6AD1B2B9
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6358bc3-7956-47c1-bf57-a4912afbd706.roa
Signing time: Mon 06 Nov 2023 00:00:00 +0000
ROA not before: Mon 06 Nov 2023 00:00:00 +0000
ROA not after: Mon 11 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:ea:1a:e3:b6:82:1b:b2:e4:10:b1:05:35:c2:ad:da:6a:d1:b2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 6 00:00:00 2023 GMT
Not After : Dec 11 23:59:59 2023 GMT
Subject: serialNumber=8ca0c81a55472f3041349a7dfed5634c2d74256adeec4503ab3007fb46426652, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:56:00:18:69:16:4b:dc:73:d4:25:70:9c:90:
ed:2e:10:77:86:f6:51:d6:e9:2e:8a:9f:18:80:a4:
ca:5a:23:91:cd:bd:25:aa:a9:3d:ad:e4:13:16:89:
f6:85:24:8c:7a:1b:16:17:3d:13:e9:8b:70:3c:39:
fe:50:c1:e0:2e:f2:89:f1:d8:3d:13:22:41:13:79:
b1:fb:43:44:2a:45:27:90:f6:c8:b2:4b:9e:3d:ce:
3a:64:cf:7d:89:64:c7:8f:30:99:5f:a9:49:d6:f0:
4f:6b:4d:0a:bc:8f:6e:f8:72:a3:80:19:79:94:97:
a5:2d:ca:fd:3f:9c:d0:48:56:fb:66:fd:01:13:45:
68:f4:44:52:cf:85:0f:0f:f8:13:ac:0d:f1:69:e4:
3e:56:09:5c:66:a7:23:2b:db:dc:74:d7:65:bf:12:
d6:a3:22:32:f6:f4:f3:6d:11:70:35:e4:0c:43:c5:
c6:dc:36:b8:1b:8a:d3:29:93:10:b1:01:fa:0f:28:
78:07:f4:29:57:57:86:24:23:be:33:bd:4e:3a:e0:
c1:1d:c0:e5:d6:c0:56:dd:3f:1b:14:b9:32:f4:4c:
7f:02:4f:8e:d4:e3:68:09:ac:58:8f:69:cf:42:a9:
a0:e2:30:4d:bf:0b:05:ae:d0:ee:ee:f9:f4:a9:9e:
87:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:42:29:1D:41:A3:89:DD:F7:E2:FA:3C:DC:CB:1B:E9:69:79:18:49
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6358bc3-7956-47c1-bf57-a4912afbd706.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
02:c5:ba:1f:bf:68:0e:6c:a2:02:de:92:0d:0f:8d:1b:cc:f6:
46:61:fe:1a:41:65:30:87:09:b4:46:11:7e:11:e7:72:81:b1:
d2:e6:a3:64:c7:9f:ac:e5:d1:5e:03:97:4d:6a:f3:4a:8e:7f:
8a:9c:0e:e3:d1:f5:9b:37:42:c7:6e:0d:17:62:20:6a:77:53:
95:be:de:74:55:76:37:4d:fe:3b:d1:be:4c:5d:c0:1c:f4:03:
a4:6a:52:fa:dd:a6:0b:d5:74:a9:02:48:16:7e:06:0e:85:7c:
eb:ba:ab:da:37:9b:00:ca:46:d5:4b:b0:91:8e:20:44:9b:c0:
64:13:ae:88:ff:63:2b:1a:5f:3b:3d:62:29:8a:45:ee:55:e8:
fa:dd:d3:4a:a4:d7:5b:12:0c:73:37:dd:08:e4:80:e1:4c:63:
18:3a:e4:20:c5:d0:42:0f:ca:f6:28:cb:4f:d7:b1:7a:4c:57:
3c:08:ce:65:4d:62:a7:f9:a1:f7:98:de:2d:dc:82:4c:69:cc:
b2:ea:af:b3:c4:1e:02:11:18:e4:fa:c1:28:0f:bd:c6:24:5a:
18:e3:42:0f:7d:35:d3:9f:15:7f:83:1a:d4:52:90:17:2f:74:
89:16:a7:08:eb:3c:db:ee:42:fb:fe:64:9d:c4:95:66:3e:2e:
78:5d:31:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULuoa47aCG7LkELEFNcKt2mrRsrkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTA2MDAwMDAwWhcNMjMxMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A4Y2EwYzgxYTU1NDcyZjMwNDEzNDlhN2RmZWQ1NjM0YzJk
NzQyNTZhZGVlYzQ1MDNhYjMwMDdmYjQ2NDI2NjUyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJVgAYaRZL3HPUJXCckO0uEHeG9lHW6S6KnxiApMpaI5HN
vSWqqT2t5BMWifaFJIx6GxYXPRPpi3A8Of5QweAu8onx2D0TIkETebH7Q0QqRSeQ
9siyS549zjpkz32JZMePMJlfqUnW8E9rTQq8j274cqOAGXmUl6Utyv0/nNBIVvtm
/QETRWj0RFLPhQ8P+BOsDfFp5D5WCVxmpyMr29x012W/EtajIjL29PNtEXA15AxD
xcbcNrgbitMpkxCxAfoPKHgH9ClXV4YkI74zvU464MEdwOXWwFbdPxsUuTL0TH8C
T47U42gJrFiPac9CqaDiME2/CwWu0O7u+fSpnoefAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUkIpHUGjid334vo83Msb6Wl5GEkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I2MzU4YmMzLTc5NTYtNDdjMS1iZjU3LWE0OTEyYWZiZDcwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAALFuh+/aA5sogLekg0PjRvM9kZh
/hpBZTCHCbRGEX4R53KBsdLmo2THn6zl0V4Dl01q80qOf4qcDuPR9Zs3QsduDRdi
IGp3U5W+3nRVdjdN/jvRvkxdwBz0A6RqUvrdpgvVdKkCSBZ+Bg6FfOu6q9o3mwDK
RtVLsJGOIESbwGQTroj/YysaXzs9YimKRe5V6Prd00qk11sSDHM33QjkgOFMYxg6
5CDF0EIPyvYoy0/XsXpMVzwIzmVNYqf5ofeY3i3cgkxpzLLqr7PEHgIRGOT6wSgP
vcYkWhjjQg99NdOfFX+DGtRSkBcvdIkWpwjrPNvuQvv+ZJ3ElWY+LnhdMYE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:25:38 2025 by rpki-client