Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d9735962-6dd1-4193-a681-736ed7f982ca.roa
File: d9735962-6dd1-4193-a681-736ed7f982ca.roa (raw, json)
Hash identifier: vDmyJdIe546RRqYjEREZeCYuYdyl6gC8sfVH0XTBaGc=
Subject key identifier: CA:31:31:9C:A5:EF:A3:A6:BA:8D:13:C6:EA:97:20:FB:7C:9E:98:74
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 12022947D51BA875C666ACE3B3F3272E15A8D56E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d9735962-6dd1-4193-a681-736ed7f982ca.roa
Signing time: Mon 05 Feb 2024 00:00:00 +0000
ROA not before: Mon 05 Feb 2024 00:00:00 +0000
ROA not after: Mon 11 Mar 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:02:29:47:d5:1b:a8:75:c6:66:ac:e3:b3:f3:27:2e:15:a8:d5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 5 00:00:00 2024 GMT
Not After : Mar 11 23:59:59 2024 GMT
Subject: serialNumber=56f3256fdad87ad7059742f9a124dac2ff173cc572c5aa45acb3a0734d4421a2, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:56:76:0d:66:6b:b6:78:f4:95:57:80:78:
b8:73:22:e5:f4:ab:b2:c5:ea:2a:16:ec:3f:a2:e3:
eb:5a:3b:07:71:3d:08:7c:96:10:4e:f6:a7:30:17:
3d:55:64:7b:48:11:65:a4:65:58:be:73:93:e6:f6:
5a:75:d1:1d:5a:81:50:33:1f:f7:fc:79:58:a7:78:
61:2b:4a:c7:c9:b8:79:98:1e:e0:38:4e:1f:b9:7c:
24:e6:bd:de:08:1a:4b:4e:43:4b:54:ec:43:0a:f2:
e9:73:5e:7c:e4:7c:58:f8:f5:f7:3f:a4:04:24:25:
8b:11:f3:74:07:0a:12:e5:87:b4:4c:56:7d:0a:1e:
2b:24:33:64:be:6d:91:9e:5d:cf:22:b7:63:d1:29:
a8:32:5d:92:0d:ad:ff:9b:a7:34:aa:31:3a:1e:d8:
36:7d:97:24:4a:1c:9f:bd:e7:01:5d:36:65:32:0e:
a0:2a:99:7f:3e:f8:b8:1d:21:4f:6c:7c:ad:4a:ae:
a6:f9:5d:43:71:6e:1e:de:8b:aa:59:da:5a:73:24:
bc:2a:18:0f:24:d3:37:0a:c3:83:b5:07:64:4c:8a:
33:8d:9b:68:fb:e3:8b:8e:18:50:a9:12:97:0a:f1:
fc:a5:67:fc:41:a8:13:58:1a:f6:e3:b9:61:48:40:
d4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:31:31:9C:A5:EF:A3:A6:BA:8D:13:C6:EA:97:20:FB:7C:9E:98:74
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d9735962-6dd1-4193-a681-736ed7f982ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
78:45:9d:b5:89:3f:80:b0:ac:09:d7:ad:d3:f0:90:1c:77:93:
bf:24:36:d7:4c:88:9d:af:a1:7d:ea:8d:89:08:fd:8c:40:49:
a3:65:4d:f5:f0:0e:ce:89:f3:84:92:61:07:02:a3:41:fd:57:
f6:c3:a8:56:de:a5:7c:33:c5:17:32:2c:ba:2b:63:35:3c:05:
04:d4:67:f7:6d:de:a8:d2:7b:35:82:e9:33:fb:3a:3c:98:0c:
13:bc:e6:2a:f6:91:e0:c4:41:d5:2b:9c:a6:55:69:3d:4b:94:
3d:fe:9b:e8:7b:11:00:52:ac:63:64:31:c5:b0:3a:24:33:df:
d1:c7:b4:e7:b6:59:e2:53:14:40:f3:8d:a2:e5:ce:c5:1d:9b:
fc:ff:de:3a:4e:37:66:09:bd:64:81:ba:45:73:75:0f:7b:ab:
c3:73:30:b2:1d:b9:65:67:46:57:04:97:ae:aa:88:ad:62:89:
bf:92:f1:fe:ac:19:7f:5a:38:8f:dc:af:b1:17:e8:b2:55:b0:
fe:44:93:54:46:67:d4:76:7b:47:49:0f:49:d3:bd:5f:76:d2:
e3:a2:1f:dc:83:3c:74:bf:5f:7a:5b:18:3f:63:fa:d1:c3:0b:
ba:31:10:93:f8:f3:4a:85:9d:2a:af:fa:89:6f:7c:64:41:67:
85:a8:a2:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEgIpR9UbqHXGZqzjs/MnLhWo1W4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMjA1MDAwMDAwWhcNMjQwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NmYzMjU2ZmRhZDg3YWQ3MDU5NzQyZjlhMTI0ZGFjMmZm
MTczY2M1NzJjNWFhNDVhY2IzYTA3MzRkNDQyMWEyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy4VZ2DWZrtnj0lVeAeLhzIuX0q7LF6ioW7D+i4+taOwdx
PQh8lhBO9qcwFz1VZHtIEWWkZVi+c5Pm9lp10R1agVAzH/f8eVineGErSsfJuHmY
HuA4Th+5fCTmvd4IGktOQ0tU7EMK8ulzXnzkfFj49fc/pAQkJYsR83QHChLlh7RM
Vn0KHiskM2S+bZGeXc8it2PRKagyXZINrf+bpzSqMToe2DZ9lyRKHJ+95wFdNmUy
DqAqmX8++LgdIU9sfK1Krqb5XUNxbh7ei6pZ2lpzJLwqGA8k0zcKw4O1B2RMijON
m2j744uOGFCpEpcK8fylZ/xBqBNYGvbjuWFIQNRNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyjExnKXvo6a6jRPG6pcg+3yemHQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q5NzM1OTYyLTZkZDEtNDE5My1hNjgxLTczNmVkN2Y5ODJjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHhFnbWJP4CwrAnXrdPwkBx3k78k
NtdMiJ2voX3qjYkI/YxASaNlTfXwDs6J84SSYQcCo0H9V/bDqFbepXwzxRcyLLor
YzU8BQTUZ/dt3qjSezWC6TP7OjyYDBO85ir2keDEQdUrnKZVaT1LlD3+m+h7EQBS
rGNkMcWwOiQz39HHtOe2WeJTFEDzjaLlzsUdm/z/3jpON2YJvWSBukVzdQ97q8Nz
MLIduWVnRlcEl66qiK1iib+S8f6sGX9aOI/cr7EX6LJVsP5Ek1RGZ9R2e0dJD0nT
vV920uOiH9yDPHS/X3pbGD9j+tHDC7oxEJP480qFnSqv+olvfGRBZ4WoomQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:27:11 2025 by rpki-client