Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/caf4fe2f-3855-4458-a681-b52fe8c3c744.roa
File: caf4fe2f-3855-4458-a681-b52fe8c3c744.roa (raw, json)
Hash identifier: I+qd5LrJvSEpISUpWwHEZzpLf1tvfKvM7lc7wwfTtoY=
Subject key identifier: BB:05:5E:69:F3:BD:3B:2C:55:A5:DE:EB:9A:B4:F6:83:CA:48:08:A3
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 339F6B1127F532F41D928FE2AA6DD71AD7300EAC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/caf4fe2f-3855-4458-a681-b52fe8c3c744.roa
Signing time: Sun 15 Oct 2023 00:00:00 +0000
ROA not before: Sun 15 Oct 2023 00:00:00 +0000
ROA not after: Sun 19 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:9f:6b:11:27:f5:32:f4:1d:92:8f:e2:aa:6d:d7:1a:d7:30:0e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 15 00:00:00 2023 GMT
Not After : Nov 19 23:59:59 2023 GMT
Subject: serialNumber=fde28d11d0da50189b7cbcc58df9c2902e976aedb2f7bfda99a9bd6d5009876a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e4:79:c6:78:f2:e4:81:eb:ca:6a:dd:d2:7e:
13:2a:24:a7:c6:fa:58:f9:7f:d7:be:0a:97:e5:39:
98:20:f0:1b:b1:c8:e3:4c:14:11:07:a1:bc:e8:16:
6e:4b:d6:3f:96:13:70:c3:85:d7:4a:4f:d3:ab:58:
81:4d:34:df:69:69:8c:0d:96:6f:5a:f3:41:72:ba:
f3:f2:2c:cc:f2:ae:06:83:91:5f:18:94:c3:ce:57:
ea:86:df:70:13:24:37:33:59:4a:54:29:6b:07:0c:
45:37:b6:91:4e:d1:bc:23:48:e9:1a:65:8c:6a:2f:
de:84:b6:19:3b:c0:38:43:89:a1:2b:36:a0:83:e3:
83:aa:51:3c:ed:39:57:36:72:73:03:4d:96:56:d8:
52:43:cf:cc:3f:ee:2b:c9:ae:13:85:26:51:b1:37:
bf:9e:df:49:cf:4d:0e:ba:1e:ca:b9:3e:4d:8b:fd:
13:36:fe:9e:85:d6:14:54:73:3f:00:34:80:7e:96:
50:dc:89:d3:71:fd:ba:a0:3b:ad:4c:ec:12:7d:b3:
2a:b1:d9:99:00:e1:42:d8:ec:02:28:49:7d:43:9f:
c6:a6:d6:b9:9f:9d:ed:c4:a8:8c:76:70:a2:5d:4c:
e0:df:fc:89:ac:35:3a:1b:a3:eb:cd:2d:49:d0:4b:
b2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:05:5E:69:F3:BD:3B:2C:55:A5:DE:EB:9A:B4:F6:83:CA:48:08:A3
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/caf4fe2f-3855-4458-a681-b52fe8c3c744.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
92:77:76:b0:3c:7a:ea:ef:ca:00:6a:b0:06:83:9a:e5:8b:a6:
81:58:a5:73:39:69:3a:20:b9:eb:a5:db:4d:99:da:a6:02:11:
cd:aa:9d:dc:f9:8f:76:ee:de:b5:47:6e:f9:11:b5:11:04:e7:
d8:4d:49:05:02:ef:77:2c:6f:ec:de:cf:6a:14:64:0b:be:84:
f5:35:11:ee:d3:00:88:d5:79:38:8a:13:af:84:81:f8:34:04:
f1:be:df:3c:80:b4:24:59:10:a9:23:c9:ad:7d:2e:df:29:05:
eb:f0:29:43:82:52:f0:94:4a:5f:e7:9c:d8:be:3e:58:88:12:
ed:de:0f:9e:fe:95:2e:4a:15:dc:2d:d8:21:27:c6:b6:80:a8:
b3:2c:5c:50:60:5c:51:74:59:14:d8:df:ce:a1:0b:97:16:96:
97:af:1f:da:8c:33:81:0f:3c:90:76:b4:69:65:09:db:3b:e4:
df:32:52:8b:50:5a:36:8e:21:27:60:9e:eb:ed:a8:5a:c7:07:
58:42:af:d9:55:d4:a5:b1:ad:d7:99:70:c3:b0:68:57:8f:20:
c5:b6:b1:4c:20:fd:cb:07:2b:13:6a:19:e3:33:77:d7:22:94:
f4:8c:90:5a:ad:da:0e:0b:2f:dc:9d:af:a4:26:d9:e3:24:80:
7f:f3:38:34
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUM59rESf1MvQdko/iqm3XGtcwDqwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDE1MDAwMDAwWhcNMjMxMTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZGUyOGQxMWQwZGE1MDE4OWI3Y2JjYzU4ZGY5YzI5MDJl
OTc2YWVkYjJmN2JmZGE5OWE5YmQ2ZDUwMDk4NzZhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC55HnGePLkgevKat3SfhMqJKfG+lj5f9e+CpflOZgg8Bux
yONMFBEHobzoFm5L1j+WE3DDhddKT9OrWIFNNN9paYwNlm9a80FyuvPyLMzyrgaD
kV8YlMPOV+qG33ATJDczWUpUKWsHDEU3tpFO0bwjSOkaZYxqL96Ethk7wDhDiaEr
NqCD44OqUTztOVc2cnMDTZZW2FJDz8w/7ivJrhOFJlGxN7+e30nPTQ66Hsq5Pk2L
/RM2/p6F1hRUcz8ANIB+llDcidNx/bqgO61M7BJ9syqx2ZkA4ULY7AIoSX1Dn8am
1rmfne3EqIx2cKJdTODf/ImsNTobo+vNLUnQS7J3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuwVeafO9OyxVpd7rmrT2g8pICKMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2NhZjRmZTJmLTM4NTUtNDQ1OC1hNjgxLWI1MmZlOGMzYzc0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJJ3drA8eurvygBqsAaDmuWLpoFY
pXM5aTogueul202Z2qYCEc2qndz5j3bu3rVHbvkRtREE59hNSQUC73csb+zez2oU
ZAu+hPU1Ee7TAIjVeTiKE6+Egfg0BPG+3zyAtCRZEKkjya19Lt8pBevwKUOCUvCU
Sl/nnNi+PliIEu3eD57+lS5KFdwt2CEnxraAqLMsXFBgXFF0WRTY386hC5cWlpev
H9qMM4EPPJB2tGllCds75N8yUotQWjaOISdgnuvtqFrHB1hCr9lV1KWxrdeZcMOw
aFePIMW2sUwg/csHKxNqGeMzd9cilPSMkFqt2g4LL9ydr6Qm2eMkgH/zODQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:05:16 2025 by rpki-client