Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ba685a08-770a-4c32-8023-ec17ebb3c5bd.roa
File: ba685a08-770a-4c32-8023-ec17ebb3c5bd.roa (raw, json)
Hash identifier: U8BpvBBQ2SXAi06QD8ve928NorWOgiSllufdqbQwnVY=
Subject key identifier: 07:D7:C0:1E:E0:E3:D2:00:21:D6:81:7E:0A:90:1A:09:5F:91:C7:DA
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0902917F14845C50C9257306713154C210FD9857
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ba685a08-770a-4c32-8023-ec17ebb3c5bd.roa
Signing time: Thu 28 Sep 2023 00:00:00 +0000
ROA not before: Thu 28 Sep 2023 00:00:00 +0000
ROA not after: Thu 02 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:02:91:7f:14:84:5c:50:c9:25:73:06:71:31:54:c2:10:fd:98:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 28 00:00:00 2023 GMT
Not After : Nov 2 23:59:59 2023 GMT
Subject: serialNumber=b58ad43ff2dddf148a04b312a4f07717faaee286fafd084db2bb7f4e5d639ad6, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:35:bd:a2:b4:da:19:28:bc:0e:ba:5d:d6:b0:
fe:b5:b9:7f:40:49:70:45:78:51:20:da:95:a6:0f:
34:99:34:1a:04:b7:c1:d5:2a:98:3c:eb:72:89:d5:
6d:56:06:21:19:59:82:c0:b9:1a:1b:af:5b:0b:f3:
22:50:f6:84:b4:bf:18:92:bb:55:83:60:27:ae:0c:
ef:0f:6b:b3:f5:1c:08:68:59:26:2d:ce:35:9b:0b:
99:f8:62:04:cc:75:a0:70:7a:a7:72:d4:63:10:77:
f6:25:01:5a:28:1c:7b:ae:b7:9e:cd:c2:c4:d8:36:
fd:c1:2b:1b:09:bb:86:21:d9:f2:2b:1a:a2:ce:c9:
c0:fd:aa:4c:0f:bb:ea:f5:b7:21:8a:b6:b5:7d:c4:
31:34:1f:22:b7:63:26:01:81:c5:89:10:14:63:d3:
e0:8c:0b:88:b1:25:98:79:ea:45:c7:52:8d:71:95:
7e:26:72:1f:a5:4f:f6:5b:bb:e0:c7:83:ad:03:60:
cf:81:66:cf:36:2b:2b:15:94:a9:9c:00:55:ec:bc:
3c:cb:9c:0b:e9:95:28:60:81:6c:5d:0d:a2:6c:8a:
82:ea:c7:97:26:d2:6e:ea:8a:26:88:6d:0f:3d:48:
a7:bb:93:07:d4:53:5c:d6:c0:31:ff:4c:68:01:79:
05:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D7:C0:1E:E0:E3:D2:00:21:D6:81:7E:0A:90:1A:09:5F:91:C7:DA
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ba685a08-770a-4c32-8023-ec17ebb3c5bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
29:73:8d:3c:64:64:c3:61:38:e1:84:24:42:59:cd:6b:87:d4:
dc:a3:ff:2a:ef:89:d1:92:c5:28:fd:c7:44:44:70:d1:0c:8b:
b6:a3:07:fb:9f:78:aa:83:b8:d3:0f:2a:47:33:b3:27:89:ab:
3a:53:bd:86:8f:c1:13:92:37:73:7d:0e:3d:36:43:a2:fd:b1:
e7:77:08:c5:12:05:55:75:7c:11:dd:bc:12:96:6b:28:c5:d2:
27:79:0a:78:be:6f:1f:4a:36:21:81:9f:71:45:7f:6b:53:91:
51:00:04:e0:0d:7a:31:c2:05:6a:07:42:d8:ef:35:0b:f1:91:
14:49:1c:5c:d3:54:6e:34:9b:6d:e5:0c:bf:5e:0a:03:c1:7a:
3a:8d:43:66:77:b5:0e:e3:62:b4:af:1a:7f:c1:26:40:0b:11:
59:f0:eb:43:83:40:c1:5e:2b:2f:d2:d8:31:c6:6b:7a:ca:a2:
15:6b:2e:0c:9b:ce:f6:b1:0b:6c:44:d8:3b:71:05:08:2c:ae:
79:88:ee:95:f4:87:0f:a4:9a:3e:af:16:53:fe:52:4d:6a:9e:
44:ff:65:a7:f4:b9:32:ef:87:b7:da:96:fc:d7:b8:1c:1a:72:
25:46:9b:1e:66:c1:a4:00:19:1d:fe:64:2c:b1:01:c7:8e:2e:
91:b3:a7:32
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCQKRfxSEXFDJJXMGcTFUwhD9mFcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTI4MDAwMDAwWhcNMjMxMTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNThhZDQzZmYyZGRkZjE0OGEwNGIzMTJhNGYwNzcxN2Zh
YWVlMjg2ZmFmZDA4NGRiMmJiN2Y0ZTVkNjM5YWQ2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD1Nb2itNoZKLwOul3WsP61uX9ASXBFeFEg2pWmDzSZNBoE
t8HVKpg863KJ1W1WBiEZWYLAuRobr1sL8yJQ9oS0vxiSu1WDYCeuDO8Pa7P1HAho
WSYtzjWbC5n4YgTMdaBweqdy1GMQd/YlAVooHHuut57NwsTYNv3BKxsJu4Yh2fIr
GqLOycD9qkwPu+r1tyGKtrV9xDE0HyK3YyYBgcWJEBRj0+CMC4ixJZh56kXHUo1x
lX4mch+lT/Zbu+DHg60DYM+BZs82KysVlKmcAFXsvDzLnAvplShggWxdDaJsioLq
x5cm0m7qiiaIbQ89SKe7kwfUU1zWwDH/TGgBeQXBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUB9fAHuDj0gAh1oF+CpAaCV+Rx9owHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2JhNjg1YTA4LTc3MGEtNGMzMi04MDIzLWVjMTdlYmIzYzViZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAClzjTxkZMNhOOGEJEJZzWuH1Nyj
/yrvidGSxSj9x0REcNEMi7ajB/ufeKqDuNMPKkczsyeJqzpTvYaPwROSN3N9Dj02
Q6L9sed3CMUSBVV1fBHdvBKWayjF0id5Cni+bx9KNiGBn3FFf2tTkVEABOANejHC
BWoHQtjvNQvxkRRJHFzTVG40m23lDL9eCgPBejqNQ2Z3tQ7jYrSvGn/BJkALEVnw
60ODQMFeKy/S2DHGa3rKohVrLgybzvaxC2xE2DtxBQgsrnmI7pX0hw+kmj6vFlP+
Uk1qnkT/Zaf0uTLvh7falvzXuBwaciVGmx5mwaQAGR3+ZCyxAceOLpGzpzI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:04:41 2025 by rpki-client