Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f15b74ed-65e3-4133-a1a9-aaa97426923a.roa
File: f15b74ed-65e3-4133-a1a9-aaa97426923a.roa (raw, json)
Hash identifier: MMKjkNCL1sPCJnBKMiReHH3A8BiKCER1PKUkpqnvTy4=
Subject key identifier: A0:2C:79:41:8A:8E:08:A2:45:3E:47:69:6E:B5:03:C4:59:EF:81:D5
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 639EBAB68659F6890C2E1525395122F20FE2D9
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f15b74ed-65e3-4133-a1a9-aaa97426923a.roa
Signing time: Mon 23 Sep 2024 00:00:00 +0000
ROA not before: Mon 23 Sep 2024 00:00:00 +0000
ROA not after: Mon 28 Oct 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:9e:ba:b6:86:59:f6:89:0c:2e:15:25:39:51:22:f2:0f:e2:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 23 00:00:00 2024 GMT
Not After : Oct 28 23:59:59 2024 GMT
Subject: serialNumber=c2ebab3f343273947b6f87826674531e60c9a6f6957113db11db64bc7eba1d44, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:13:9d:91:0e:52:bf:41:02:74:b5:ca:d6:4f:
99:01:3d:f9:86:c8:45:a1:81:78:05:c2:be:9e:43:
75:6c:e9:90:c1:26:11:df:bb:1e:cd:8b:c6:f4:78:
a3:7d:8c:4e:a4:aa:97:07:a3:2c:3a:e1:6c:ab:81:
29:bf:a6:d3:77:19:a4:06:f5:f5:96:ee:69:cf:90:
bc:f9:e5:db:fd:3b:a2:f1:78:70:d3:85:e0:17:b0:
c9:62:85:41:6e:cd:30:03:03:a0:d4:3d:00:c4:bc:
32:82:96:01:3f:94:c8:7d:7e:ae:82:56:3c:62:d6:
ff:8f:d9:b7:a5:89:da:79:91:b7:53:ff:85:e5:db:
0d:99:e5:c2:09:79:ed:99:13:90:84:a5:5c:18:31:
47:30:92:7d:ec:d4:66:c1:3f:46:a0:c1:db:b7:c3:
bf:99:c0:d0:c0:1b:36:b0:4c:84:9e:e7:d1:13:02:
07:85:78:68:88:9a:e6:84:f3:c5:5e:94:a0:10:61:
e2:54:08:12:d6:30:fb:e6:04:70:a7:99:59:cb:9c:
f4:30:31:3e:50:12:05:ab:d2:4e:67:93:f3:d7:2d:
7e:3f:00:c6:8c:74:1f:2f:67:21:42:ea:e8:65:59:
8c:5d:bd:0a:e0:34:55:de:62:1c:d6:33:0f:e4:fc:
32:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2C:79:41:8A:8E:08:A2:45:3E:47:69:6E:B5:03:C4:59:EF:81:D5
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f15b74ed-65e3-4133-a1a9-aaa97426923a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
56:5d:48:77:1a:22:c9:73:e7:c6:74:d2:e5:1b:5f:df:6b:55:
aa:65:9c:8d:ec:3f:90:83:50:52:a8:fd:0e:3e:ce:70:de:8e:
7b:1a:82:e8:f9:a9:41:1d:6f:8b:81:fd:b5:95:2c:4a:f1:20:
ae:ff:fd:a4:cd:b9:50:fa:03:95:35:01:1e:12:c8:81:93:50:
1e:8f:8e:3c:6d:32:7f:ed:1d:09:ba:16:ad:66:d9:c3:26:ef:
95:81:64:e1:f2:c6:e7:31:4a:ec:df:30:5c:e6:d2:e8:5f:f6:
