Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c93a92eb-bfa9-41d1-9297-2003d9bdfe14.roa
File: c93a92eb-bfa9-41d1-9297-2003d9bdfe14.roa (raw, json)
Hash identifier: iERZf3UJB+29IIB9jOc5eT13y61wSS7vV0LxqzS+eZQ=
Subject key identifier: 44:6C:30:7A:DD:4D:35:EB:42:61:98:6A:E4:D9:80:32:3C:D0:0C:D0
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 368652EC59BD1D36E37A88CB2EF2F2332D84CC8D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c93a92eb-bfa9-41d1-9297-2003d9bdfe14.roa
Signing time: Sat 01 Mar 2025 00:23:18 +0000
ROA not before: Sat 01 Mar 2025 00:23:18 +0000
ROA not after: Sat 05 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:86:52:ec:59:bd:1d:36:e3:7a:88:cb:2e:f2:f2:33:2d:84:cc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 1 00:23:18 2025 GMT
Not After : Apr 5 23:59:59 2025 GMT
Subject: serialNumber=ba1867258c4f413bd4819a7a85e8d53d36a5f5f76cac944dc238ac3073913b79, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bf:e8:7f:36:fc:01:97:43:15:0f:b3:0e:a4:
b6:1c:e0:72:8b:9c:da:b5:54:ac:69:91:0f:62:46:
01:2a:c5:72:b5:3d:5c:89:16:94:5b:38:85:2c:b3:
99:55:50:ba:15:30:dd:8e:db:37:f7:6d:81:69:67:
8b:ac:66:81:43:02:be:ba:78:8e:f5:5a:fe:9f:d4:
2f:e2:9c:12:da:ec:7b:d9:ad:48:bb:1d:8c:82:39:
74:b0:cb:8d:29:93:7c:4c:55:94:b0:37:23:b2:17:
41:31:9b:98:56:1d:3b:a3:29:f7:eb:8d:1c:44:d9:
c8:f0:e1:1e:a7:34:8e:6a:80:32:50:bc:fb:8d:ef:
94:97:d7:b6:3a:e2:1b:67:10:b6:54:ca:0c:7d:88:
30:16:30:8e:3b:8c:e4:2f:d8:df:66:16:6c:bc:9a:
cb:16:b7:00:d9:0a:b1:af:d7:44:bb:05:7f:fa:83:
6c:21:65:05:65:12:3a:78:a7:77:cc:a2:4d:4d:bb:
62:c6:51:5e:1b:cf:d6:0c:db:07:5f:98:28:44:eb:
29:3d:4e:ca:c9:2f:9d:48:8e:92:f8:03:3c:13:d0:
4a:3c:4a:89:06:71:7f:6d:50:aa:a6:25:d6:35:89:
86:36:f8:89:67:f3:ce:06:41:c0:87:18:ab:d6:ef:
af:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:6C:30:7A:DD:4D:35:EB:42:61:98:6A:E4:D9:80:32:3C:D0:0C:D0
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c93a92eb-bfa9-41d1-9297-2003d9bdfe14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6a:a8:8d:b7:9d:96:25:c4:a8:48:17:f4:3e:d8:2f:fa:25:
31:8e:e7:1e:72:21:a6:b2:f6:3a:ca:ea:1e:d6:7f:27:fc:ec:
7c:1e:7d:55:51:36:87:a1:69:67:c9:db:0b:8f:12:dc:54:30:
2b:09:ce:13:73:df:c9:bc:a7:f7:47:33:f8:50:05:8a:07:d8:
51:a2:15:3e:a9:5b:91:3f:5e:1a:64:dd:f2:cd:86:df:03:50:
d0:ee:73:49:0b:b3:e8:76:b6:5b:b7:b0:65:b3:8d:07:3d:b2:
19:f4:66:16:95:70:75:4d:3d:6e:c7:d0:77:43:0e:06:c7:9b:
52:12:19:7f:30:3b:ae:b2:c6:f3:79:e2:65:09:c3:7b:72:3a:
74:66:59:a4:0b:a1:83:47:2c:98:b5:30:08:ff:f1:a9:2b:69:
e6:6a:c6:a0:5c:cd:cf:21:81:1a:d9:ab:60:dc:75:72:76:7a:
c3:64:39:3a:65:53:52:b3:15:73:48:28:68:9d:db:b1:15:a9:
9c:7a:cf:1e:43:0d:5c:2f:39:52:fe:51:34:68:1a:97:f4:fc:
63:54:1a:dc:15:a7:35:69:dc:d8:91:f5:b3:62:04:33:23:d0:
1e:34:bd:db:c3:d9:15:3b:16:89:49:2e:c1:91:cb:5f:c6:92:
7f:25:32:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNoZS7Fm9HTbjeojLLvLyMy2EzI0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzAxMDAyMzE4WhcNMjUwNDA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYTE4NjcyNThjNGY0MTNiZDQ4MTlhN2E4NWU4ZDUzZDM2
YTVmNWY3NmNhYzk0NGRjMjM4YWMzMDczOTEzYjc5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGv+h/NvwBl0MVD7MOpLYc4HKLnNq1VKxpkQ9iRgEqxXK1
PVyJFpRbOIUss5lVULoVMN2O2zf3bYFpZ4usZoFDAr66eI71Wv6f1C/inBLa7HvZ
rUi7HYyCOXSwy40pk3xMVZSwNyOyF0Exm5hWHTujKffrjRxE2cjw4R6nNI5qgDJQ
vPuN75SX17Y64htnELZUygx9iDAWMI47jOQv2N9mFmy8mssWtwDZCrGv10S7BX/6
g2whZQVlEjp4p3fMok1Nu2LGUV4bz9YM2wdfmChE6yk9TsrJL51IjpL4AzwT0Eo8
SokGcX9tUKqmJdY1iYY2+Iln884GQcCHGKvW768HAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURGwwet1NNetCYZhq5NmAMjzQDNAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2M5M2E5MmViLWJmYTktNDFkMS05Mjk3LTIwMDNkOWJkZmUxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJxqqI23nZYlxKhIF/Q+2C/6JTGO
5x5yIaay9jrK6h7Wfyf87HwefVVRNoehaWfJ2wuPEtxUMCsJzhNz38m8p/dHM/hQ
BYoH2FGiFT6pW5E/Xhpk3fLNht8DUNDuc0kLs+h2tlu3sGWzjQc9shn0ZhaVcHVN
PW7H0HdDDgbHm1ISGX8wO66yxvN54mUJw3tyOnRmWaQLoYNHLJi1MAj/8akraeZq
xqBczc8hgRrZq2DcdXJ2esNkOTplU1KzFXNIKGid27EVqZx6zx5DDVwvOVL+UTRo
Gpf0/GNUGtwVpzVp3NiR9bNiBDMj0B40vdvD2RU7FolJLsGRy1/Gkn8lMtw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:46:38 2025 by rpki-client