Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b7096978-4f4a-43ed-8003-4969221986b2.roa
File: b7096978-4f4a-43ed-8003-4969221986b2.roa (raw, json)
Hash identifier: 1zXbFg7/37PduZBhrTzZ8f557cRMqEDtfaO5cbZdH6Q=
Subject key identifier: 1D:FF:5D:0F:0A:4B:DE:3C:07:26:69:B8:2C:06:A1:E3:DA:A5:B8:8B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 1B43BF04D67F7A5029B658ADC46883CD8C6760E3
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b7096978-4f4a-43ed-8003-4969221986b2.roa
Signing time: Tue 17 Oct 2023 00:00:00 +0000
ROA not before: Tue 17 Oct 2023 00:00:00 +0000
ROA not after: Tue 21 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:43:bf:04:d6:7f:7a:50:29:b6:58:ad:c4:68:83:cd:8c:67:60:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 17 00:00:00 2023 GMT
Not After : Nov 21 23:59:59 2023 GMT
Subject: serialNumber=64f1675c79e33bf592cdd72f8aeae859d5f9f80f53895c15dc235c88deb19125, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:27:c0:68:60:ad:0a:64:0f:c1:62:01:c1:
b4:99:6f:fd:62:e1:79:c0:5b:49:86:0e:b5:31:f4:
c1:66:28:00:1b:d6:2b:61:f8:3a:77:e6:6c:a2:ce:
97:f2:b6:a5:38:76:44:73:76:9d:de:e1:de:85:fd:
37:e0:a3:f9:b2:05:a3:18:78:42:9e:39:a5:79:0e:
81:14:88:4e:c5:6b:fa:ca:07:98:00:2f:66:4f:85:
a6:7b:a1:f8:95:a8:f1:01:80:07:9e:c3:aa:9f:7e:
46:5c:57:fe:33:1f:37:83:fd:86:05:49:c7:8d:0c:
e7:a7:3d:94:63:5c:2e:ec:c4:02:b1:e2:53:60:08:
e7:15:3f:7a:63:63:97:0c:b6:7b:63:49:ab:f9:85:
05:98:54:30:f6:eb:1c:aa:76:b0:d4:41:16:a8:f3:
79:c2:e8:6a:52:b5:e1:bf:34:0f:da:69:16:ad:d1:
2d:bc:15:27:37:07:82:fc:2e:47:f4:e9:38:ca:b2:
27:5e:bf:98:7c:90:73:29:b7:96:dc:e4:13:c8:98:
1b:18:7b:4d:9d:8f:90:65:08:c3:62:b7:b1:c6:f5:
64:56:96:78:66:c7:be:60:5f:01:4b:5e:89:74:01:
cb:1d:49:db:65:85:58:07:6a:6c:6e:ed:42:8c:ed:
2a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FF:5D:0F:0A:4B:DE:3C:07:26:69:B8:2C:06:A1:E3:DA:A5:B8:8B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b7096978-4f4a-43ed-8003-4969221986b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
43:21:06:be:db:51:55:bf:b0:24:10:0d:98:c6:72:05:55:7a:
04:75:e9:70:10:2a:b8:15:08:e4:60:7d:ca:13:65:7f:de:17:
b1:3e:b9:a9:64:fa:15:14:64:63:a0:03:b6:70:8b:9a:8a:a7:
40:c4:90:4c:50:94:1b:c9:29:b9:b1:4f:b2:b4:1a:1b:f8:6b:
aa:7b:0a:5b:76:5f:8a:a0:73:02:6f:cc:14:9e:25:89:79:a7:
21:19:75:f2:01:ce:b4:19:4e:9b:ec:9d:b6:9d:b8:9c:96:3e:
81:2e:8b:1e:da:4b:39:14:d8:a6:1c:42:24:48:5a:97:90:0f:
01:71:88:5f:58:90:8a:46:07:47:fe:2c:91:a0:50:b1:9e:e3:
fb:24:5f:69:6f:f5:f9:e5:fe:a7:ac:72:99:db:5b:2c:b7:d8:
0d:47:41:15:53:27:bf:31:9f:13:11:b7:64:1c:ad:5a:ce:aa:
22:a3:66:2f:78:d0:bb:1a:42:9a:27:b1:0b:f8:79:c3:e0:24:
4f:84:cb:df:f3:cd:36:09:c1:ca:f9:ba:81:96:32:23:7b:3d:
fd:b3:28:06:71:f0:d6:af:7c:87:e0:b1:4a:62:aa:f9:14:c3:
7f:f7:93:4f:bb:9f:71:85:87:8f:53:3c:8c:66:ed:3d:b9:78:
b3:d3:2c:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG0O/BNZ/elAptlitxGiDzYxnYOMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDE3MDAwMDAwWhcNMjMxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NGYxNjc1Yzc5ZTMzYmY1OTJjZGQ3MmY4YWVhZTg1OWQ1
ZjlmODBmNTM4OTVjMTVkYzIzNWM4OGRlYjE5MTI1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCIaSfAaGCtCmQPwWIBwbSZb/1i4XnAW0mGDrUx9MFmKAAb
1ith+Dp35myizpfytqU4dkRzdp3e4d6F/Tfgo/myBaMYeEKeOaV5DoEUiE7Fa/rK
B5gAL2ZPhaZ7ofiVqPEBgAeew6qffkZcV/4zHzeD/YYFSceNDOenPZRjXC7sxAKx
4lNgCOcVP3pjY5cMtntjSav5hQWYVDD26xyqdrDUQRao83nC6GpSteG/NA/aaRat
0S28FSc3B4L8Lkf06TjKsidev5h8kHMpt5bc5BPImBsYe02dj5BlCMNit7HG9WRW
lnhmx75gXwFLXol0AcsdSdtlhVgHamxu7UKM7SpnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHf9dDwpL3jwHJmm4LAah49qluIswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I3MDk2OTc4LTRmNGEtNDNlZC04MDAzLTQ5NjkyMjE5ODZiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEMhBr7bUVW/sCQQDZjGcgVVegR1
6XAQKrgVCORgfcoTZX/eF7E+ualk+hUUZGOgA7Zwi5qKp0DEkExQlBvJKbmxT7K0
Ghv4a6p7Clt2X4qgcwJvzBSeJYl5pyEZdfIBzrQZTpvsnbaduJyWPoEuix7aSzkU
2KYcQiRIWpeQDwFxiF9YkIpGB0f+LJGgULGe4/skX2lv9fnl/qescpnbWyy32A1H
QRVTJ78xnxMRt2QcrVrOqiKjZi940LsaQponsQv4ecPgJE+Ey9/zzTYJwcr5uoGW
MiN7Pf2zKAZx8NavfIfgsUpiqvkUw3/3k0+7n3GFh49TPIxm7T25eLPTLHs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:42:13 2025 by rpki-client