8a:d2:b4:01:29:c4:d7:06:53:e7:62:5d:03:ff:7a:74:19:fb:
b4:1e:5a:a3:70:48:49:18:9d:29:f3:86:ad:29:e6:8c:92:f7:
b5:a3:c9:42:e3:46:34:de:cc:65:a7:59:88:a0:0a:0d:58:17:
ca:0d:9e:8d:10:a8:ea:ca:bb:fe:dc:ea:6c:ac:a9:2b:ef:10:
2b:b7:32:a7:5a:3c:a6:fb:c4:15:ea:de:07:cb:cb:20:f2:f2:
1a:73:06:5d:b2:79:19:3b:e0:69:3e:88:89:dd:3e:80:f5:45:
98:db:81:a0:7f:7c:bb:55:cc:4c:b2:7a:be:44:59:60:90:71:
26:13:42:f0:9c:00:7c:a8:b2:26:8d:9e:9b:9b:bd:b0:ef:44:
a4:b5:11:0e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITY566toZZ9okMLhUlOVEi8g/i2TANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjY2MmNlMTRlOTA1ZTE4ZWJjYjc1MjJm
OTJiMzY4NGJjNDg2NWI0ZDAeFw0yNDA5MjMwMDAwMDBaFw0yNDEwMjgyMzU5NTla
MHoxSTBHBgNVBAUTQGMyZWJhYjNmMzQzMjczOTQ3YjZmODc4MjY2NzQ1MzFlNjBj
OWE2ZjY5NTcxMTNkYjExZGI2NGJjN2ViYTFkNDQxLTArBgNVBAMTJGMwY2UyM2Vh
LTQzZmMtNGJlNC1iZWVlLWMwMTQ3ODEyMmEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4TnZEOUr9BAnS1ytZPmQE9+YbIRaGBeAXCvp5DdWzpkMEm
Ed+7Hs2LxvR4o32MTqSqlwejLDrhbKuBKb+m03cZpAb19Zbuac+QvPnl2/07ovF4
cNOF4BewyWKFQW7NMAMDoNQ9AMS8MoKWAT+UyH1+roJWPGLW/4/Zt6WJ2nmRt1P/
heXbDZnlwgl57ZkTkISlXBgxRzCSfezUZsE/RqDB27fDv5nA0MAbNrBMhJ7n0RMC
B4V4aIia5oTzxV6UoBBh4lQIEtYw++YEcKeZWcuc9DAxPlASBavSTmeT89ctfj8A
xox0Hy9nIULq6GVZjF29CuA0Vd5iHNYzD+T8MjUCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBSgLHlBio4IokU+R2lutQPEWe+B1TAfBgNVHSMEGDAWgBRVqN1F2UQT+dGS
9Sxjzoz7xhSWuDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzE0MzNlYmZmLWRm
ZDYtNGM1Yy1iN2ZmLTk5Yzg1MTM5ZDRhOC8yNzhhYWI4NzhmMjY2MmNlMTRlOTA1
ZTE4ZWJjYjc1MjJmOTJiMzY4NGJjNDg2NWI0ZC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8xNmYxZmZlZS03NDYxLTQ2NzQtYmIwNS1mZGRl
ZmE5YTAyYzYvZjE1Yjc0ZWQtNjVlMy00MTMzLWExYTktYWFhOTc0MjY5MjNhLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUt
ZmRkZWZhOWEwMmM2L0ptTE9GT2tGNFk2OHQxSXZrck5vUzhTR1cwMC5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAVl1IdxoiyXPnxnTS5Rtf32tVqmWc
jew/kINQUqj9Dj7OcN6OexqC6PmpQR1vi4H9tZUsSvEgrv/9pM25UPoDlTUBHhLI
gZNQHo+OPG0yf+0dCboWrWbZwybvlYFk4fLG5zFK7N8wXObS6F/2itK0ASnE1wZT
52JdA/96dBn7tB5ao3BISRidKfOGrSnmjJL3taPJQuNGNN7MZadZiKAKDVgXyg2e
jRCo6sq7/tzqbKypK+8QK7cyp1o8pvvEFereB8vLIPLyGnMGXbJ5GTvgaT6Iid0+
gPVFmNuBoH98u1XMTLJ6vkRZYJBxJhNC8JwAfKiyJo2em5u9sO9EpLURDg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:56:50 2025 by rpki-client