Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f084b903-595e-4bb8-a1c8-cac1d0f17012.roa
File: f084b903-595e-4bb8-a1c8-cac1d0f17012.roa (raw, json)
Hash identifier: LxKQBoFb1wZfbp/ki7ijVmRLjP7FbPpYW+b2VjmtGIQ=
Subject key identifier: 79:68:8C:15:47:1E:EA:15:28:F6:5F:DF:99:95:96:55:95:A6:B7:B8
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2FA5A1FA9F27CFA646582D677A9192B5BD63DA05
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f084b903-595e-4bb8-a1c8-cac1d0f17012.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:a5:a1:fa:9f:27:cf:a6:46:58:2d:67:7a:91:92:b5:bd:63:da:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=36ac8778e8a69c4df85795ecea35514c6d565a761b20d2ec73b6e21913c9d32e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d3:61:80:2c:65:7a:07:4b:f1:86:a5:e8:7c:
85:a7:de:58:b1:e5:f9:3c:f3:42:f9:40:b6:09:1e:
a6:fe:99:5d:19:b7:2b:d4:e9:a9:c9:dd:d5:92:e2:
fa:89:78:c7:7e:05:7a:a6:c2:a7:88:be:10:96:ac:
4a:cd:be:b8:e2:be:03:3f:57:bd:62:23:6a:29:bd:
e1:c7:cd:cd:ce:dc:0e:80:ca:4b:cd:2d:ad:90:d9:
d7:a0:d6:9c:6d:8c:c2:9b:2a:bb:7b:71:eb:2a:bb:
11:f4:d8:67:36:5b:c7:30:1a:bd:6e:06:a7:99:59:
ff:c5:f3:54:51:be:d4:fa:6c:b9:3f:45:1e:24:4c:
ee:ec:58:ef:90:1b:fb:12:8b:dd:44:40:62:cd:99:
6e:60:91:6e:ec:d8:a0:0c:32:7b:d0:c5:c7:74:82:
35:9d:78:30:7d:c7:53:92:12:b9:9c:db:c5:74:6b:
72:21:02:69:8e:0a:7c:d0:8c:dd:fd:47:89:15:0e:
db:e5:42:87:6b:f3:33:59:8b:5a:2c:ae:8c:9c:2f:
c9:59:e4:db:9c:43:9b:62:93:31:98:20:0d:f3:c3:
b2:3d:26:61:ff:9d:7e:24:5c:3b:15:36:66:47:4f:
cc:47:43:87:7a:72:b6:61:56:3e:a3:04:b4:03:37:
ae:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:68:8C:15:47:1E:EA:15:28:F6:5F:DF:99:95:96:55:95:A6:B7:B8
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f084b903-595e-4bb8-a1c8-cac1d0f17012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:67:35:9e:77:07:9d:60:3c:7a:81:a8:b3:9c:9d:46:61:98:
93:f0:1d:b3:c7:63:86:bf:55:bf:f4:8b:70:67:b5:48:ff:a1:
b7:86:5f:68:0d:c1:cb:04:58:53:57:a7:ce:c1:10:02:91:cf:
0e:53:48:da:99:24:66:66:e2:a8:cd:21:a3:72:24:10:cf:27:
67:5e:0a:ac:21:ab:30:e3:9c:56:66:41:7b:83:df:ed:1f:4f:
f4:6b:bb:7f:71:04:64:0c:45:81:2e:45:4f:e6:f6:52:27:f1:
31:aa:67:74:38:15:84:6b:78:dc:ce:3e:ef:80:78:f2:68:b7:
b8:62:9b:17:23:41:55:79:b6:ef:b9:2a:3b:79:8a:6f:14:88:
52:0c:76:51:7e:1a:c5:4b:f9:fd:3c:6b:24:03:5e:53:81:73:
0a:1b:66:f5:13:55:c6:94:9b:87:e6:0e:fa:5d:a6:d6:c7:24:
e5:9b:e5:f7:71:fc:1b:70:ad:c2:43:1c:a3:ac:01:6d:91:46:
f3:b9:19:c4:25:11:dc:0b:8f:ea:93:b4:47:0c:10:63:1c:51:
9e:61:37:bc:51:37:a3:b7:3c:75:f2:45:55:f8:5e:8b:ed:87:
28:f8:f0:e3:49:2c:bf:e1:3b:e8:7c:b3:eb:c2:d4:ab:96:6c:
84:84:83:61
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL6Wh+p8nz6ZGWC1nepGStb1j2gUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNmFjODc3OGU4YTY5YzRkZjg1Nzk1ZWNlYTM1NTE0YzZk
NTY1YTc2MWIyMGQyZWM3M2I2ZTIxOTEzYzlkMzJlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCn02GALGV6B0vxhqXofIWn3lix5fk880L5QLYJHqb+mV0Z
tyvU6anJ3dWS4vqJeMd+BXqmwqeIvhCWrErNvrjivgM/V71iI2opveHHzc3O3A6A
ykvNLa2Q2deg1pxtjMKbKrt7cesquxH02Gc2W8cwGr1uBqeZWf/F81RRvtT6bLk/
RR4kTO7sWO+QG/sSi91EQGLNmW5gkW7s2KAMMnvQxcd0gjWdeDB9x1OSErmc28V0
a3IhAmmOCnzQjN39R4kVDtvlQodr8zNZi1osroycL8lZ5NucQ5tikzGYIA3zw7I9
JmH/nX4kXDsVNmZHT8xHQ4d6crZhVj6jBLQDN64bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeWiMFUce6hUo9l/fmZWWVZWmt7gwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2YwODRiOTAzLTU5NWUtNGJiOC1hMWM4LWNhYzFkMGYxNzAxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACxnNZ53B51gPHqBqLOcnUZhmJPw
HbPHY4a/Vb/0i3BntUj/obeGX2gNwcsEWFNXp87BEAKRzw5TSNqZJGZm4qjNIaNy
JBDPJ2deCqwhqzDjnFZmQXuD3+0fT/Rru39xBGQMRYEuRU/m9lIn8TGqZ3Q4FYRr
eNzOPu+AePJot7himxcjQVV5tu+5Kjt5im8UiFIMdlF+GsVL+f08ayQDXlOBcwob
ZvUTVcaUm4fmDvpdptbHJOWb5fdx/BtwrcJDHKOsAW2RRvO5GcQlEdwLj+qTtEcM
EGMcUZ5hN7xRN6O3PHXyRVX4Xovthyj48ONJLL/hO+h8s+vC1KuWbISEg2E=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:54:32 2025 by rpki-client