Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c00aed14-20ac-4400-97f8-c006a0e76af7.roa
File: c00aed14-20ac-4400-97f8-c006a0e76af7.roa (raw, json)
Hash identifier: c6iCO7IjhscYvUF3R4O3AEH7b+9uXaN7lYns5SCS4RA=
Subject key identifier: 84:C1:10:51:72:4E:BB:FA:4D:8C:F8:BA:27:FD:D8:8A:AA:EC:4B:4A
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 7AAB5BF74103D43744423D650971487A2F1FDCEC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c00aed14-20ac-4400-97f8-c006a0e76af7.roa
Signing time: Sun 18 Jun 2023 00:00:00 +0000
ROA not before: Sun 18 Jun 2023 00:00:00 +0000
ROA not after: Sun 23 Jul 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:ab:5b:f7:41:03:d4:37:44:42:3d:65:09:71:48:7a:2f:1f:dc:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 18 00:00:00 2023 GMT
Not After : Jul 23 23:59:59 2023 GMT
Subject: serialNumber=d6d07d72405be51dbedde19ebd81fe558cf56475ea9e3a105c74faf1d5350e6c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:36:08:7e:4d:c3:ea:26:60:42:88:1c:f9:b9:
b7:cb:76:0e:a6:1a:18:d1:36:1a:5b:c6:c6:ee:6d:
47:63:e6:6c:f0:e4:59:44:9e:e9:9a:6b:4b:f0:f7:
7a:39:f8:a9:02:ad:18:69:cd:da:a9:9a:aa:59:2b:
c4:e1:df:e3:7d:8b:79:7c:97:3a:32:60:cb:ef:b5:
f6:eb:db:9c:a3:95:2e:70:0c:1c:00:4e:b0:cd:a5:
cb:47:35:49:65:85:9d:b1:f2:d1:45:2b:97:b6:8d:
e0:a2:ee:89:bb:8a:34:91:2a:ee:2d:63:b5:bf:99:
86:7e:64:ce:af:b0:27:49:19:f7:5b:e2:34:06:9d:
31:d6:a1:a5:94:43:e6:72:0e:ac:6d:f9:19:c3:83:
7b:c4:ad:cd:d8:3b:f6:88:d7:81:0f:f1:77:1a:70:
4c:ae:63:a4:c2:38:f9:1a:de:1e:27:14:e8:12:d1:
a0:1c:4a:a1:6d:1d:73:ee:c3:01:cf:9b:20:99:cd:
54:f7:8b:cc:3a:4a:4c:0c:17:7d:31:6d:b2:60:32:
f1:ce:4d:26:f0:3b:c4:b1:90:02:95:d0:42:64:8e:
39:fd:7f:c0:ee:e0:b5:9a:8d:92:b5:dc:1a:83:82:
49:9a:a8:aa:db:81:9e:da:d2:7a:9f:0e:00:87:bd:
94:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C1:10:51:72:4E:BB:FA:4D:8C:F8:BA:27:FD:D8:8A:AA:EC:4B:4A
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c00aed14-20ac-4400-97f8-c006a0e76af7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
90:4f:d8:c1:73:4f:4b:79:36:1f:f5:d8:d8:6a:0e:58:b2:98:
ab:a0:7c:1f:e6:08:e7:53:6d:e3:cf:24:13:06:ca:a7:d1:63:
30:83:ee:d8:8e:c3:4d:75:26:59:e6:da:8a:21:63:e1:b7:e2:
65:0f:b8:c6:48:e9:55:96:48:3c:0b:77:da:9c:5e:bb:dc:2a:
91:1a:42:66:62:0f:82:9e:d7:fa:69:a4:f6:3f:6d:22:f7:28:
b4:36:dc:ed:e5:96:33:38:3d:dc:94:9b:cc:44:fa:16:40:2a:
d8:17:c1:0c:96:42:40:c5:32:c8:28:ba:86:6a:d2:a3:ee:79:
e2:b5:82:02:48:e1:ee:8d:d2:1a:81:9c:7a:ea:3a:4e:df:cf:
b6:eb:24:ec:21:4c:87:d6:0a:e3:20:ee:59:c8:ce:eb:b6:61:
27:18:e7:21:3b:02:c0:fb:12:5d:5a:e1:dd:b8:b7:8b:67:ea:
2a:a0:06:ee:64:0a:0f:d7:22:8f:64:5f:78:c4:2f:d5:06:1f:
2c:ff:b0:0f:46:97:b7:dc:88:9b:40:83:90:2d:05:a0:07:75:
df:c9:19:10:fe:71:06:5d:19:c1:2e:6c:eb:85:f3:37:9b:f0:
62:09:01:a7:7a:c6:18:0e:86:95:fa:23:4f:51:4a:92:fb:3b:
f0:4c:5d:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeqtb90ED1DdEQj1lCXFIei8f3OwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjE4MDAwMDAwWhcNMjMwNzIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNmQwN2Q3MjQwNWJlNTFkYmVkZGUxOWViZDgxZmU1NThj
ZjU2NDc1ZWE5ZTNhMTA1Yzc0ZmFmMWQ1MzUwZTZjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpNgh+TcPqJmBCiBz5ubfLdg6mGhjRNhpbxsbubUdj5mzw
5FlEnumaa0vw93o5+KkCrRhpzdqpmqpZK8Th3+N9i3l8lzoyYMvvtfbr25yjlS5w
DBwATrDNpctHNUllhZ2x8tFFK5e2jeCi7om7ijSRKu4tY7W/mYZ+ZM6vsCdJGfdb
4jQGnTHWoaWUQ+ZyDqxt+RnDg3vErc3YO/aI14EP8XcacEyuY6TCOPka3h4nFOgS
0aAcSqFtHXPuwwHPmyCZzVT3i8w6SkwMF30xbbJgMvHOTSbwO8SxkAKV0EJkjjn9
f8Du4LWajZK13BqDgkmaqKrbgZ7a0nqfDgCHvZRJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhMEQUXJOu/pNjPi6J/3YiqrsS0owHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2MwMGFlZDE0LTIwYWMtNDQwMC05N2Y4LWMwMDZhMGU3NmFmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJBP2MFzT0t5Nh/12NhqDliymKug
fB/mCOdTbePPJBMGyqfRYzCD7tiOw011Jlnm2oohY+G34mUPuMZI6VWWSDwLd9qc
XrvcKpEaQmZiD4Ke1/pppPY/bSL3KLQ23O3lljM4PdyUm8xE+hZAKtgXwQyWQkDF
MsgouoZq0qPueeK1ggJI4e6N0hqBnHrqOk7fz7brJOwhTIfWCuMg7lnIzuu2YScY
5yE7AsD7El1a4d24t4tn6iqgBu5kCg/XIo9kX3jEL9UGHyz/sA9Gl7fciJtAg5At
BaAHdd/JGRD+cQZdGcEubOuF8zeb8GIJAad6xhgOhpX6I09RSpL7O/BMXUk=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:45:38 2025 by rpki-client