Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d414c4ff-fe64-449c-ad6d-22308e37bdc4.roa
File: d414c4ff-fe64-449c-ad6d-22308e37bdc4.roa (raw, json)
Hash identifier: QiDW9iCB8IjBcTzeXq8FoGTvXtAw/xnU9GRqiq37bJU=
Subject key identifier: B6:E6:95:AE:22:48:8A:B1:F9:3C:0C:F4:BF:13:E1:CD:6E:61:43:6A
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6660151F326719FF54ED6027B26F22979190680E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d414c4ff-fe64-449c-ad6d-22308e37bdc4.roa
Signing time: Sun 16 Feb 2025 16:13:19 +0000
ROA not before: Sun 16 Feb 2025 16:13:19 +0000
ROA not after: Sun 23 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:60:15:1f:32:67:19:ff:54:ed:60:27:b2:6f:22:97:91:90:68:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 16 16:13:19 2025 GMT
Not After : Mar 23 23:59:59 2025 GMT
Subject: serialNumber=e1471ac4e6d5bb991650192a065a7327a1e4a711be457eefab694f8a41cfb46b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:89:d0:62:26:01:a4:cd:6a:17:1b:b1:a7:52:
55:48:d7:25:9c:46:31:76:f2:77:1e:4c:06:d2:08:
0c:9c:29:c5:59:2d:fd:43:39:6a:49:58:f5:72:7f:
99:0d:2e:e2:aa:08:4f:c6:d4:fd:53:df:1c:57:63:
c9:25:40:c3:89:43:51:8a:1b:54:5d:c1:ea:a9:5c:
c4:67:ca:d2:ac:e0:71:34:e9:5a:88:ee:58:6e:5d:
d8:38:93:cd:c8:dd:37:27:6a:5b:6b:e1:25:b8:17:
b2:f7:3f:f1:d2:10:df:e9:82:d5:03:38:15:28:da:
31:ca:a4:4e:f2:a4:9c:f9:9b:62:f8:eb:44:f1:25:
9c:f1:72:62:fc:7b:b9:75:d3:2a:5b:a2:cb:f1:d1:
f2:f8:f3:4e:00:97:66:43:29:91:a1:2f:fd:8e:05:
cf:f1:be:f7:56:75:90:67:07:a5:01:14:7d:f3:95:
f3:e5:4a:74:61:d7:0e:6c:79:2a:e1:4e:b2:f5:9f:
86:47:66:76:a5:b6:37:9c:be:a5:3c:df:88:ae:a5:
f4:4c:bd:10:d1:d7:a2:ef:96:fd:91:61:50:78:9d:
50:91:de:03:5e:e5:a0:7b:37:8f:63:7b:d4:9b:5a:
e5:09:bc:d8:be:0d:b5:48:74:38:ab:1e:2f:d8:ca:
49:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E6:95:AE:22:48:8A:B1:F9:3C:0C:F4:BF:13:E1:CD:6E:61:43:6A
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d414c4ff-fe64-449c-ad6d-22308e37bdc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
48:43:86:8a:46:93:db:fb:2e:7b:85:c8:9f:16:11:c2:87:6b:
e3:9f:77:b1:c6:24:b1:fd:74:8c:48:76:3e:79:25:7f:11:10:
a9:3a:0e:42:8e:10:4e:a2:c7:e2:31:12:4c:27:89:b8:24:1d:
85:4d:a3:4d:fe:9d:88:eb:d2:af:56:55:e2:1f:ea:c3:af:8a:
1e:1f:ed:f5:e5:1a:4c:23:cc:54:0b:d6:29:ae:4c:5b:7b:7a:
64:9e:3d:54:68:50:b3:0d:34:8c:08:46:ad:a7:bf:5a:e9:fc:
81:54:3f:64:3a:8f:df:36:af:04:3b:d8:b0:47:f9:47:c2:f6:
31:ef:97:26:58:e0:59:a7:d2:27:54:fc:37:b6:05:fc:17:c0:
71:8a:96:70:e0:15:27:2b:d9:a4:5c:fc:6f:f9:72:d4:b5:f0:
f0:c1:8a:3d:ca:86:81:ec:37:bd:65:d3:8a:16:b2:23:1d:7f:
94:82:4d:89:ca:f8:b0:ca:a7:5c:22:75:65:bf:c1:3c:bf:2e:
1e:fe:b3:cc:c8:69:90:4a:c5:36:9b:e3:47:f0:fe:99:22:ae:
1f:20:3f:d2:58:5b:70:06:84:f5:64:c7:54:f9:0e:95:e4:aa:
43:12:13:dc:f9:3e:92:1b:96:4a:65:28:b6:bf:7f:70:23:c8:
b2:37:3a:d6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZmAVHzJnGf9U7WAnsm8il5GQaA4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjE2MTYxMzE5WhcNMjUwMzIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTQ3MWFjNGU2ZDViYjk5MTY1MDE5MmEwNjVhNzMyN2Ex
ZTRhNzExYmU0NTdlZWZhYjY5NGY4YTQxY2ZiNDZiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmidBiJgGkzWoXG7GnUlVI1yWcRjF28nceTAbSCAycKcVZ
Lf1DOWpJWPVyf5kNLuKqCE/G1P1T3xxXY8klQMOJQ1GKG1RdweqpXMRnytKs4HE0
6VqI7lhuXdg4k83I3Tcnaltr4SW4F7L3P/HSEN/pgtUDOBUo2jHKpE7ypJz5m2L4
60TxJZzxcmL8e7l10ypbosvx0fL4804Al2ZDKZGhL/2OBc/xvvdWdZBnB6UBFH3z
lfPlSnRh1w5seSrhTrL1n4ZHZnaltjecvqU834iupfRMvRDR16Lvlv2RYVB4nVCR
3gNe5aB7N49je9SbWuUJvNi+DbVIdDirHi/Yykl1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtuaVriJIirH5PAz0vxPhzW5hQ2owHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q0MTRjNGZmLWZlNjQtNDQ5Yy1hZDZkLTIyMzA4ZTM3YmRjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEhDhopGk9v7LnuFyJ8WEcKHa+Of
d7HGJLH9dIxIdj55JX8REKk6DkKOEE6ix+IxEkwnibgkHYVNo03+nYjr0q9WVeIf
6sOvih4f7fXlGkwjzFQL1imuTFt7emSePVRoULMNNIwIRq2nv1rp/IFUP2Q6j982
rwQ72LBH+UfC9jHvlyZY4Fmn0idU/De2BfwXwHGKlnDgFScr2aRc/G/5ctS18PDB
ij3KhoHsN71l04oWsiMdf5SCTYnK+LDKp1widWW/wTy/Lh7+s8zIaZBKxTab40fw
/pkirh8gP9JYW3AGhPVkx1T5DpXkqkMSE9z5PpIblkplKLa/f3AjyLI3OtY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:02:56 2025 by rpki-client