Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6a95497-18e0-4ea8-83f8-5a3351b26a6e.roa
File: b6a95497-18e0-4ea8-83f8-5a3351b26a6e.roa (raw, json)
Hash identifier: j30jXq3/ZPeeRe718wFcnfSEUflOkuvV/AFYTVSlkfE=
Subject key identifier: 3A:3E:9A:85:07:B7:BB:46:CB:BF:AC:E6:F6:48:B1:47:62:32:37:06
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5E8C9944D5236B9D2188FCD13EAE823809174353
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6a95497-18e0-4ea8-83f8-5a3351b26a6e.roa
Signing time: Wed 19 Mar 2025 13:08:19 +0000
ROA not before: Wed 19 Mar 2025 13:08:19 +0000
ROA not after: Wed 23 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:8c:99:44:d5:23:6b:9d:21:88:fc:d1:3e:ae:82:38:09:17:43:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 19 13:08:19 2025 GMT
Not After : Apr 23 23:59:59 2025 GMT
Subject: serialNumber=fcfa148b36055339c012f667c01248359b60f153f81d8edfc5fc69236f70a5ff, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d0:52:74:33:be:a0:9b:6e:58:07:80:a8:36:
b3:fa:5b:52:45:08:64:ec:df:5b:cf:d8:5c:9a:e3:
94:39:87:9d:d6:01:3b:1d:22:26:a6:91:0c:92:11:
38:73:1c:86:6c:fe:6f:fb:7d:cc:53:05:a8:2d:59:
68:2a:9b:8a:09:48:25:33:a2:9b:14:5a:0f:72:4e:
43:cd:66:8c:f4:a1:3b:30:89:07:51:25:eb:b9:dc:
7b:27:81:eb:27:3e:00:27:dc:34:53:eb:c7:8b:1c:
ae:9f:f5:9c:96:74:1a:d3:d1:c5:99:8a:24:3f:d2:
e5:40:1f:5e:51:ae:9e:a4:68:a6:6c:2e:26:61:47:
e9:49:03:70:91:16:51:49:1d:e8:3d:35:e4:7f:87:
78:37:d6:6d:bd:5c:80:10:83:25:72:07:e7:33:3f:
82:94:22:36:ad:6a:10:33:ac:9b:f0:b7:f8:e1:06:
55:9a:b1:d5:ad:c4:e5:6d:38:7c:0d:fb:38:e6:bf:
7b:55:3c:28:71:9b:f6:1b:1d:df:e3:81:61:19:0e:
99:a6:26:41:c1:26:86:b6:68:8e:ae:f0:8a:9d:61:
8b:34:55:ce:60:9f:3d:05:74:44:ae:a1:04:6b:fd:
6e:10:35:58:c7:b9:b2:71:e6:36:57:7e:25:3f:96:
67:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3E:9A:85:07:B7:BB:46:CB:BF:AC:E6:F6:48:B1:47:62:32:37:06
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b6a95497-18e0-4ea8-83f8-5a3351b26a6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
69:f5:b1:aa:08:e2:a5:46:5c:01:55:5c:9b:97:55:49:82:eb:
b1:d3:6f:bd:c6:1a:6a:83:1a:cc:a3:21:44:51:36:31:ba:fc:
59:4e:b1:94:07:1c:c9:b6:47:5d:11:c0:6d:b6:13:d3:db:d7:
81:e7:0d:f5:02:65:18:12:e9:03:0d:65:58:13:ae:ad:1f:b2:
31:e2:d0:ea:ad:15:d5:28:43:c1:0e:3b:cc:96:af:ce:19:c6:
2d:2f:3c:62:e1:1c:38:68:f5:73:e9:ef:0b:f5:16:d2:6d:bd:
09:78:cb:16:98:46:eb:38:ba:af:23:46:ac:c5:7f:b8:53:d3:
9b:bd:59:09:97:95:1b:6c:e1:c1:fd:ef:e7:56:0f:8f:d6:d4:
fc:42:55:f8:16:56:4a:0d:fa:2f:d1:3d:1e:b3:19:47:a0:92:
94:db:05:52:72:e6:0c:91:9c:53:e6:94:21:27:ba:e5:6b:30:
c2:3c:f2:82:77:99:d0:c2:6f:61:81:5d:d1:d4:5c:66:85:fe:
b5:8d:a7:b6:78:16:5c:f0:c9:1d:30:23:a0:69:fb:3a:21:31:
25:9c:48:54:7f:29:73:bb:86:56:3e:9b:72:51:29:b1:4e:fd:
33:88:52:73:ad:b5:99:7a:91:04:04:14:3d:d8:90:01:ce:a2:
89:51:c7:75
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXoyZRNUja50hiPzRPq6COAkXQ1MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzE5MTMwODE5WhcNMjUwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmY2ZhMTQ4YjM2MDU1MzM5YzAxMmY2NjdjMDEyNDgzNTli
NjBmMTUzZjgxZDhlZGZjNWZjNjkyMzZmNzBhNWZmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC90FJ0M76gm25YB4CoNrP6W1JFCGTs31vP2Fya45Q5h53W
ATsdIiamkQySEThzHIZs/m/7fcxTBagtWWgqm4oJSCUzopsUWg9yTkPNZoz0oTsw
iQdRJeu53HsngesnPgAn3DRT68eLHK6f9ZyWdBrT0cWZiiQ/0uVAH15Rrp6kaKZs
LiZhR+lJA3CRFlFJHeg9NeR/h3g31m29XIAQgyVyB+czP4KUIjatahAzrJvwt/jh
BlWasdWtxOVtOHwN+zjmv3tVPChxm/YbHd/jgWEZDpmmJkHBJoa2aI6u8IqdYYs0
Vc5gnz0FdESuoQRr/W4QNVjHubJx5jZXfiU/lmdjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOj6ahQe3u0bLv6zm9kixR2IyNwYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I2YTk1NDk3LTE4ZTAtNGVhOC04M2Y4LTVhMzM1MWIyNmE2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGn1saoI4qVGXAFVXJuXVUmC67HT
b73GGmqDGsyjIURRNjG6/FlOsZQHHMm2R10RwG22E9Pb14HnDfUCZRgS6QMNZVgT
rq0fsjHi0OqtFdUoQ8EOO8yWr84Zxi0vPGLhHDho9XPp7wv1FtJtvQl4yxaYRus4
uq8jRqzFf7hT05u9WQmXlRts4cH97+dWD4/W1PxCVfgWVkoN+i/RPR6zGUegkpTb
BVJy5gyRnFPmlCEnuuVrMMI88oJ3mdDCb2GBXdHUXGaF/rWNp7Z4FlzwyR0wI6Bp
+zohMSWcSFR/KXO7hlY+m3JRKbFO/TOIUnOttZl6kQQEFD3YkAHOoolRx3U=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:05:55 2025 by rpki-client