Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/df467af3-f63b-43d1-89ce-0165c241b62c.roa
File: df467af3-f63b-43d1-89ce-0165c241b62c.roa (raw, json)
Hash identifier: CjnL1QeUmGDneNV/WMs9TdfTLdCy4yZe4HuhYKI3dD0=
Subject key identifier: 45:BF:0D:F8:72:D0:0E:1C:B2:A7:D2:7C:5C:2B:9A:6A:27:DA:99:4B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2856D0E8F6DED678E2638219CB70D93D38EB851C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/df467af3-f63b-43d1-89ce-0165c241b62c.roa
Signing time: Tue 02 Jul 2024 00:00:00 +0000
ROA not before: Tue 02 Jul 2024 00:00:00 +0000
ROA not after: Tue 06 Aug 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:56:d0:e8:f6:de:d6:78:e2:63:82:19:cb:70:d9:3d:38:eb:85:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 2 00:00:00 2024 GMT
Not After : Aug 6 23:59:59 2024 GMT
Subject: serialNumber=88945ccc39e6526f2f6768c0dd07e32dff50dfe901583cf4bc2e7b4be74c33c4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:43:16:f1:cf:3e:49:23:7a:45:30:2c:00:
60:e9:2b:e1:e2:2d:27:49:1b:28:68:61:b5:51:a8:
ec:a3:c6:d7:b9:2a:b2:9d:d4:f2:a8:59:f8:18:12:
f6:2f:ae:5b:8d:ed:00:31:13:be:b2:7a:50:cb:bb:
e1:ee:97:85:e1:74:f6:aa:ba:0c:a5:86:14:75:84:
58:a5:fe:e0:d0:cb:a7:ae:38:0d:9b:30:73:1d:61:
80:32:b7:45:be:24:e2:88:ee:34:99:a7:f4:ec:24:
1a:d8:b7:e1:61:ee:9e:a5:07:8f:b4:2b:6b:4e:75:
27:47:23:3a:87:2c:ce:c2:f2:68:31:4e:3a:9c:80:
23:26:e6:0b:bf:ce:1a:12:05:03:af:ea:2e:e9:c8:
d1:9e:19:42:0f:0b:1d:84:47:cd:47:53:b0:55:cf:
3e:82:f4:f0:83:ac:0f:b2:59:12:6e:a3:b1:04:9a:
8b:b8:7f:3a:1b:55:03:06:0f:42:ff:6f:cb:74:73:
a9:8f:fc:c9:9d:09:b7:89:27:2c:0f:84:22:f8:ba:
3f:67:9a:1c:d3:47:0b:77:2a:f2:c7:2c:d8:5d:45:
8e:4a:9e:2e:4d:d7:91:ad:8c:a6:e0:1c:9d:cf:9d:
5c:49:7b:a2:94:ce:9d:78:ca:5d:a6:60:e3:83:59:
e1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:BF:0D:F8:72:D0:0E:1C:B2:A7:D2:7C:5C:2B:9A:6A:27:DA:99:4B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/df467af3-f63b-43d1-89ce-0165c241b62c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:5f:28:23:cc:3e:19:64:dc:e7:0a:53:ea:1c:6e:07:3d:1a:
89:ef:82:ac:3b:cd:11:d1:14:9f:fb:9a:84:38:01:69:72:02:
b4:5d:5b:16:5a:a3:eb:bb:3f:df:7c:8c:82:6f:b8:21:db:c8:
80:1d:6b:82:2c:9f:ee:4b:6f:37:b6:bb:13:75:65:c9:5c:c8:
9e:61:ff:50:6a:7a:5b:02:71:44:95:2a:f3:e7:b7:80:c3:26:
dd:bd:77:ca:7a:14:91:39:8f:c0:15:9c:1f:cc:95:70:61:8b:
89:95:14:ac:ce:40:83:cc:ce:c4:fd:f6:7f:cb:42:d7:84:96:
0c:26:f6:ce:93:46:08:a4:62:97:91:51:f5:83:4f:0f:14:e1:
98:10:13:01:30:0d:04:2f:74:47:4b:fb:83:20:af:92:f7:de:
a5:d4:45:e8:0c:02:33:68:31:0b:b2:2c:a9:62:de:41:f5:e0:
a5:a0:d6:20:f5:d7:6d:b9:f2:0e:c8:ac:4f:53:2e:e6:c0:84:
11:49:01:52:b1:42:ef:a5:cc:80:38:21:25:2f:b9:85:75:38:
7e:49:14:f5:f3:45:d3:da:7c:12:48:87:73:57:79:2e:75:e0:
bb:e9:e1:e1:05:f5:aa:bf:39:cc:81:9d:2b:0d:cf:98:98:78:
99:d1:e1:2d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKFbQ6Pbe1njiY4IZy3DZPTjrhRwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzAyMDAwMDAwWhcNMjQwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ODk0NWNjYzM5ZTY1MjZmMmY2NzY4YzBkZDA3ZTMyZGZm
NTBkZmU5MDE1ODNjZjRiYzJlN2I0YmU3NGMzM2M0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbWUMW8c8+SSN6RTAsAGDpK+HiLSdJGyhoYbVRqOyjxte5
KrKd1PKoWfgYEvYvrluN7QAxE76yelDLu+Hul4XhdPaqugylhhR1hFil/uDQy6eu
OA2bMHMdYYAyt0W+JOKI7jSZp/TsJBrYt+Fh7p6lB4+0K2tOdSdHIzqHLM7C8mgx
TjqcgCMm5gu/zhoSBQOv6i7pyNGeGUIPCx2ER81HU7BVzz6C9PCDrA+yWRJuo7EE
mou4fzobVQMGD0L/b8t0c6mP/MmdCbeJJywPhCL4uj9nmhzTRwt3KvLHLNhdRY5K
ni5N15GtjKbgHJ3PnVxJe6KUzp14yl2mYOODWeHRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURb8N+HLQDhyyp9J8XCuaaifamUswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RmNDY3YWYzLWY2M2ItNDNkMS04OWNlLTAxNjVjMjQxYjYyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKRfKCPMPhlk3OcKU+ocbgc9Gonv
gqw7zRHRFJ/7moQ4AWlyArRdWxZao+u7P998jIJvuCHbyIAda4Isn+5Lbze2uxN1
ZclcyJ5h/1BqelsCcUSVKvPnt4DDJt29d8p6FJE5j8AVnB/MlXBhi4mVFKzOQIPM
zsT99n/LQteElgwm9s6TRgikYpeRUfWDTw8U4ZgQEwEwDQQvdEdL+4Mgr5L33qXU
RegMAjNoMQuyLKli3kH14KWg1iD112258g7IrE9TLubAhBFJAVKxQu+lzIA4ISUv
uYV1OH5JFPXzRdPafBJIh3NXeS514Lvp4eEF9aq/OcyBnSsNz5iYeJnR4S0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:43:40 2025 by rpki-client