Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/df807e6d-5aeb-40a8-ad08-223f405b89eb.roa
File: df807e6d-5aeb-40a8-ad08-223f405b89eb.roa (raw, json)
Hash identifier: wb4GkEn8hdr3dZvNAJPe28MeO/19VckSWjuSqxFFeoA=
Subject key identifier: 4B:2D:22:F5:04:0E:DA:0F:DE:C5:04:9F:F4:08:C6:28:99:B4:9C:FB
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 52B10D48B7FC58CB0F1579B841BE346C6BC117F7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/df807e6d-5aeb-40a8-ad08-223f405b89eb.roa
Signing time: Mon 02 Sep 2024 00:00:00 +0000
ROA not before: Mon 02 Sep 2024 00:00:00 +0000
ROA not after: Mon 07 Oct 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:b1:0d:48:b7:fc:58:cb:0f:15:79:b8:41:be:34:6c:6b:c1:17:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 2 00:00:00 2024 GMT
Not After : Oct 7 23:59:59 2024 GMT
Subject: serialNumber=0729b4baa5a67924355c454071c112dc34556b7f24f411d90adc62f3cabd8b48, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:77:5d:03:01:5e:16:a8:ea:9a:7b:73:07:db:
8d:f4:a5:c0:44:df:29:72:49:db:ff:ea:20:83:36:
62:d1:0f:67:81:c8:d4:ea:9f:53:4a:f3:5e:75:51:
b9:a8:93:72:dd:31:f2:20:4e:e8:98:72:b4:90:ef:
4a:4a:8f:58:21:53:98:92:40:b2:0c:c2:2e:c6:0e:
35:1b:76:77:1e:27:bf:cc:98:b1:91:f8:dc:c5:6e:
f3:90:db:52:ee:82:06:b5:1c:74:bd:30:3b:0b:ed:
89:8f:31:09:4c:f4:99:04:c9:bd:9e:c5:b1:a4:fd:
74:88:49:7f:84:d1:62:39:d0:90:17:57:3f:6a:75:
d4:60:9f:11:dc:0b:1e:d4:ae:0c:da:7d:22:f1:40:
bd:bd:2d:8d:1e:04:19:38:13:18:26:44:c9:1a:c0:
54:fb:eb:fb:c7:df:44:a9:d2:f1:42:7a:db:17:19:
57:e9:71:fc:07:67:b9:e3:01:4d:7d:7e:d7:51:4e:
e4:2a:a6:3d:4c:00:cb:1c:e9:de:48:6d:85:40:99:
af:d1:e7:52:5c:33:ff:62:9c:e5:fe:72:1a:86:b9:
d4:a1:a5:b6:f5:a7:31:49:6d:25:70:14:e7:ff:60:
10:58:f9:00:56:74:23:87:03:20:32:ac:97:eb:a3:
ef:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2D:22:F5:04:0E:DA:0F:DE:C5:04:9F:F4:08:C6:28:99:B4:9C:FB
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/df807e6d-5aeb-40a8-ad08-223f405b89eb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
69:5b:2b:84:21:f1:58:0d:96:aa:a4:2a:cf:f0:e4:7f:d0:24:
f4:47:29:61:be:11:03:1c:1a:64:65:5a:e8:5e:a6:63:02:e8:
82:5c:42:fb:29:96:62:2e:0b:e0:d5:ed:9f:52:6f:48:3f:c0:
48:0a:0b:ea:8e:5d:84:06:dd:62:fb:32:8f:0b:74:56:15:12:
e2:f3:3d:5d:61:fe:66:86:12:d5:e2:38:ba:e4:1e:2d:f9:20:
b0:14:89:f6:00:f2:cb:37:67:9b:9b:80:7d:2c:69:ca:a2:b3:
20:93:f9:2e:52:1c:03:ff:d0:d5:c3:18:e6:ce:64:ef:d8:bc:
ce:47:e0:7a:88:b2:16:c3:60:f5:b2:8b:92:e1:61:e7:8f:c1:
65:3b:e7:a1:d7:52:ae:b0:5c:b6:38:ce:ef:d5:1d:bb:18:2e:
3a:79:9e:4d:1b:d2:7c:51:5d:b2:c7:fc:df:06:fa:fb:b4:5d:
61:8b:31:0c:58:8e:ac:07:4d:e5:4f:13:6c:78:da:ab:ba:ef:
4f:55:ed:90:4c:7a:30:a5:51:08:5e:aa:a2:fb:c9:b8:b9:38:
1e:0a:83:2e:63:15:05:50:e2:8d:5a:13:7b:14:1e:3d:98:97:
92:f3:aa:9f:f5:c5:ef:46:2f:f6:4f:fd:cf:b0:29:d8:97:da:
7f:92:3f:f0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUrENSLf8WMsPFXm4Qb40bGvBF/cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTAyMDAwMDAwWhcNMjQxMDA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzI5YjRiYWE1YTY3OTI0MzU1YzQ1NDA3MWMxMTJkYzM0
NTU2YjdmMjRmNDExZDkwYWRjNjJmM2NhYmQ4YjQ4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCud10DAV4WqOqae3MH2430pcBE3ylySdv/6iCDNmLRD2eB
yNTqn1NK8151Ubmok3LdMfIgTuiYcrSQ70pKj1ghU5iSQLIMwi7GDjUbdnceJ7/M
mLGR+NzFbvOQ21Lugga1HHS9MDsL7YmPMQlM9JkEyb2exbGk/XSISX+E0WI50JAX
Vz9qddRgnxHcCx7UrgzafSLxQL29LY0eBBk4ExgmRMkawFT76/vH30Sp0vFCetsX
GVfpcfwHZ7njAU19ftdRTuQqpj1MAMsc6d5IbYVAma/R51JcM/9inOX+chqGudSh
pbb1pzFJbSVwFOf/YBBY+QBWdCOHAyAyrJfro+9bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSy0i9QQO2g/exQSf9AjGKJm0nPswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RmODA3ZTZkLTVhZWItNDBhOC1hZDA4LTIyM2Y0MDViODllYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGlbK4Qh8VgNlqqkKs/w5H/QJPRH
KWG+EQMcGmRlWuhepmMC6IJcQvsplmIuC+DV7Z9Sb0g/wEgKC+qOXYQG3WL7Mo8L
dFYVEuLzPV1h/maGEtXiOLrkHi35ILAUifYA8ss3Z5ubgH0sacqisyCT+S5SHAP/
0NXDGObOZO/YvM5H4HqIshbDYPWyi5LhYeePwWU756HXUq6wXLY4zu/VHbsYLjp5
nk0b0nxRXbLH/N8G+vu0XWGLMQxYjqwHTeVPE2x42qu6709V7ZBMejClUQheqqL7
ybi5OB4Kgy5jFQVQ4o1aE3sUHj2Yl5Lzqp/1xe9GL/ZP/c+wKdiX2n+SP/A=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:18 2025 by rpki-client