Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bcf89153-c02c-481a-b8c0-902ed11518c9.roa
File: bcf89153-c02c-481a-b8c0-902ed11518c9.roa (raw, json)
Hash identifier: ssc/vW2hxDfIaK6H2rGLnoadCIesbInqCzWnvfWWO30=
Subject key identifier: 8D:B8:01:D0:79:9B:9A:A6:FA:33:9C:F1:DE:FE:AA:5E:47:36:FC:F3
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 366203F1FE35214217FF83164B5D068E49A21CF9
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bcf89153-c02c-481a-b8c0-902ed11518c9.roa
Signing time: Tue 25 Jul 2023 00:00:00 +0000
ROA not before: Tue 25 Jul 2023 00:00:00 +0000
ROA not after: Tue 29 Aug 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:62:03:f1:fe:35:21:42:17:ff:83:16:4b:5d:06:8e:49:a2:1c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 25 00:00:00 2023 GMT
Not After : Aug 29 23:59:59 2023 GMT
Subject: serialNumber=bb908d8273f56c0d22c35534dc75582a7831672c63f833eec4f2af1381ed187b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:37:39:5a:6c:05:95:58:e4:67:ca:a6:42:
c3:07:57:44:6d:9d:0c:4b:73:3a:73:1c:f5:6d:02:
e1:37:d0:0c:64:9c:c8:99:73:3a:13:ec:5e:dd:04:
99:ee:30:6b:02:cc:62:c8:de:d5:b0:5c:f9:f8:74:
2b:9b:a4:78:41:dd:bd:ef:16:84:62:c3:a6:89:ec:
b9:da:f6:16:d0:df:5d:b6:07:3a:9e:1d:0c:a9:f9:
42:81:56:9b:21:ad:cd:81:18:60:38:7c:3c:44:2f:
16:2c:37:b6:bf:27:1a:2d:d8:de:28:e8:fd:1b:54:
b5:86:96:1b:41:74:85:79:4d:90:f3:62:38:ba:d8:
dc:8b:52:0f:fb:88:0b:01:c4:a5:4d:e5:33:17:ff:
3c:8f:78:55:23:51:29:fd:d0:43:be:6c:7d:f3:48:
6f:6d:67:63:06:85:e7:bf:ff:8f:7e:6a:d9:97:78:
73:a2:02:87:e4:6a:1d:6c:e3:c0:6c:1a:56:82:0c:
ba:84:2b:13:19:ec:3c:20:2e:60:44:39:07:1a:8f:
83:0e:16:92:fe:4f:08:78:fc:81:60:39:fc:27:df:
5d:e1:a2:e0:dc:a8:36:8f:f4:a3:7e:2e:9d:b8:12:
d2:c4:07:85:27:02:ec:81:50:7f:58:4f:d5:20:18:
96:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B8:01:D0:79:9B:9A:A6:FA:33:9C:F1:DE:FE:AA:5E:47:36:FC:F3
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bcf89153-c02c-481a-b8c0-902ed11518c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
12:c8:21:cf:6e:4d:5f:37:1e:9f:77:be:3a:a1:f8:dd:90:3e:
7e:c8:30:b6:b0:2b:8d:d7:0d:f3:dd:21:0c:1e:64:79:8b:40:
15:b8:bf:69:81:df:08:f1:e9:13:1b:04:11:44:fc:83:fe:59:
7c:d9:70:b9:f1:84:b3:85:cf:9a:0a:c4:ac:43:e5:22:c5:58:
1d:45:e2:17:18:39:44:f3:dd:6d:ab:2a:29:b6:11:3e:a2:9b:
55:72:db:74:52:8e:7f:85:55:31:f0:77:5f:a4:7a:30:da:59:
36:05:8a:9d:6c:f7:73:0b:96:81:91:79:04:e8:41:07:3a:a9:
a0:33:68:e2:84:1e:8b:a9:7b:fa:24:32:89:79:38:bd:ef:d4:
5f:d5:bb:f1:56:1c:09:77:b3:bd:f4:70:c7:80:0f:47:db:65:
e4:35:97:d0:fc:3a:94:2d:ac:69:9b:d4:ce:d2:0d:ea:3d:1e:
d0:85:56:e6:e6:f1:07:c7:64:a4:0a:21:4a:42:a4:9f:79:4c:
0d:9e:f2:7e:27:bc:2b:9c:2b:fa:aa:79:6a:78:92:32:9b:07:
70:5d:3f:34:27:49:7f:19:b5:33:6f:30:38:9a:e8:6a:67:44:
3c:8f:05:d7:f1:09:4d:12:29:87:ab:28:80:e7:14:50:fa:05:
41:e0:ad:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNmID8f41IUIX/4MWS10GjkmiHPkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzI1MDAwMDAwWhcNMjMwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjkwOGQ4MjczZjU2YzBkMjJjMzU1MzRkYzc1NTgyYTc4
MzE2NzJjNjNmODMzZWVjNGYyYWYxMzgxZWQxODdiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7pjc5WmwFlVjkZ8qmQsMHV0RtnQxLczpzHPVtAuE30Axk
nMiZczoT7F7dBJnuMGsCzGLI3tWwXPn4dCubpHhB3b3vFoRiw6aJ7Lna9hbQ3122
BzqeHQyp+UKBVpshrc2BGGA4fDxELxYsN7a/Jxot2N4o6P0bVLWGlhtBdIV5TZDz
Yji62NyLUg/7iAsBxKVN5TMX/zyPeFUjUSn90EO+bH3zSG9tZ2MGhee//49+atmX
eHOiAofkah1s48BsGlaCDLqEKxMZ7DwgLmBEOQcaj4MOFpL+Twh4/IFgOfwn313h
ouDcqDaP9KN+Lp24EtLEB4UnAuyBUH9YT9UgGJa9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjbgB0Hmbmqb6M5zx3v6qXkc2/PMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2JjZjg5MTUzLWMwMmMtNDgxYS1iOGMwLTkwMmVkMTE1MThjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABLIIc9uTV83Hp93vjqh+N2QPn7I
MLawK43XDfPdIQweZHmLQBW4v2mB3wjx6RMbBBFE/IP+WXzZcLnxhLOFz5oKxKxD
5SLFWB1F4hcYOUTz3W2rKim2ET6im1Vy23RSjn+FVTHwd1+kejDaWTYFip1s93ML
loGReQToQQc6qaAzaOKEHoupe/okMol5OL3v1F/Vu/FWHAl3s730cMeAD0fbZeQ1
l9D8OpQtrGmb1M7SDeo9HtCFVubm8QfHZKQKIUpCpJ95TA2e8n4nvCucK/qqeWp4
kjKbB3BdPzQnSX8ZtTNvMDia6GpnRDyPBdfxCU0SKYerKIDnFFD6BUHgrQc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:46:41 2025 by rpki-client