Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bc8ca454-9bea-47d4-b87c-376660b3858e.roa
File: bc8ca454-9bea-47d4-b87c-376660b3858e.roa (raw, json)
Hash identifier: KMnJ1tw5ZnFd7KxiUwfJbU9DLkaN6UqCapOpcN2I4yE=
Subject key identifier: E7:0A:D4:13:4E:56:23:AC:EF:30:02:AC:F5:A6:1E:FC:1E:7D:61:BD
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2CFD22A9BA4D5C010E95D02AAB6DB194E2B0FE6A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bc8ca454-9bea-47d4-b87c-376660b3858e.roa
Signing time: Sun 09 Jun 2024 00:00:00 +0000
ROA not before: Sun 09 Jun 2024 00:00:00 +0000
ROA not after: Sun 14 Jul 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:fd:22:a9:ba:4d:5c:01:0e:95:d0:2a:ab:6d:b1:94:e2:b0:fe:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 9 00:00:00 2024 GMT
Not After : Jul 14 23:59:59 2024 GMT
Subject: serialNumber=3563053c6874866f79f6b7f05ca5d08bb2decd34f36d8b9f2a6dce4e88b8de4e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:68:f5:67:e7:25:e7:a3:58:ec:eb:67:3d:
b1:ef:a5:ad:06:2a:3c:e6:ae:ec:b3:e7:2f:9e:ba:
1d:09:53:f4:7a:48:1b:7a:7a:71:d8:14:70:5b:2d:
83:20:6c:aa:b9:9b:ad:35:5a:59:df:81:eb:a3:4c:
84:92:af:0a:fa:b2:61:29:32:d0:48:5e:3d:61:0f:
60:b5:14:6f:ab:d2:7f:1d:00:85:9a:1c:e0:76:55:
c2:e0:d0:f5:0d:05:3f:8e:bd:1d:81:40:fa:b8:5e:
c6:28:8e:a7:f0:a7:e0:a0:ce:3d:41:5d:81:dc:28:
f9:8a:46:4e:b9:51:4f:74:63:82:8f:4f:68:4b:b6:
2d:c7:f6:44:e9:af:7f:3e:23:73:76:07:4e:df:88:
0f:2b:ca:20:53:02:e4:44:2e:4e:48:17:07:88:81:
da:13:6c:77:b8:11:32:c3:ff:58:a5:ad:03:9c:5f:
f7:90:44:aa:3b:21:b9:9a:a5:ab:76:eb:5e:44:56:
63:71:af:2e:9f:cb:8a:73:0d:26:30:f6:42:dc:af:
66:8e:e8:01:55:e7:e6:8c:c1:01:59:7d:3b:84:cb:
31:4f:52:62:4b:ab:82:d8:bc:28:92:9e:ec:3d:4f:
15:2c:40:40:4f:f0:47:ec:7e:27:04:c2:03:bd:de:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:0A:D4:13:4E:56:23:AC:EF:30:02:AC:F5:A6:1E:FC:1E:7D:61:BD
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bc8ca454-9bea-47d4-b87c-376660b3858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:8f:b5:9e:31:e3:a1:8c:a3:9d:cc:39:db:22:b0:7c:58:6a:
8a:02:aa:4e:e2:82:54:d8:08:62:79:58:b9:a2:bc:50:3b:15:
cf:22:41:22:d7:32:fd:43:07:8c:30:1e:89:3c:1f:3b:44:b0:
f4:d2:04:2d:e8:35:4b:b4:04:54:48:71:23:0d:80:83:b6:01:
e9:12:ab:a1:1f:8d:a0:41:2c:32:45:28:84:ae:eb:52:7f:b2:
7a:bb:2d:a1:ab:89:ec:87:37:74:2c:75:b9:f9:3d:08:11:57:
60:32:a8:ad:53:16:6e:a3:77:f8:fa:1d:d6:18:bf:f7:ba:58:
b1:75:08:4b:06:77:3a:10:f9:4e:33:f0:fd:69:25:6c:b8:e8:
b8:c6:93:9f:2a:9a:86:35:6f:89:41:ea:0b:f2:87:89:dd:98:
c1:a3:08:d7:68:cc:16:59:4e:0c:73:f0:70:67:4c:b1:b7:08:
15:1c:81:24:e1:2f:2f:70:28:e5:37:f3:a1:d0:89:3f:fa:e1:
7d:d0:59:b8:46:85:64:66:3f:86:b4:d5:87:3f:a8:7f:94:89:
35:89:58:1f:96:43:d4:4c:35:4f:f0:fb:41:af:a0:66:45:97:
4e:67:8e:9c:4a:7a:65:57:15:45:b5:94:0a:4a:46:b7:20:d3:
18:c6:34:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULP0iqbpNXAEOldAqq22xlOKw/mowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjA5MDAwMDAwWhcNMjQwNzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTYzMDUzYzY4NzQ4NjZmNzlmNmI3ZjA1Y2E1ZDA4YmIy
ZGVjZDM0ZjM2ZDhiOWYyYTZkY2U0ZTg4YjhkZTRlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLi2j1Z+cl56NY7OtnPbHvpa0GKjzmruyz5y+euh0JU/R6
SBt6enHYFHBbLYMgbKq5m601WlnfgeujTISSrwr6smEpMtBIXj1hD2C1FG+r0n8d
AIWaHOB2VcLg0PUNBT+OvR2BQPq4XsYojqfwp+Cgzj1BXYHcKPmKRk65UU90Y4KP
T2hLti3H9kTpr38+I3N2B07fiA8ryiBTAuRELk5IFweIgdoTbHe4ETLD/1ilrQOc
X/eQRKo7Ibmapat2615EVmNxry6fy4pzDSYw9kLcr2aO6AFV5+aMwQFZfTuEyzFP
UmJLq4LYvCiSnuw9TxUsQEBP8EfsficEwgO93n9vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5wrUE05WI6zvMAKs9aYe/B59Yb0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2JjOGNhNDU0LTliZWEtNDdkNC1iODdjLTM3NjY2MGIzODU4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAH2PtZ4x46GMo53MOdsisHxYaooC
qk7iglTYCGJ5WLmivFA7Fc8iQSLXMv1DB4wwHok8HztEsPTSBC3oNUu0BFRIcSMN
gIO2AekSq6EfjaBBLDJFKISu61J/snq7LaGrieyHN3Qsdbn5PQgRV2AyqK1TFm6j
d/j6HdYYv/e6WLF1CEsGdzoQ+U4z8P1pJWy46LjGk58qmoY1b4lB6gvyh4ndmMGj
CNdozBZZTgxz8HBnTLG3CBUcgSThLy9wKOU386HQiT/64X3QWbhGhWRmP4a01Yc/
qH+UiTWJWB+WQ9RMNU/w+0GvoGZFl05njpxKemVXFUW1lApKRrcg0xjGNBw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:35:23 2025 by rpki-client