Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c421e962-8342-4726-bf6f-72bbce7d0165.roa
File: c421e962-8342-4726-bf6f-72bbce7d0165.roa (raw, json)
Hash identifier: 6AKXhFsWLrcPAdZc54eGctQfSI3TRd3erIK9RwtzxPM=
Subject key identifier: 6E:D2:EE:7F:47:CA:EB:63:52:5C:90:C2:68:ED:79:AC:01:60:DE:F1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5B5EC8B32C7D6B8AD4615A4BEBCD382111052730
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c421e962-8342-4726-bf6f-72bbce7d0165.roa
Signing time: Sun 08 Dec 2024 00:00:00 +0000
ROA not before: Sun 08 Dec 2024 00:00:00 +0000
ROA not after: Sun 12 Jan 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:5e:c8:b3:2c:7d:6b:8a:d4:61:5a:4b:eb:cd:38:21:11:05:27:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 8 00:00:00 2024 GMT
Not After : Jan 12 23:59:59 2025 GMT
Subject: serialNumber=f87fecc8d9fa93d18b5f2823aa0fa8bd08ddbd5283d0080de14e72136751439f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ae:4c:0c:93:6e:c4:f1:0c:e5:a4:d8:24:1a:
c2:18:63:2e:56:76:6b:79:59:e1:11:98:f5:cd:d4:
ad:18:0e:42:53:c1:5d:9e:15:b9:5d:0c:5c:80:b8:
59:7d:92:ba:90:b9:49:3e:e3:0e:3c:f6:e8:b0:86:
22:6c:57:83:99:59:c3:b4:55:f1:9b:47:2d:67:c7:
61:bd:c7:b1:44:69:df:04:44:96:ee:c7:d3:6f:5a:
a3:37:f6:65:ea:e9:13:6d:0e:9b:06:8c:2e:12:b1:
04:5e:fd:aa:16:ad:12:b5:17:92:37:5e:86:89:2b:
c0:d4:4c:ba:1f:5c:d7:5e:a7:ea:69:4b:e2:06:fa:
20:85:57:92:ff:ca:3f:47:60:15:5f:94:7c:0d:e4:
77:2f:70:4a:68:0e:e7:93:87:ee:3a:44:dc:2e:7f:
b8:43:78:39:08:cd:3a:08:fd:e2:51:dd:06:e4:67:
f7:7a:95:7b:f4:91:ac:93:dd:4b:ef:5d:22:f7:19:
be:f5:d7:3c:ce:a9:62:9d:d6:d1:63:31:b2:47:4a:
63:2b:16:23:3d:43:83:2d:8b:ca:04:71:2d:1d:9b:
00:a7:48:2c:9f:32:47:13:88:07:d9:9a:c4:e6:28:
16:65:da:45:cb:ba:c2:18:f8:83:68:5e:cf:a8:51:
59:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D2:EE:7F:47:CA:EB:63:52:5C:90:C2:68:ED:79:AC:01:60:DE:F1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c421e962-8342-4726-bf6f-72bbce7d0165.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:1f:5c:a3:44:3f:10:26:d2:05:b8:15:fc:38:5c:2a:48:4d:
a3:df:73:2e:9c:db:fc:c3:f4:12:33:27:2d:56:dd:f0:41:b8:
dc:ad:24:43:a8:e1:b0:44:a7:5d:e9:2b:3a:17:8d:c2:aa:b3:
76:8d:8b:23:4f:21:3b:de:9e:93:42:d9:17:16:b6:19:0e:d0:
f6:48:66:e0:58:06:7b:bf:ac:38:88:99:e5:95:71:9e:b8:7d:
21:d8:31:a6:ed:6b:5e:10:a1:bf:cb:b6:16:98:26:4d:54:fb:
43:89:76:19:7f:dc:cd:74:0d:81:9c:bf:8b:c2:f1:b7:a2:e9:
a3:8d:87:bd:6e:5b:87:a2:0c:ca:71:e7:e6:71:6a:37:c0:9f:
14:3b:8a:6f:85:08:95:c1:d3:91:1d:75:1d:91:06:07:c1:4b:
dc:f5:29:2c:04:92:9e:17:01:9e:f0:2a:ce:28:94:69:4c:b8:
69:47:01:57:78:27:3f:4d:47:42:59:fb:6b:89:8d:b4:14:04:
20:1c:84:d1:41:57:7c:69:87:43:08:d5:f3:e6:ac:b4:fa:80:
db:42:67:48:34:0d:79:5f:03:b9:03:e6:7a:b5:28:15:b9:6c:
cc:97:23:2c:68:e5:07:9c:35:dd:e0:9c:18:76:07:4a:75:db:
86:c2:7d:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUW17Isyx9a4rUYVpL6804IREFJzAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjA4MDAwMDAwWhcNMjUwMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmODdmZWNjOGQ5ZmE5M2QxOGI1ZjI4MjNhYTBmYThiZDA4
ZGRiZDUyODNkMDA4MGRlMTRlNzIxMzY3NTE0MzlmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3rkwMk27E8QzlpNgkGsIYYy5Wdmt5WeERmPXN1K0YDkJT
wV2eFbldDFyAuFl9krqQuUk+4w489uiwhiJsV4OZWcO0VfGbRy1nx2G9x7FEad8E
RJbux9NvWqM39mXq6RNtDpsGjC4SsQRe/aoWrRK1F5I3XoaJK8DUTLofXNdep+pp
S+IG+iCFV5L/yj9HYBVflHwN5HcvcEpoDueTh+46RNwuf7hDeDkIzToI/eJR3Qbk
Z/d6lXv0kayT3UvvXSL3Gb711zzOqWKd1tFjMbJHSmMrFiM9Q4Mti8oEcS0dmwCn
SCyfMkcTiAfZmsTmKBZl2kXLusIY+INoXs+oUVmDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbtLuf0fK62NSXJDCaO15rAFg3vEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2M0MjFlOTYyLTgzNDItNDcyNi1iZjZmLTcyYmJjZTdkMDE2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEofXKNEPxAm0gW4Ffw4XCpITaPf
cy6c2/zD9BIzJy1W3fBBuNytJEOo4bBEp13pKzoXjcKqs3aNiyNPITvenpNC2RcW
thkO0PZIZuBYBnu/rDiImeWVcZ64fSHYMabta14Qob/LthaYJk1U+0OJdhl/3M10
DYGcv4vC8bei6aONh71uW4eiDMpx5+ZxajfAnxQ7im+FCJXB05EddR2RBgfBS9z1
KSwEkp4XAZ7wKs4olGlMuGlHAVd4Jz9NR0JZ+2uJjbQUBCAchNFBV3xph0MI1fPm
rLT6gNtCZ0g0DXlfA7kD5nq1KBW5bMyXIyxo5QecNd3gnBh2B0p124bCfWo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:11:04 2025 by rpki-client