Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/deb01784-5e1b-48bd-8ce0-647383432047.roa
File: deb01784-5e1b-48bd-8ce0-647383432047.roa (raw, json)
Hash identifier: Pi8sT5YE8X/KV89Cmv8h1ffVIJyu8hdVVQaNzZ5bfyo=
Subject key identifier: 60:8B:F9:C4:B8:97:D9:83:E8:24:0E:6E:FB:AD:A3:01:DD:6C:16:8E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 1B54AB686351081828AF2E5C08036387F2879FF5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/deb01784-5e1b-48bd-8ce0-647383432047.roa
Signing time: Tue 14 Nov 2023 00:00:00 +0000
ROA not before: Tue 14 Nov 2023 00:00:00 +0000
ROA not after: Tue 19 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:54:ab:68:63:51:08:18:28:af:2e:5c:08:03:63:87:f2:87:9f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 14 00:00:00 2023 GMT
Not After : Dec 19 23:59:59 2023 GMT
Subject: serialNumber=0fadfe3d6cfc85ebb4aad056b77d4623d64f65b0eecc5ac780c477b6d917ac4f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1f:0e:dc:09:4e:97:d2:6a:5b:e0:81:02:27:
0b:52:af:a7:e0:ae:09:06:07:19:61:33:78:dd:99:
e0:07:68:b3:ad:70:31:90:2c:2f:78:74:01:c9:33:
42:a3:33:a3:b5:c8:df:6b:ec:41:98:66:e7:76:4c:
cd:85:53:58:c1:84:c7:9d:75:61:86:1f:ae:1c:b6:
77:ca:5f:86:df:82:56:50:e1:0b:d5:6d:2b:63:10:
c9:d9:bf:c9:83:a6:03:32:fd:15:ff:c7:90:a3:b2:
4e:aa:65:bf:0f:3b:26:b2:83:91:63:fa:2b:8c:c8:
0e:f1:87:78:e9:31:40:f9:bc:90:fa:dd:8a:8d:69:
77:dc:9b:0d:6e:6a:2f:d8:fc:07:5b:0d:a7:12:ab:
2b:86:df:08:50:2d:84:8a:7d:c7:45:9c:31:d6:ec:
2e:dc:7c:85:97:1f:46:7a:0a:39:d5:43:85:e2:b9:
02:61:63:ec:88:d7:25:50:ea:6b:54:00:fb:78:3f:
fb:b7:a4:99:eb:77:e1:6c:ca:5f:40:9f:87:73:b2:
24:52:22:36:80:e0:4b:56:df:5f:5a:30:ff:ca:30:
b6:cc:f6:0f:af:69:5b:28:76:9b:b0:0d:6c:5c:b0:
01:f8:e1:ea:70:b7:36:4c:5c:3d:9e:1e:70:51:13:
e4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8B:F9:C4:B8:97:D9:83:E8:24:0E:6E:FB:AD:A3:01:DD:6C:16:8E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/deb01784-5e1b-48bd-8ce0-647383432047.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
63:56:98:20:9a:e1:87:dc:51:de:56:42:f1:0f:c4:d3:3a:6f:
2f:f7:da:5c:8f:e7:20:51:73:4e:3b:5c:8d:d3:3b:ea:e3:a0:
f2:d1:8f:f4:6e:7a:fa:07:6b:65:ef:21:ad:8b:7d:3e:4d:ff:
40:03:08:fc:60:8a:dd:3a:b4:5f:01:00:2f:29:aa:ea:4b:6d:
b7:46:2a:b5:d1:fb:93:d0:81:6b:81:3b:83:2b:6f:45:29:e8:
64:a1:43:d1:79:d8:b9:d2:b8:91:45:a0:f1:e9:cc:50:1a:ba:
91:cd:11:9c:7c:db:c9:d2:26:9a:fa:5a:af:dd:17:3e:20:cd:
4c:23:27:84:2b:cd:04:76:fb:21:07:8b:5e:1d:06:c1:5d:16:
26:00:fe:ae:80:4f:07:9d:0c:bc:d3:62:ea:8b:1e:2a:51:98:
08:35:b4:70:72:4d:5c:b3:d0:ba:f3:1c:3f:8d:f6:97:73:5a:
24:76:99:e0:e8:8a:99:41:6d:86:2f:0c:28:08:02:80:83:a9:
55:71:cc:ac:9b:bc:51:61:c7:f2:3c:0d:b2:ad:4e:28:88:fc:
88:35:df:33:53:17:69:04:d4:e5:84:b5:dd:15:59:f8:2a:91:
f1:15:d1:91:e8:ef:6c:d9:34:f8:72:7e:eb:be:3c:a7:72:27:
83:e5:36:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG1SraGNRCBgory5cCANjh/KHn/UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTE0MDAwMDAwWhcNMjMxMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZmFkZmUzZDZjZmM4NWViYjRhYWQwNTZiNzdkNDYyM2Q2
NGY2NWIwZWVjYzVhYzc4MGM0NzdiNmQ5MTdhYzRmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfHw7cCU6X0mpb4IECJwtSr6fgrgkGBxlhM3jdmeAHaLOt
cDGQLC94dAHJM0KjM6O1yN9r7EGYZud2TM2FU1jBhMeddWGGH64ctnfKX4bfglZQ
4QvVbStjEMnZv8mDpgMy/RX/x5Cjsk6qZb8POyayg5Fj+iuMyA7xh3jpMUD5vJD6
3YqNaXfcmw1uai/Y/AdbDacSqyuG3whQLYSKfcdFnDHW7C7cfIWXH0Z6CjnVQ4Xi
uQJhY+yI1yVQ6mtUAPt4P/u3pJnrd+Fsyl9An4dzsiRSIjaA4EtW319aMP/KMLbM
9g+vaVsodpuwDWxcsAH44epwtzZMXD2eHnBRE+T1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYIv5xLiX2YPoJA5u+62jAd1sFo4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RlYjAxNzg0LTVlMWItNDhiZC04Y2UwLTY0NzM4MzQzMjA0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGNWmCCa4YfcUd5WQvEPxNM6by/3
2lyP5yBRc047XI3TO+rjoPLRj/RuevoHa2XvIa2LfT5N/0ADCPxgit06tF8BAC8p
qupLbbdGKrXR+5PQgWuBO4Mrb0Up6GShQ9F52LnSuJFFoPHpzFAaupHNEZx828nS
Jpr6Wq/dFz4gzUwjJ4QrzQR2+yEHi14dBsFdFiYA/q6ATwedDLzTYuqLHipRmAg1
tHByTVyz0LrzHD+N9pdzWiR2meDoiplBbYYvDCgIAoCDqVVxzKybvFFhx/I8DbKt
TiiI/Ig13zNTF2kE1OWEtd0VWfgqkfEV0ZHo72zZNPhyfuu+PKdyJ4PlNpw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:44:29 2025 by rpki-client