Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e598df1f-bdb5-4b09-bad7-22e3039ef889.roa
File: e598df1f-bdb5-4b09-bad7-22e3039ef889.roa (raw, json)
Hash identifier: lxzrQOIqXKI3Ak6G79tW22eBSSVDO45z/sa0O+A1I3o=
Subject key identifier: 8F:AF:EC:B2:4A:0A:58:F6:81:59:B9:80:EB:E6:E0:87:33:B5:A7:40
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 744E3D6AA265F83238D8E2361D86BFC26D9F15F6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e598df1f-bdb5-4b09-bad7-22e3039ef889.roa
Signing time: Fri 10 Nov 2023 00:00:00 +0000
ROA not before: Fri 10 Nov 2023 00:00:00 +0000
ROA not after: Fri 15 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:4e:3d:6a:a2:65:f8:32:38:d8:e2:36:1d:86:bf:c2:6d:9f:15:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 10 00:00:00 2023 GMT
Not After : Dec 15 23:59:59 2023 GMT
Subject: serialNumber=0ece141a6096f06bff64eebfeb837d54fce9f999010e4e34a77872bc6e441294, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c1:4b:84:2f:df:f2:b0:97:f3:5b:94:e7:41:
18:bf:99:50:ee:a7:8d:e7:74:c8:e7:47:92:b0:ed:
24:4c:b6:f0:0f:9c:1d:31:08:64:db:c4:42:81:25:
c4:ef:01:0f:da:0b:73:98:0f:81:19:76:c4:2d:90:
c1:e3:9c:e8:13:81:32:ad:b9:3c:7a:0d:24:0b:36:
a2:2d:15:cf:e6:84:f4:b2:f1:40:28:f3:d0:e7:12:
d7:3c:9f:ad:6e:75:c5:23:df:bd:e1:1c:55:1f:ef:
51:e2:81:75:bf:cd:41:c9:f4:0a:9d:d5:fa:71:5e:
c9:5f:70:ae:17:12:fb:b6:e3:bc:c8:92:6c:9b:b2:
0b:22:82:4c:56:ad:66:c6:d2:e7:d1:6c:3e:ca:9c:
46:80:0f:93:53:ba:06:e2:a7:d6:eb:df:8e:60:d7:
11:de:db:2d:df:42:99:21:0f:c5:16:2b:03:21:b0:
77:32:e4:5e:38:24:8b:17:6e:59:65:1b:c9:d6:fa:
a7:02:6b:d2:26:e1:ef:a0:b2:22:39:53:ed:69:e9:
ed:e7:c9:73:56:ce:28:16:0e:39:6f:b1:d1:98:83:
3c:c2:71:ec:aa:89:0a:02:40:18:be:af:f8:0a:c5:
46:4f:ca:02:7c:6b:5f:dd:d9:18:d0:f8:ac:45:e9:
7c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:AF:EC:B2:4A:0A:58:F6:81:59:B9:80:EB:E6:E0:87:33:B5:A7:40
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e598df1f-bdb5-4b09-bad7-22e3039ef889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
73:2b:09:ba:22:a8:57:3b:48:c6:f2:09:a8:b6:1a:29:1c:7e:
82:a5:23:70:d7:08:9a:7c:22:8b:c1:8a:74:57:fa:46:3d:52:
84:3f:90:a0:72:7a:6c:a8:2a:22:44:f3:07:76:ca:bf:6e:c9:
ad:6a:55:0f:e8:24:d9:eb:66:30:f9:84:e0:28:d3:c4:e4:22:
08:aa:f4:0f:28:1d:86:ce:68:70:53:b4:11:b0:53:b9:f4:6c:
f8:be:1a:b7:30:ac:f2:21:3d:00:97:56:da:58:ae:07:d1:12:
bd:9e:db:b0:8c:37:68:e0:96:49:e5:cb:8a:3d:55:88:d2:67:
fd:5d:52:25:62:ae:82:d4:40:ec:e2:b2:80:70:5b:3b:10:f9:
90:0b:74:31:cd:18:d2:1b:0b:cf:b5:d3:19:f9:c1:fd:65:00:
76:11:10:c8:cb:42:ad:6d:a6:20:0f:cf:41:3b:54:d6:e2:1a:
10:2d:7c:7d:8b:ab:4c:a6:eb:76:60:14:08:54:30:ce:44:8a:
bc:6e:bc:12:c9:b2:8d:e7:d0:13:20:aa:49:18:a5:03:da:f0:
0b:92:a4:36:3f:26:39:71:18:7a:20:de:d2:8c:77:e5:64:1a:
e2:e6:7b:62:5d:0a:7b:a8:27:2d:33:58:73:19:46:58:d1:f3:
f7:4c:6d:48
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdE49aqJl+DI42OI2HYa/wm2fFfYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTEwMDAwMDAwWhcNMjMxMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZWNlMTQxYTYwOTZmMDZiZmY2NGVlYmZlYjgzN2Q1NGZj
ZTlmOTk5MDEwZTRlMzRhNzc4NzJiYzZlNDQxMjk0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKwUuEL9/ysJfzW5TnQRi/mVDup43ndMjnR5Kw7SRMtvAP
nB0xCGTbxEKBJcTvAQ/aC3OYD4EZdsQtkMHjnOgTgTKtuTx6DSQLNqItFc/mhPSy
8UAo89DnEtc8n61udcUj373hHFUf71HigXW/zUHJ9Aqd1fpxXslfcK4XEvu247zI
kmybsgsigkxWrWbG0ufRbD7KnEaAD5NTugbip9br345g1xHe2y3fQpkhD8UWKwMh
sHcy5F44JIsXblllG8nW+qcCa9Im4e+gsiI5U+1p6e3nyXNWzigWDjlvsdGYgzzC
ceyqiQoCQBi+r/gKxUZPygJ8a1/d2RjQ+KxF6XzdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUj6/sskoKWPaBWbmA6+bghzO1p0AwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2U1OThkZjFmLWJkYjUtNGIwOS1iYWQ3LTIyZTMwMzllZjg4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHMrCboiqFc7SMbyCai2GikcfoKl
I3DXCJp8IovBinRX+kY9UoQ/kKByemyoKiJE8wd2yr9uya1qVQ/oJNnrZjD5hOAo
08TkIgiq9A8oHYbOaHBTtBGwU7n0bPi+GrcwrPIhPQCXVtpYrgfREr2e27CMN2jg
lknly4o9VYjSZ/1dUiViroLUQOzisoBwWzsQ+ZALdDHNGNIbC8+10xn5wf1lAHYR
EMjLQq1tpiAPz0E7VNbiGhAtfH2Lq0ym63ZgFAhUMM5EirxuvBLJso3n0BMgqkkY
pQPa8AuSpDY/JjlxGHog3tKMd+VkGuLme2JdCnuoJy0zWHMZRljR8/dMbUg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:57:52 2025 by rpki-client