Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b8def044-8539-40dc-bca9-29d0e63f4da9.roa
File: b8def044-8539-40dc-bca9-29d0e63f4da9.roa (raw, json)
Hash identifier: grL6LLpZbxNCn2zk1VOlVQDRNGxc6YetI2uThpFUDjo=
Subject key identifier: 61:13:13:04:AD:D6:A2:96:91:65:A2:4C:BD:04:48:5B:24:EC:74:DC
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5EBB8A093304B14522144BE61FF18A729CC62E78
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b8def044-8539-40dc-bca9-29d0e63f4da9.roa
Signing time: Mon 15 Apr 2024 00:00:00 +0000
ROA not before: Mon 15 Apr 2024 00:00:00 +0000
ROA not after: Mon 20 May 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:bb:8a:09:33:04:b1:45:22:14:4b:e6:1f:f1:8a:72:9c:c6:2e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 15 00:00:00 2024 GMT
Not After : May 20 23:59:59 2024 GMT
Subject: serialNumber=a1710d46817f15afecb5d43c06c606a0eef5369bd80e25230d25dade1e490bb8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:b0:af:07:c8:37:aa:b4:fc:8a:53:78:25:
ca:87:88:40:53:4b:4e:d4:2d:10:2d:fe:90:11:cf:
8f:f6:5a:61:c2:d3:3f:dd:b1:20:c0:a9:36:ea:70:
a9:0a:9f:18:2e:3c:c5:57:c3:bd:da:c8:8c:f2:69:
5b:c2:44:49:53:7e:16:64:ce:f9:d1:8b:74:a8:f5:
46:3a:a8:a3:cf:b0:eb:0b:4f:9a:cf:86:d4:1b:77:
96:35:0c:5a:55:5d:4a:ad:65:9b:34:c2:aa:13:ee:
86:77:b1:08:62:85:96:04:f7:ad:c8:a5:a0:44:a6:
92:57:f5:2f:db:45:19:62:73:c5:b9:f2:4e:22:e4:
60:05:c7:18:1b:7c:92:30:73:fb:69:18:bf:08:f3:
6c:dd:70:74:bb:1e:12:08:a0:d2:2b:15:42:9e:a3:
0d:1c:ad:58:e4:92:10:14:52:95:e4:1c:a9:de:15:
7a:f7:63:c4:6d:ef:d1:67:2f:61:c3:fb:04:c6:78:
75:4d:1a:e8:fa:98:44:cd:98:d5:f9:b4:a1:f6:f6:
47:98:10:e8:42:a1:83:d9:4b:4f:68:9c:cb:8a:7c:
fe:f1:4b:98:3d:3b:22:b4:dc:89:ab:05:60:09:25:
c4:de:60:62:89:39:f2:94:5c:82:9a:ef:6d:51:5e:
c9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:13:13:04:AD:D6:A2:96:91:65:A2:4C:BD:04:48:5B:24:EC:74:DC
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b8def044-8539-40dc-bca9-29d0e63f4da9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:34:01:f6:9e:31:c2:9b:63:37:48:3b:3f:8a:65:11:18:ea:
06:20:4f:56:b3:9f:ff:9b:bb:98:48:e2:59:c5:a4:fa:82:12:
47:41:52:d8:5a:5d:3e:84:b8:32:7c:cf:81:38:b1:ee:26:42:
40:56:e5:07:ce:12:17:72:e2:c2:44:ba:7d:17:8c:d8:62:8e:
94:8b:09:39:c8:19:55:75:5d:60:7f:06:96:60:9c:cc:63:19:
4b:45:11:58:e5:18:79:bc:6a:16:b9:d6:62:92:17:e8:c4:28:
9f:6a:37:06:f1:e7:10:84:96:4b:ec:88:87:ff:33:d6:fb:ac:
46:fe:29:30:aa:8e:ec:fa:60:51:24:75:cb:61:c8:ee:29:cd:
98:ba:da:ea:74:5a:90:44:aa:20:69:a6:2d:5a:56:5d:90:04:
7d:36:1a:30:37:10:85:10:68:e8:1c:89:c0:b6:ee:83:eb:75:
20:98:4a:c1:f0:57:88:37:ed:24:ce:18:22:a2:83:c3:37:a3:
be:30:2f:a4:77:ab:ea:66:26:65:16:05:a7:b2:0f:e9:f7:c9:
0c:09:ca:c7:6b:da:f8:e4:9c:c5:31:48:19:52:f1:42:84:88:
e0:7b:8e:b7:02:46:1c:9f:75:da:2e:0b:58:c8:9a:9c:06:33:
5f:81:bb:eb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXruKCTMEsUUiFEvmH/GKcpzGLngwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNDE1MDAwMDAwWhcNMjQwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTcxMGQ0NjgxN2YxNWFmZWNiNWQ0M2MwNmM2MDZhMGVl
ZjUzNjliZDgwZTI1MjMwZDI1ZGFkZTFlNDkwYmI4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8arCvB8g3qrT8ilN4JcqHiEBTS07ULRAt/pARz4/2WmHC
0z/dsSDAqTbqcKkKnxguPMVXw73ayIzyaVvCRElTfhZkzvnRi3So9UY6qKPPsOsL
T5rPhtQbd5Y1DFpVXUqtZZs0wqoT7oZ3sQhihZYE963IpaBEppJX9S/bRRlic8W5
8k4i5GAFxxgbfJIwc/tpGL8I82zdcHS7HhIIoNIrFUKeow0crVjkkhAUUpXkHKne
FXr3Y8Rt79FnL2HD+wTGeHVNGuj6mETNmNX5tKH29keYEOhCoYPZS09onMuKfP7x
S5g9OyK03ImrBWAJJcTeYGKJOfKUXIKa721RXsmDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYRMTBK3WopaRZaJMvQRIWyTsdNwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I4ZGVmMDQ0LTg1MzktNDBkYy1iY2E5LTI5ZDBlNjNmNGRhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALE0AfaeMcKbYzdIOz+KZREY6gYg
T1azn/+bu5hI4lnFpPqCEkdBUthaXT6EuDJ8z4E4se4mQkBW5QfOEhdy4sJEun0X
jNhijpSLCTnIGVV1XWB/BpZgnMxjGUtFEVjlGHm8aha51mKSF+jEKJ9qNwbx5xCE
lkvsiIf/M9b7rEb+KTCqjuz6YFEkdcthyO4pzZi62up0WpBEqiBppi1aVl2QBH02
GjA3EIUQaOgcicC27oPrdSCYSsHwV4g37STOGCKig8M3o74wL6R3q+pmJmUWBaey
D+n3yQwJysdr2vjknMUxSBlS8UKEiOB7jrcCRhyfddouC1jImpwGM1+Bu+s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:36:19 2025 by rpki-client