Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d4e4eb22-091d-45ba-8bb9-06fe24c3e301.roa
File: d4e4eb22-091d-45ba-8bb9-06fe24c3e301.roa (raw, json)
Hash identifier: SPyL6ooPfuYQ6dJg5+bb5NX0sGAmQdA2DXFM/TJO8Qw=
Subject key identifier: 23:B6:E5:18:46:CA:68:24:9C:86:E5:92:D4:DB:87:5B:4A:04:95:BF
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5CB6493EF53EDDD2E21514EECEDF8BBAA4E76352
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d4e4eb22-091d-45ba-8bb9-06fe24c3e301.roa
Signing time: Sat 15 Feb 2025 22:28:20 +0000
ROA not before: Sat 15 Feb 2025 22:28:20 +0000
ROA not after: Sat 22 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:b6:49:3e:f5:3e:dd:d2:e2:15:14:ee:ce:df:8b:ba:a4:e7:63:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 15 22:28:20 2025 GMT
Not After : Mar 22 23:59:59 2025 GMT
Subject: serialNumber=79e43d3817e3ae6fe8aa24a1e8d35ac78871cd989d96426570606a0ac154dabf, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bd:fa:f1:34:cd:1b:66:a9:09:44:d6:60:f6:
98:72:b8:21:7f:68:3b:22:4d:9c:e2:83:bf:d2:ee:
66:ac:e0:be:3c:26:57:e1:99:2d:91:96:ad:2c:b8:
fc:b1:a1:ab:b1:3f:f9:9b:a2:c5:e8:7e:ed:e4:4b:
c0:53:1a:72:a5:0f:ed:86:38:05:03:b8:1c:90:ab:
93:c8:36:a9:16:b4:72:45:d1:d4:b6:21:ed:63:7e:
c5:4d:85:c2:1c:33:e4:81:fc:bf:e8:90:a3:2f:27:
6d:50:68:cc:7a:32:b8:40:27:70:3d:8e:96:05:45:
8b:d5:fe:95:53:bc:1e:e3:c3:c7:82:ef:ac:d8:45:
1d:ec:35:d5:30:a8:69:7d:94:cb:d3:70:86:6b:38:
8a:ae:30:43:a4:ba:1f:a3:46:3d:fb:68:55:40:32:
9c:ce:4d:1a:f5:c5:77:a1:72:55:86:f2:c4:3f:73:
78:9b:2a:52:5d:0e:20:c2:83:d0:6c:ec:ae:92:18:
79:3f:ff:a6:e3:64:8b:07:5d:45:b6:73:9a:35:b3:
f6:93:db:fa:b6:3f:43:61:92:3c:94:34:f9:40:9d:
e1:ad:52:e0:7a:92:a3:76:48:ec:63:74:8e:d2:cf:
83:e4:12:d2:14:a2:7e:04:d4:54:b9:39:62:4e:d0:
73:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B6:E5:18:46:CA:68:24:9C:86:E5:92:D4:DB:87:5B:4A:04:95:BF
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d4e4eb22-091d-45ba-8bb9-06fe24c3e301.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
66:af:3d:26:a5:9d:df:d9:5f:9f:29:ee:22:da:a3:90:5a:11:
0c:b0:54:33:bf:d8:bf:ca:b3:66:20:68:df:8f:92:d5:6c:94:
65:e4:f1:ad:c6:a3:06:1b:3d:71:4f:64:f6:16:ea:1d:90:c2:
56:e3:eb:bc:78:02:c0:28:da:7d:21:38:c7:ac:e1:94:7f:8b:
ed:1d:5b:49:62:ae:71:db:ca:0b:ec:1a:ec:10:7b:59:d8:3c:
8b:4a:c4:e6:89:fe:51:52:1a:07:59:05:b9:b0:81:da:18:c5:
46:84:00:e9:f8:c9:32:ff:40:63:a7:b8:e2:ea:f7:7d:cc:5f:
98:18:de:ed:2a:91:68:55:14:16:1b:ca:83:f1:d5:0c:84:be:
f6:37:43:8a:53:58:66:e5:90:53:3f:1f:9f:b1:2c:18:1b:9f:
70:e1:b4:0a:33:62:45:5a:ad:15:29:87:77:76:e5:96:fd:b2:
3a:da:36:6d:a5:33:cf:7a:43:c8:fc:88:b6:13:e0:61:05:c1:
b2:e6:8c:a4:59:b3:80:21:35:75:51:4a:83:e3:f2:49:c9:8c:
35:3e:ef:e2:d3:fd:4f:40:4d:a0:b1:4d:7c:6a:9a:5b:f2:7e:
ec:a1:40:3f:f1:a7:6e:e4:a0:5e:f7:35:df:c1:39:2f:97:23:
f8:7b:d8:36
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXLZJPvU+3dLiFRTuzt+LuqTnY1IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjE1MjIyODIwWhcNMjUwMzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OWU0M2QzODE3ZTNhZTZmZThhYTI0YTFlOGQzNWFjNzg4
NzFjZDk4OWQ5NjQyNjU3MDYwNmEwYWMxNTRkYWJmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZvfrxNM0bZqkJRNZg9phyuCF/aDsiTZzig7/S7mas4L48
JlfhmS2Rlq0suPyxoauxP/mbosXofu3kS8BTGnKlD+2GOAUDuByQq5PINqkWtHJF
0dS2Ie1jfsVNhcIcM+SB/L/okKMvJ21QaMx6MrhAJ3A9jpYFRYvV/pVTvB7jw8eC
76zYRR3sNdUwqGl9lMvTcIZrOIquMEOkuh+jRj37aFVAMpzOTRr1xXehclWG8sQ/
c3ibKlJdDiDCg9Bs7K6SGHk//6bjZIsHXUW2c5o1s/aT2/q2P0NhkjyUNPlAneGt
UuB6kqN2SOxjdI7Sz4PkEtIUon4E1FS5OWJO0HPRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUI7blGEbKaCSchuWS1NuHW0oElb8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q0ZTRlYjIyLTA5MWQtNDViYS04YmI5LTA2ZmUyNGMzZTMwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGavPSalnd/ZX58p7iLao5BaEQyw
VDO/2L/Ks2YgaN+PktVslGXk8a3GowYbPXFPZPYW6h2Qwlbj67x4AsAo2n0hOMes
4ZR/i+0dW0lirnHbygvsGuwQe1nYPItKxOaJ/lFSGgdZBbmwgdoYxUaEAOn4yTL/
QGOnuOLq933MX5gY3u0qkWhVFBYbyoPx1QyEvvY3Q4pTWGblkFM/H5+xLBgbn3Dh
tAozYkVarRUph3d25Zb9sjraNm2lM896Q8j8iLYT4GEFwbLmjKRZs4AhNXVRSoPj
8knJjDU+7+LT/U9ATaCxTXxqmlvyfuyhQD/xp27koF73Nd/BOS+XI/h72DY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:43:33 2025 by rpki-client