Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d65b437c-e76f-48f3-b9ce-1d72773334a8.roa
File: d65b437c-e76f-48f3-b9ce-1d72773334a8.roa (raw, json)
Hash identifier: D8nD4AmRumefLJtds1LAZ0ayq27w8lVTFETjKT/Hric=
Subject key identifier: 8B:CE:57:CB:6E:66:1D:F0:43:E6:DB:07:D7:B1:CC:6B:69:D9:7A:71
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 54C24575086814C5C89D6CA04A43DC93E4479C81
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d65b437c-e76f-48f3-b9ce-1d72773334a8.roa
Signing time: Sun 27 Apr 2025 17:13:19 +0000
ROA not before: Sun 27 Apr 2025 17:13:19 +0000
ROA not after: Sun 01 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:c2:45:75:08:68:14:c5:c8:9d:6c:a0:4a:43:dc:93:e4:47:9c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 27 17:13:19 2025 GMT
Not After : Jun 1 23:59:59 2025 GMT
Subject: serialNumber=10b5586a886de35f931f3d43a1076fe95c3187310f0d5af1c6acfb26fe16c0d1, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f0:e0:d9:69:75:aa:fb:f0:c4:59:c5:fb:ef:
ee:18:ef:b5:92:a4:a4:cc:be:10:43:d7:ad:db:43:
95:85:fa:25:95:8c:ce:81:71:68:2b:b0:5d:2b:39:
e2:a5:1b:79:8a:ab:db:99:08:0c:af:f3:65:94:82:
ca:e7:9e:fb:9c:42:e3:0f:95:9e:64:83:34:a9:ca:
0a:30:7c:db:2f:fe:54:09:d5:5b:c9:f9:25:4d:4f:
8f:87:0b:30:16:6f:e6:b7:96:ac:2a:b0:4f:ac:b7:
71:3c:8c:cd:de:8a:58:97:22:73:05:8f:9d:c5:af:
e2:29:f7:68:b3:d1:d3:84:2b:a3:15:5e:99:31:eb:
42:06:5b:40:ba:13:33:24:cc:fb:8d:80:59:32:f5:
df:fd:43:20:a9:44:fd:86:09:b2:3b:c2:d2:f1:48:
83:fd:0b:d4:7d:55:c4:9c:5c:3d:32:7b:4d:36:08:
82:ba:75:3e:48:e3:f6:7f:bb:0f:ac:c1:18:13:f9:
4c:88:76:e5:f6:76:45:f1:98:06:71:10:01:02:c5:
f8:ad:16:5f:9f:a1:be:35:b4:0b:96:8d:2e:cd:0c:
82:7a:4d:54:00:10:82:c0:7a:49:e5:96:30:d7:16:
e3:24:dc:8b:3c:5a:76:d9:77:22:a3:91:ad:f9:48:
8a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:CE:57:CB:6E:66:1D:F0:43:E6:DB:07:D7:B1:CC:6B:69:D9:7A:71
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d65b437c-e76f-48f3-b9ce-1d72773334a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:ba:d7:4e:b3:d3:ba:7b:61:02:9d:a0:67:13:71:03:10:2a:
ba:28:86:6f:ee:cb:0a:bf:41:c3:30:62:b2:38:b4:42:15:e5:
00:0d:a5:93:9c:91:90:d9:94:e0:c0:9b:6c:e6:a4:5b:05:f1:
53:4c:cf:55:0f:5b:ff:b8:ca:af:a0:8a:d6:7a:7e:47:6e:06:
4c:12:8a:04:55:98:56:08:83:cc:be:8d:de:ad:b7:e3:19:b7:
aa:3d:9e:03:b2:2e:16:af:7b:ee:f8:dc:aa:05:93:ed:68:63:
1f:27:91:27:c1:c7:da:11:eb:a3:0e:6c:c7:27:50:4d:2a:7e:
3f:5b:2d:db:b7:a6:cb:fd:7e:d9:d0:28:43:32:61:36:38:b7:
e7:48:ac:8c:67:e3:7c:a9:d5:2e:59:3c:07:b7:a9:72:bc:31:
43:94:77:c2:a2:38:70:c6:85:7f:59:f3:c7:78:f9:fc:a5:e6:
6d:7c:07:4e:6f:3c:54:bc:b1:45:c3:39:06:bb:85:73:67:ff:
ba:77:2a:38:bc:a6:06:7d:f0:43:f7:c9:ea:4f:c7:8a:91:5b:
d5:99:0e:94:1f:47:13:fc:04:c4:a8:31:97:6e:b6:66:85:a0:
d6:3f:e3:e9:d2:4c:56:d2:10:7e:2d:1a:99:86:e4:04:61:f2:
cb:bb:f3:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVMJFdQhoFMXInWygSkPck+RHnIEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI3MTcxMzE5WhcNMjUwNjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMGI1NTg2YTg4NmRlMzVmOTMxZjNkNDNhMTA3NmZlOTVj
MzE4NzMxMGYwZDVhZjFjNmFjZmIyNmZlMTZjMGQxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC08ODZaXWq+/DEWcX77+4Y77WSpKTMvhBD163bQ5WF+iWV
jM6BcWgrsF0rOeKlG3mKq9uZCAyv82WUgsrnnvucQuMPlZ5kgzSpygowfNsv/lQJ
1VvJ+SVNT4+HCzAWb+a3lqwqsE+st3E8jM3eiliXInMFj53Fr+Ip92iz0dOEK6MV
Xpkx60IGW0C6EzMkzPuNgFky9d/9QyCpRP2GCbI7wtLxSIP9C9R9VcScXD0ye002
CIK6dT5I4/Z/uw+swRgT+UyIduX2dkXxmAZxEAECxfitFl+fob41tAuWjS7NDIJ6
TVQAEILAeknlljDXFuMk3Is8WnbZdyKjka35SIoLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUi85Xy25mHfBD5tsH17HMa2nZenEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q2NWI0MzdjLWU3NmYtNDhmMy1iOWNlLTFkNzI3NzMzMzRhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKK6106z07p7YQKdoGcTcQMQKroo
hm/uywq/QcMwYrI4tEIV5QANpZOckZDZlODAm2zmpFsF8VNMz1UPW/+4yq+gitZ6
fkduBkwSigRVmFYIg8y+jd6tt+MZt6o9ngOyLhave+743KoFk+1oYx8nkSfBx9oR
66MObMcnUE0qfj9bLdu3psv9ftnQKEMyYTY4t+dIrIxn43yp1S5ZPAe3qXK8MUOU
d8KiOHDGhX9Z88d4+fyl5m18B05vPFS8sUXDOQa7hXNn/7p3Kji8pgZ98EP3yepP
x4qRW9WZDpQfRxP8BMSoMZdutmaFoNY/4+nSTFbSEH4tGpmG5ARh8su7834=
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:39:37 2025 by rpki-client