Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ddcff6a1-edc3-42b5-9e06-b93b8bb3e47f.roa
File: ddcff6a1-edc3-42b5-9e06-b93b8bb3e47f.roa (raw, json)
Hash identifier: LqQaoojUH6UXKynPNrG4lhexEIBbxyevtLye4PVvzU8=
Subject key identifier: 4B:93:DB:7F:FA:6A:A3:37:D6:B0:EE:92:40:40:37:05:C8:D9:64:FF
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 33179B7650E0F95E3F360F540BF0DBEB8686740B
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ddcff6a1-edc3-42b5-9e06-b93b8bb3e47f.roa
Signing time: Fri 08 Dec 2023 00:00:00 +0000
ROA not before: Fri 08 Dec 2023 00:00:00 +0000
ROA not after: Fri 12 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:17:9b:76:50:e0:f9:5e:3f:36:0f:54:0b:f0:db:eb:86:86:74:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 8 00:00:00 2023 GMT
Not After : Jan 12 23:59:59 2024 GMT
Subject: serialNumber=0f77c8be692e2e54cd3b38ed9647445161b25f221cedba79d20d905c12fef1d4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:ed:1d:79:1d:f1:8d:43:2e:f9:c5:2c:f6:
67:61:12:81:5e:cb:60:20:91:3d:58:d2:d8:a5:ba:
a6:47:36:1d:48:46:0a:20:5c:82:d7:47:63:38:41:
0a:b9:a5:4d:45:34:24:1a:5f:5c:90:37:1f:d5:7e:
9f:37:6d:90:99:26:be:a4:7f:ac:4a:c6:72:09:2f:
6c:43:ed:18:63:21:be:9d:58:89:a4:68:2b:87:83:
80:b9:86:93:fa:fc:05:68:b7:b8:3e:ba:4e:b4:ab:
0b:82:c2:b8:b2:24:20:08:7f:0d:dc:37:75:cf:90:
8b:c4:df:88:67:23:75:2b:58:97:2b:12:11:9b:64:
96:6d:3c:d5:1f:5c:65:6d:36:56:97:40:d8:d3:88:
b3:9e:a6:d5:1b:34:95:b9:fa:39:4d:32:1c:b0:de:
ef:2e:4c:a0:13:82:de:b7:3f:9e:24:f1:12:9e:ee:
61:37:df:e7:c2:84:6b:7d:39:6b:d4:50:50:13:92:
05:3a:ff:3e:bd:fa:f8:85:0e:48:c7:75:bb:fd:08:
93:d1:f7:45:de:4e:02:31:8b:c2:40:75:51:52:1b:
94:7b:25:64:6b:58:d5:01:5d:ea:94:5f:ae:68:2a:
ef:da:ad:93:58:1e:33:b8:c4:ae:de:05:76:c3:c9:
89:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:93:DB:7F:FA:6A:A3:37:D6:B0:EE:92:40:40:37:05:C8:D9:64:FF
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ddcff6a1-edc3-42b5-9e06-b93b8bb3e47f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:1b:3b:4f:25:d5:0e:0b:61:f9:f7:b7:d7:46:a2:ee:d4:3e:
52:53:43:e1:25:3c:e5:0a:35:50:ad:34:3d:ca:df:e9:88:82:
be:5a:78:4c:5e:d4:a9:3e:57:e0:76:29:a6:3b:a9:5f:a1:a0:
0e:8d:15:87:39:ac:0e:d6:35:15:d1:19:60:aa:b9:c2:b2:3e:
68:9b:89:33:89:6c:11:23:2e:04:96:7b:2c:a9:66:ca:ed:a1:
4d:bd:50:3d:94:d1:f6:7f:e0:e2:53:87:ab:79:a0:d0:d1:d5:
16:c3:d6:78:be:dd:22:6a:a9:f7:f1:58:3e:1d:b5:12:fc:f6:
2c:94:52:c5:22:36:60:da:1b:0d:63:1f:21:df:4a:12:2b:05:
7a:7a:93:11:93:d5:d4:4b:6f:a5:76:d0:08:b7:a4:51:ae:c2:
eb:63:50:f6:48:2f:b5:fc:27:96:46:02:27:15:c8:e4:ef:e9:
d4:24:6f:d2:b3:33:fd:6d:55:dc:a8:01:26:64:12:ae:a9:db:
ad:ee:84:39:ea:f6:e8:cb:b2:34:96:d5:8c:36:a2:db:62:34:
af:2a:67:5d:fd:0d:3a:e2:fd:66:f2:da:9a:00:46:b1:0d:62:
c5:71:15:a8:57:72:0a:3f:ea:e4:e2:9c:a7:6a:dc:df:a9:8c:
21:5b:a2:18
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMxebdlDg+V4/Ng9UC/Db64aGdAswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjA4MDAwMDAwWhcNMjQwMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZjc3YzhiZTY5MmUyZTU0Y2QzYjM4ZWQ5NjQ3NDQ1MTYx
YjI1ZjIyMWNlZGJhNzlkMjBkOTA1YzEyZmVmMWQ0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3NO0deR3xjUMu+cUs9mdhEoFey2AgkT1Y0tiluqZHNh1I
RgogXILXR2M4QQq5pU1FNCQaX1yQNx/Vfp83bZCZJr6kf6xKxnIJL2xD7RhjIb6d
WImkaCuHg4C5hpP6/AVot7g+uk60qwuCwriyJCAIfw3cN3XPkIvE34hnI3UrWJcr
EhGbZJZtPNUfXGVtNlaXQNjTiLOeptUbNJW5+jlNMhyw3u8uTKATgt63P54k8RKe
7mE33+fChGt9OWvUUFATkgU6/z69+viFDkjHdbv9CJPR90XeTgIxi8JAdVFSG5R7
JWRrWNUBXeqUX65oKu/arZNYHjO4xK7eBXbDyYkhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUS5Pbf/pqozfWsO6SQEA3BcjZZP8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RkY2ZmNmExLWVkYzMtNDJiNS05ZTA2LWI5M2I4YmIzZTQ3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAE0bO08l1Q4LYfn3t9dGou7UPlJT
Q+ElPOUKNVCtND3K3+mIgr5aeExe1Kk+V+B2KaY7qV+hoA6NFYc5rA7WNRXRGWCq
ucKyPmibiTOJbBEjLgSWeyypZsrtoU29UD2U0fZ/4OJTh6t5oNDR1RbD1ni+3SJq
qffxWD4dtRL89iyUUsUiNmDaGw1jHyHfShIrBXp6kxGT1dRLb6V20Ai3pFGuwutj
UPZIL7X8J5ZGAicVyOTv6dQkb9KzM/1tVdyoASZkEq6p263uhDnq9ujLsjSW1Yw2
ottiNK8qZ139DTri/Wby2poARrENYsVxFahXcgo/6uTinKdq3N+pjCFbohg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:33:21 2025 by rpki-client