Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d3cef732-3e19-445d-8db6-4e759a9ea966.roa
File: d3cef732-3e19-445d-8db6-4e759a9ea966.roa (raw, json)
Hash identifier: gxyT73UtwupVOdFjKT37/fkTHTo0iUojOz+hxfBVP94=
Subject key identifier: 96:CB:C5:17:9F:B8:B7:B4:A8:F5:AA:C2:F9:98:C0:42:E5:A0:EA:AA
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 22BE38B8C7068CA21FC972E835091D24F1C79F25
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d3cef732-3e19-445d-8db6-4e759a9ea966.roa
Signing time: Sun 21 Jul 2024 00:00:00 +0000
ROA not before: Sun 21 Jul 2024 00:00:00 +0000
ROA not after: Sun 25 Aug 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:be:38:b8:c7:06:8c:a2:1f:c9:72:e8:35:09:1d:24:f1:c7:9f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 21 00:00:00 2024 GMT
Not After : Aug 25 23:59:59 2024 GMT
Subject: serialNumber=e16a668a281dd71e784762ca35848c6db530ce99a8d705a6014c36675f7a7374, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:16:72:9f:16:2a:43:b5:6f:d9:ab:93:3a:2f:
b4:be:36:12:05:c2:d6:62:bc:ad:05:2d:6e:38:bb:
0f:a5:06:3d:6d:4f:ab:6d:bb:2d:6b:99:1c:3d:e9:
ce:fe:6b:cd:a3:ed:65:7b:63:f8:9b:b2:0a:59:f8:
55:82:c1:bd:31:61:c5:58:f9:b9:e6:dc:5d:4a:ae:
f6:94:8d:c6:a4:de:bc:8e:fd:32:c6:f6:60:a8:4e:
c6:b0:72:2e:df:3f:cb:d7:98:db:59:c2:a1:e7:05:
7e:3e:f7:6e:00:29:27:63:2b:fe:55:c2:84:30:d6:
11:ca:ef:e3:32:7b:54:47:cd:b4:00:25:06:82:59:
b8:5e:1a:1c:38:04:27:8b:28:2c:2c:cc:fd:6e:55:
5c:17:f3:54:fd:f9:76:cf:1a:ac:6c:52:7b:23:26:
c0:9d:3a:8f:85:1f:a9:74:49:56:7b:7c:b2:de:50:
f7:34:78:3c:1b:23:cd:01:4b:92:3d:7e:97:67:04:
c4:9a:10:26:b6:78:d6:4d:e2:16:4d:88:6c:02:4d:
35:ef:e8:e2:6f:90:32:c6:59:f1:49:de:e6:31:dc:
0e:b1:e4:2c:97:87:87:96:35:65:f1:c0:d6:b3:1c:
d8:52:85:13:41:b0:2f:c8:40:e0:5a:e3:06:17:28:
45:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:CB:C5:17:9F:B8:B7:B4:A8:F5:AA:C2:F9:98:C0:42:E5:A0:EA:AA
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d3cef732-3e19-445d-8db6-4e759a9ea966.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
84:0e:f6:9a:fb:4d:2b:94:47:f7:8d:c5:cb:bb:70:91:a5:07:
89:47:0a:3d:b9:c7:27:95:db:a4:62:26:53:01:99:ad:04:df:
72:a5:67:96:f2:5c:00:4b:40:54:bc:73:5d:33:d4:74:d7:75:
36:59:a4:35:2a:b2:33:5f:b0:c6:52:aa:0c:39:2f:05:85:0b:
9e:6d:f4:a8:4a:c1:12:ce:f3:2e:f9:a7:26:f9:47:fe:e5:83:
ad:00:af:55:72:5f:e9:2e:ad:cd:2a:0d:3b:e7:d4:83:9d:a5:
ea:8b:e6:18:cf:23:9a:83:5b:52:0e:f3:f0:29:8a:10:b0:17:
f5:6c:e0:e2:fe:93:a2:9a:22:82:a4:2a:22:2b:01:3e:a4:39:
e1:14:47:85:64:1b:8c:9b:34:11:f2:7a:fe:5c:ad:85:52:39:
9d:36:8d:45:8a:da:91:91:dc:51:58:28:88:55:69:4b:8c:00:
db:da:e1:07:13:ff:e1:92:9a:f3:e1:b7:df:27:60:b0:2c:30:
7a:7c:98:ad:45:59:9b:01:ac:43:c6:4a:82:12:95:8f:f2:23:
91:a4:54:8c:6f:aa:91:4a:d8:82:12:2d:f1:94:11:dd:ed:cb:
ff:56:eb:ab:9e:97:2a:b1:d3:2e:08:4a:44:53:e5:ad:f6:48:
44:bd:7d:15
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIr44uMcGjKIfyXLoNQkdJPHHnyUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzIxMDAwMDAwWhcNMjQwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTZhNjY4YTI4MWRkNzFlNzg0NzYyY2EzNTg0OGM2ZGI1
MzBjZTk5YThkNzA1YTYwMTRjMzY2NzVmN2E3Mzc0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwFnKfFipDtW/Zq5M6L7S+NhIFwtZivK0FLW44uw+lBj1t
T6ttuy1rmRw96c7+a82j7WV7Y/ibsgpZ+FWCwb0xYcVY+bnm3F1KrvaUjcak3ryO
/TLG9mCoTsawci7fP8vXmNtZwqHnBX4+924AKSdjK/5VwoQw1hHK7+Mye1RHzbQA
JQaCWbheGhw4BCeLKCwszP1uVVwX81T9+XbPGqxsUnsjJsCdOo+FH6l0SVZ7fLLe
UPc0eDwbI80BS5I9fpdnBMSaECa2eNZN4hZNiGwCTTXv6OJvkDLGWfFJ3uYx3A6x
5CyXh4eWNWXxwNazHNhShRNBsC/IQOBa4wYXKEXpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlsvFF5+4t7So9arC+ZjAQuWg6qowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2QzY2VmNzMyLTNlMTktNDQ1ZC04ZGI2LTRlNzU5YTllYTk2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIQO9pr7TSuUR/eNxcu7cJGlB4lH
Cj25xyeV26RiJlMBma0E33KlZ5byXABLQFS8c10z1HTXdTZZpDUqsjNfsMZSqgw5
LwWFC55t9KhKwRLO8y75pyb5R/7lg60Ar1VyX+kurc0qDTvn1IOdpeqL5hjPI5qD
W1IO8/ApihCwF/Vs4OL+k6KaIoKkKiIrAT6kOeEUR4VkG4ybNBHyev5crYVSOZ02
jUWK2pGR3FFYKIhVaUuMANva4QcT/+GSmvPht98nYLAsMHp8mK1FWZsBrEPGSoIS
lY/yI5GkVIxvqpFK2IISLfGUEd3ty/9W66uelyqx0y4ISkRT5a32SES9fRU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:07:20 2025 by rpki-client