Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6956bcc-fe11-434a-9f1c-1d3e4d3fe289.roa
File: b6956bcc-fe11-434a-9f1c-1d3e4d3fe289.roa (raw, json)
Hash identifier: 40R42cBzzZVYJ1NQC/3iS0KGU75OvDkChJnxkRijS8g=
Subject key identifier: FB:3E:1A:E6:F1:6E:8D:3A:44:89:BE:63:9A:28:A0:F9:55:92:D3:64
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 08CAE72F45A4C05407B566354CC0E3CE4AC022BD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6956bcc-fe11-434a-9f1c-1d3e4d3fe289.roa
Signing time: Wed 12 Mar 2025 15:03:13 +0000
ROA not before: Wed 12 Mar 2025 15:03:13 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ca:e7:2f:45:a4:c0:54:07:b5:66:35:4c:c0:e3:ce:4a:c0:22:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 12 15:03:13 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: serialNumber=de6da7e1f47420d69cc5dd6dae8cc074e1b725e7f81d7cdde3fbb63c5d1f44d8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:09:05:0e:3e:cb:dc:58:eb:a9:52:50:0e:0f:
08:06:0e:e9:9c:49:d2:9f:fb:d5:9f:cf:a7:d4:7d:
6b:a6:fe:15:6c:13:62:08:9f:5e:10:a3:9a:e9:bb:
fa:e7:88:23:ab:7b:e9:e1:f9:5c:95:c7:f8:0b:43:
b2:54:6a:0e:c8:e2:c4:6f:12:2c:83:36:f1:ae:40:
2f:08:9c:24:67:2b:d2:b1:3f:52:a0:e9:2e:c8:1d:
a4:00:02:87:bf:c2:a7:31:d8:9b:17:36:cf:d0:e3:
36:36:f6:82:8a:48:e4:18:6b:ed:b2:92:2f:a0:31:
05:f5:c5:47:8d:d5:ec:e4:6a:09:2c:fa:da:04:f5:
84:43:a6:8b:e7:95:fb:4a:79:da:6f:ac:d4:8a:cf:
6f:af:13:86:a4:45:58:59:f5:9e:00:f5:8a:67:90:
5a:97:78:2c:e7:ac:c5:9d:49:64:35:28:e1:9b:8d:
95:79:3f:56:c2:af:75:55:77:af:0f:42:e4:73:0a:
96:0d:42:8f:65:60:30:4c:56:29:c6:19:ee:2d:a3:
66:37:d8:ed:0a:95:73:42:19:37:0d:a1:2e:3f:34:
fe:e7:27:7e:8b:b0:0d:89:74:07:02:cf:f5:e0:4b:
61:a8:3e:1a:14:32:4f:fb:46:c3:25:7c:0b:03:d3:
8f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3E:1A:E6:F1:6E:8D:3A:44:89:BE:63:9A:28:A0:F9:55:92:D3:64
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6956bcc-fe11-434a-9f1c-1d3e4d3fe289.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:ce:7d:53:a5:de:3a:83:b5:a7:c3:37:d6:c4:12:b7:f0:60:
11:ec:7b:70:6e:a2:50:d0:c0:df:6f:14:23:14:4e:19:71:4e:
40:59:c0:49:94:a6:e2:ee:e2:e3:83:6d:c5:72:3b:88:9f:03:
06:3e:03:bb:7b:08:41:9b:c3:fe:dd:c1:0d:d6:7c:27:54:1f:
05:8b:db:92:3d:58:3f:83:d4:88:1e:c8:4f:fe:c9:66:db:da:
72:a2:d5:c1:5f:c6:22:85:3e:5e:98:be:a3:eb:a8:a5:9d:b4:
6c:b8:b8:d3:95:90:c0:3b:fe:95:f9:1e:08:1e:b0:d3:c2:f2:
ac:c3:fb:74:b0:f1:ba:a4:2a:fa:6a:9f:82:39:ee:68:6a:54:
ae:ac:29:8d:04:a7:58:44:7e:e6:b9:5b:51:03:bb:c7:9e:90:
47:89:14:66:4b:b7:46:a0:93:03:d2:8c:d8:8a:50:b7:01:da:
80:bb:f2:02:9f:19:f9:d0:72:8f:7f:c5:f3:c6:ec:04:ec:23:
df:e1:33:38:0f:d1:d7:75:88:54:cf:5b:35:4c:8b:b2:c9:79:
26:9f:a1:6b:1d:05:f7:66:e4:04:0e:ce:e9:98:a2:b5:a0:06:
53:a4:4c:37:24:b6:dd:e0:ed:f7:a6:53:cb:0d:a6:7e:93:d8:
ba:87:c6:f7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCMrnL0WkwFQHtWY1TMDjzkrAIr0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzEyMTUwMzEzWhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTZkYTdlMWY0NzQyMGQ2OWNjNWRkNmRhZThjYzA3NGUx
YjcyNWU3ZjgxZDdjZGRlM2ZiYjYzYzVkMWY0NGQ4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwCQUOPsvcWOupUlAODwgGDumcSdKf+9Wfz6fUfWum/hVs
E2IIn14Qo5rpu/rniCOre+nh+VyVx/gLQ7JUag7I4sRvEiyDNvGuQC8InCRnK9Kx
P1Kg6S7IHaQAAoe/wqcx2JsXNs/Q4zY29oKKSOQYa+2yki+gMQX1xUeN1ezkagks
+toE9YRDpovnlftKedpvrNSKz2+vE4akRVhZ9Z4A9YpnkFqXeCznrMWdSWQ1KOGb
jZV5P1bCr3VVd68PQuRzCpYNQo9lYDBMVinGGe4to2Y32O0KlXNCGTcNoS4/NP7n
J36LsA2JdAcCz/XgS2GoPhoUMk/7RsMlfAsD048BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+z4a5vFujTpEib5jmiig+VWS02QwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I2OTU2YmNjLWZlMTEtNDM0YS05ZjFjLTFkM2U0ZDNmZTI4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAErOfVOl3jqDtafDN9bEErfwYBHs
e3BuolDQwN9vFCMUThlxTkBZwEmUpuLu4uODbcVyO4ifAwY+A7t7CEGbw/7dwQ3W
fCdUHwWL25I9WD+D1IgeyE/+yWbb2nKi1cFfxiKFPl6YvqPrqKWdtGy4uNOVkMA7
/pX5HggesNPC8qzD+3Sw8bqkKvpqn4I57mhqVK6sKY0Ep1hEfua5W1EDu8eekEeJ
FGZLt0agkwPSjNiKULcB2oC78gKfGfnQco9/xfPG7ATsI9/hMzgP0dd1iFTPWzVM
i7LJeSafoWsdBfdm5AQOzumYorWgBlOkTDcktt3g7femU8sNpn6T2LqHxvc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:56:31 2025 by rpki-client