Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bdcb7ea7-ae53-4dae-b19b-03c7b40a7634.roa
File: bdcb7ea7-ae53-4dae-b19b-03c7b40a7634.roa (raw, json)
Hash identifier: nBd+FoPvXBKDDoHGrQLQB1o6+toRpBNyuZSJFcEgDzw=
Subject key identifier: 62:0D:15:8D:3F:D1:B7:3C:B9:3F:28:25:20:00:93:FF:93:21:16:1A
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 284A65707E1A5EFC16ED2E529B867863D31333BB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bdcb7ea7-ae53-4dae-b19b-03c7b40a7634.roa
Signing time: Sun 22 Oct 2023 00:00:00 +0000
ROA not before: Sun 22 Oct 2023 00:00:00 +0000
ROA not after: Sun 26 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:4a:65:70:7e:1a:5e:fc:16:ed:2e:52:9b:86:78:63:d3:13:33:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 22 00:00:00 2023 GMT
Not After : Nov 26 23:59:59 2023 GMT
Subject: serialNumber=29487aa4954ec339de604b5c65ed50b4da11c81991905f24323293ade490f8db, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:50:ca:d0:70:93:9e:60:47:a8:67:06:88:3a:
b9:4d:b0:ad:8f:b8:dc:24:28:c3:68:32:46:86:40:
20:9f:37:b1:56:10:b9:21:ff:be:1f:43:d2:a8:41:
63:a5:dd:8c:8f:fd:3f:8a:42:1e:14:f4:bc:18:55:
2d:82:bb:7c:91:75:a0:f3:0b:27:52:2f:68:95:14:
f8:d2:b8:fd:4d:78:c5:b2:a6:99:22:ae:99:4a:12:
83:4d:2e:93:ef:dd:08:e5:39:30:8d:fc:64:01:3c:
2e:a8:ff:2d:88:a6:f4:18:0c:4d:ed:2a:95:bd:58:
b8:c3:b5:66:49:28:1d:08:43:93:90:69:7e:b9:de:
eb:1d:6d:b1:4c:a5:c7:10:6e:e3:ca:02:59:f0:9e:
9f:27:47:95:1d:15:67:bc:f5:41:69:20:45:a1:ed:
8b:58:42:eb:67:3f:30:97:c8:6c:0e:bb:81:c9:40:
fa:e1:9b:b8:32:33:ad:85:c6:99:8d:69:7d:53:e9:
91:dc:0e:e2:6c:ea:ca:ee:3f:0a:2d:35:4f:d8:e0:
d8:50:37:4a:2b:61:ef:b2:15:78:42:5a:d5:56:be:
bf:13:cd:34:20:0a:07:fd:1f:38:8e:fd:9c:aa:bf:
3b:cc:a2:3e:e4:81:7a:c0:67:df:69:37:30:82:4b:
9a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0D:15:8D:3F:D1:B7:3C:B9:3F:28:25:20:00:93:FF:93:21:16:1A
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bdcb7ea7-ae53-4dae-b19b-03c7b40a7634.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c2:40:48:1f:38:ef:e9:e0:6c:09:ac:9e:3f:f0:79:fb:51:
2a:c8:21:b9:c8:9d:6a:80:24:46:47:75:57:87:87:ba:86:4e:
27:20:d3:93:5b:41:ca:aa:be:e8:81:f6:7a:48:8d:e2:3c:e7:
3a:ec:0a:84:a0:2d:07:40:f8:d3:c8:ac:87:e7:ae:bf:ca:f1:
1c:8a:ef:7c:77:13:8c:05:54:d0:c2:38:2c:92:1c:8a:dc:67:
44:22:af:f4:a4:4b:18:46:43:7e:ca:b7:90:e4:e2:d5:fb:f1:
27:10:09:09:9b:cb:50:5c:dc:2c:f3:bc:32:d3:0f:83:67:dd:
5d:8a:f1:ea:e8:3a:ef:81:75:c1:8a:2a:03:bd:82:4f:0e:1d:
4f:67:69:43:b0:4f:0f:e0:c5:7d:05:8a:57:0a:78:7d:6a:3c:
7a:34:b8:9c:64:d2:2b:4f:fd:bb:4d:02:fc:91:8e:3d:1f:74:
d0:2b:73:5e:a9:76:a4:72:13:e7:42:e6:a7:2e:2a:b8:3c:c1:
4e:30:5b:eb:b7:9d:ae:ae:1a:4a:27:d9:e7:4e:fc:63:df:8c:
4b:8d:3a:44:04:99:ce:68:9c:80:55:5a:03:93:e5:df:24:9e:
e7:98:2c:fa:ba:c7:6d:c5:82:e3:27:8a:18:e8:c0:ac:08:76:
41:b3:01:c4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKEplcH4aXvwW7S5Sm4Z4Y9MTM7swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDIyMDAwMDAwWhcNMjMxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTQ4N2FhNDk1NGVjMzM5ZGU2MDRiNWM2NWVkNTBiNGRh
MTFjODE5OTE5MDVmMjQzMjMyOTNhZGU0OTBmOGRiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOUMrQcJOeYEeoZwaIOrlNsK2PuNwkKMNoMkaGQCCfN7FW
ELkh/74fQ9KoQWOl3YyP/T+KQh4U9LwYVS2Cu3yRdaDzCydSL2iVFPjSuP1NeMWy
ppkirplKEoNNLpPv3QjlOTCN/GQBPC6o/y2IpvQYDE3tKpW9WLjDtWZJKB0IQ5OQ
aX653usdbbFMpccQbuPKAlnwnp8nR5UdFWe89UFpIEWh7YtYQutnPzCXyGwOu4HJ
QPrhm7gyM62FxpmNaX1T6ZHcDuJs6sruPwotNU/Y4NhQN0orYe+yFXhCWtVWvr8T
zTQgCgf9HziO/ZyqvzvMoj7kgXrAZ99pNzCCS5rtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYg0VjT/Rtzy5PyglIACT/5MhFhowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2JkY2I3ZWE3LWFlNTMtNGRhZS1iMTliLTAzYzdiNDBhNzYzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACnCQEgfOO/p4GwJrJ4/8Hn7USrI
IbnInWqAJEZHdVeHh7qGTicg05NbQcqqvuiB9npIjeI85zrsCoSgLQdA+NPIrIfn
rr/K8RyK73x3E4wFVNDCOCySHIrcZ0Qir/SkSxhGQ37Kt5Dk4tX78ScQCQmby1Bc
3CzzvDLTD4Nn3V2K8eroOu+BdcGKKgO9gk8OHU9naUOwTw/gxX0FilcKeH1qPHo0
uJxk0itP/btNAvyRjj0fdNArc16pdqRyE+dC5qcuKrg8wU4wW+u3na6uGkon2edO
/GPfjEuNOkQEmc5onIBVWgOT5d8knueYLPq6x23FguMnihjowKwIdkGzAcQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:44:28 2025 by rpki-client