Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b802b554-c691-49e2-90c6-d51cc13276f1.roa
File: b802b554-c691-49e2-90c6-d51cc13276f1.roa (raw, json)
Hash identifier: 0wv+zARsEfAwNcJFsNA7eC/ZOek6uL9Dz27VCgCGT6k=
Subject key identifier: AA:1D:B0:43:06:7F:56:A6:C3:CF:42:B4:A6:87:67:88:F9:B2:19:AB
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6EC2B9A373C54882599C99BB45553801340D651D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b802b554-c691-49e2-90c6-d51cc13276f1.roa
Signing time: Thu 21 Sep 2023 00:00:00 +0000
ROA not before: Thu 21 Sep 2023 00:00:00 +0000
ROA not after: Thu 26 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:c2:b9:a3:73:c5:48:82:59:9c:99:bb:45:55:38:01:34:0d:65:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 21 00:00:00 2023 GMT
Not After : Oct 26 23:59:59 2023 GMT
Subject: serialNumber=05654714bb3379d5c720d45692ca9401af0f25b4f46ee697c6f5b6911cac7d59, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ea:d4:00:fd:f2:81:3b:20:72:a0:6a:4a:69:
9b:46:50:ef:02:c8:12:51:0c:05:99:82:9f:48:44:
6e:1b:ce:bb:4a:61:04:d6:14:31:51:dd:f5:c5:fb:
44:c9:4e:af:ef:60:54:e5:fc:25:a5:ec:f7:5f:61:
b6:fd:9d:b1:e1:e4:aa:09:32:ae:fa:95:7c:57:96:
1d:53:d4:cb:58:21:cc:18:a2:ab:db:38:b6:e9:65:
ec:59:77:14:b9:c8:fc:f7:47:72:ee:59:fe:4a:f0:
66:b8:a8:83:79:7f:86:45:42:a5:a5:a8:6d:7c:9d:
f3:38:a4:f4:c5:1d:a3:e3:48:50:e9:7f:ca:69:5a:
f9:09:43:b4:7a:77:1c:09:81:22:30:ed:6f:ac:77:
13:9f:0e:ed:fb:24:1b:41:f4:95:5f:2a:c9:31:42:
6d:59:07:2a:c2:9f:0d:08:28:69:b3:c1:d1:ba:08:
71:58:e3:99:19:ae:78:ba:53:37:a1:47:4b:e5:f3:
3d:b3:be:5c:39:dc:77:b9:67:a8:9e:2c:7d:4d:18:
53:13:bd:70:35:2d:8c:c5:1a:0a:be:e4:ea:ff:73:
97:37:15:e0:81:76:40:b6:26:44:b2:6f:ff:5e:0f:
e6:22:0b:54:0c:64:ef:8a:45:2a:ab:7c:0c:9c:60:
1a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1D:B0:43:06:7F:56:A6:C3:CF:42:B4:A6:87:67:88:F9:B2:19:AB
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b802b554-c691-49e2-90c6-d51cc13276f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
25:01:bc:f2:ef:22:26:23:6b:c3:1c:74:eb:88:14:c6:95:c3:
5a:28:19:ba:ec:dc:f6:92:a6:4d:dc:a8:e4:1f:71:f9:1a:16:
3d:c1:d2:35:75:07:f3:02:cd:38:b7:aa:29:95:b0:05:ee:9c:
bb:d6:e4:ca:37:da:67:a3:13:95:bc:6d:5e:3f:8c:ae:62:d8:
60:38:e9:d4:1c:5f:eb:d2:82:a0:fa:26:2c:2f:8f:05:6e:03:
cc:61:cf:07:9c:8e:c1:0b:2d:36:9d:63:0e:76:d7:47:f7:57:
e9:95:75:43:3e:1b:96:0f:04:1e:99:51:bd:ec:c3:5c:64:98:
20:21:c4:ed:9e:8b:6c:91:81:d0:56:85:5c:6e:68:12:9e:db:
dd:2d:55:c4:bb:24:1e:a8:5e:f7:42:7c:fd:a3:70:e7:90:08:
01:3c:32:da:37:94:2a:18:4b:6f:08:21:6b:5a:d3:19:bb:2d:
24:4c:b2:a2:03:b0:3f:15:75:92:15:5c:6c:0c:0b:71:5f:e3:
03:b5:09:cc:28:cd:2b:32:9c:48:85:53:d8:37:28:2b:b0:58:
90:ad:b0:c3:8d:53:51:17:44:ce:80:3b:af:0b:c1:64:ad:a4:
7c:bb:2c:48:bf:5e:d8:ef:7a:4e:19:97:8d:4f:57:91:25:9e:
8b:6a:20:c1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbsK5o3PFSIJZnJm7RVU4ATQNZR0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTIxMDAwMDAwWhcNMjMxMDI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTY1NDcxNGJiMzM3OWQ1YzcyMGQ0NTY5MmNhOTQwMWFm
MGYyNWI0ZjQ2ZWU2OTdjNmY1YjY5MTFjYWM3ZDU5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCf6tQA/fKBOyByoGpKaZtGUO8CyBJRDAWZgp9IRG4bzrtK
YQTWFDFR3fXF+0TJTq/vYFTl/CWl7PdfYbb9nbHh5KoJMq76lXxXlh1T1MtYIcwY
oqvbOLbpZexZdxS5yPz3R3LuWf5K8Ga4qIN5f4ZFQqWlqG18nfM4pPTFHaPjSFDp
f8ppWvkJQ7R6dxwJgSIw7W+sdxOfDu37JBtB9JVfKskxQm1ZByrCnw0IKGmzwdG6
CHFY45kZrni6UzehR0vl8z2zvlw53He5Z6ieLH1NGFMTvXA1LYzFGgq+5Or/c5c3
FeCBdkC2JkSyb/9eD+YiC1QMZO+KRSqrfAycYBrnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqh2wQwZ/VqbDz0K0podniPmyGaswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I4MDJiNTU0LWM2OTEtNDllMi05MGM2LWQ1MWNjMTMyNzZmMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACUBvPLvIiYja8McdOuIFMaVw1oo
Gbrs3PaSpk3cqOQfcfkaFj3B0jV1B/MCzTi3qimVsAXunLvW5Mo32mejE5W8bV4/
jK5i2GA46dQcX+vSgqD6JiwvjwVuA8xhzwecjsELLTadYw5210f3V+mVdUM+G5YP
BB6ZUb3sw1xkmCAhxO2ei2yRgdBWhVxuaBKe290tVcS7JB6oXvdCfP2jcOeQCAE8
Mto3lCoYS28IIWta0xm7LSRMsqIDsD8VdZIVXGwMC3Ff4wO1CcwozSsynEiFU9g3
KCuwWJCtsMONU1EXRM6AO68LwWStpHy7LEi/Xtjvek4Zl41PV5ElnotqIME=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:10:26 2025 by rpki-client