Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f2e56796-55cd-4b63-ae37-e435fcf399c1.roa
File: f2e56796-55cd-4b63-ae37-e435fcf399c1.roa (raw, json)
Hash identifier: DXor0ZgR6ATP8otwBOsjNr1u2Y6dtPdivuzR8b14uVs=
Subject key identifier: 70:28:55:B8:EF:42:8B:42:74:01:94:8F:E8:70:64:43:C9:D0:31:2D
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 69B7DF21A583EAC98F4DD6493B7A3B7976D0D9AC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f2e56796-55cd-4b63-ae37-e435fcf399c1.roa
Signing time: Wed 20 Sep 2023 00:00:00 +0000
ROA not before: Wed 20 Sep 2023 00:00:00 +0000
ROA not after: Wed 25 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:b7:df:21:a5:83:ea:c9:8f:4d:d6:49:3b:7a:3b:79:76:d0:d9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 20 00:00:00 2023 GMT
Not After : Oct 25 23:59:59 2023 GMT
Subject: serialNumber=b99c90aaedbd4049759ae06fe2603f842e570e46bc931c6270531336f9ba9abc, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f9:aa:75:0c:7f:df:4a:a5:62:1b:af:32:4c:
02:0d:81:6f:f9:d4:43:cb:f2:e3:1e:b7:a5:1f:62:
f6:bf:28:1a:34:d4:fe:a7:ba:67:7c:65:61:dd:6f:
db:ea:78:63:20:0d:c2:8e:79:25:18:2e:d5:17:fc:
27:01:a8:65:78:71:22:22:cd:43:0e:ac:f1:db:22:
b6:ee:2e:af:63:cc:7b:a3:e3:69:ae:95:49:85:2c:
e3:53:07:17:ee:9b:32:de:4a:42:2a:e8:0f:7b:fa:
c3:ab:06:25:c8:1a:8f:c8:f0:5f:d3:fc:eb:cc:0a:
bf:b4:4b:3c:b6:af:0e:8c:34:fc:4f:30:ec:50:ae:
5e:7d:9b:df:c6:66:ca:be:a6:83:c6:74:cc:28:59:
29:dd:02:51:20:e4:3a:40:74:a7:54:06:71:55:6a:
3e:4b:ae:19:23:b0:69:87:70:a8:c6:38:28:34:f2:
94:88:49:b8:3f:9e:d3:d9:b5:33:39:68:9f:bb:25:
29:82:55:31:78:44:d3:12:17:c1:8b:29:7d:32:57:
15:03:25:6d:92:77:10:1d:92:50:56:ba:2f:4e:ea:
0b:70:69:11:21:4b:2d:92:1c:c0:b2:8a:4b:1c:57:
d6:f7:90:5c:69:0d:0c:fd:c7:d8:5a:8e:e7:2c:82:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:28:55:B8:EF:42:8B:42:74:01:94:8F:E8:70:64:43:C9:D0:31:2D
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f2e56796-55cd-4b63-ae37-e435fcf399c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:8c:56:8c:20:f7:16:ba:63:a6:12:8d:f5:74:6d:9b:f7:6b:
10:63:24:fd:c9:69:bc:ab:4b:25:61:4e:da:95:4e:64:82:0f:
d1:c2:ec:e4:ed:bc:28:da:e0:90:9d:36:d2:ec:31:91:32:db:
bc:cd:86:b5:bf:44:8d:86:4a:e3:36:c2:fa:04:34:2f:42:01:
97:72:3f:c9:f7:a3:11:27:1e:67:8d:17:dd:6c:c2:e4:f4:44:
66:58:0e:85:69:4a:87:32:2f:af:4d:84:d5:bc:12:fe:5c:03:
35:06:69:21:b7:ea:c5:05:ce:49:50:fa:6a:71:e7:b2:0f:35:
f0:98:66:44:dd:d8:ed:cf:e5:9f:c0:e6:d4:b4:f3:2c:a1:53:
bc:83:0b:8f:2e:14:af:6a:89:31:44:99:4b:76:ee:d1:4d:ed:
e3:1d:a3:b6:98:e9:76:b3:cf:73:0d:08:45:4b:20:0d:e3:61:
26:fd:52:a8:38:28:35:00:2e:f0:19:91:c2:db:00:b2:ca:61:
2d:77:40:a5:9e:05:94:df:b2:48:89:d6:ce:b5:7b:74:1e:b4:
91:30:4e:bf:76:62:dd:a9:54:7e:19:7a:de:36:07:20:63:15:
99:46:76:92:f3:0e:04:4c:3d:67:a7:b4:56:89:f8:fd:de:ec:
12:2f:89:3d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUabffIaWD6smPTdZJO3o7eXbQ2awwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTIwMDAwMDAwWhcNMjMxMDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTljOTBhYWVkYmQ0MDQ5NzU5YWUwNmZlMjYwM2Y4NDJl
NTcwZTQ2YmM5MzFjNjI3MDUzMTMzNmY5YmE5YWJjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCN+ap1DH/fSqViG68yTAINgW/51EPL8uMet6UfYva/KBo0
1P6numd8ZWHdb9vqeGMgDcKOeSUYLtUX/CcBqGV4cSIizUMOrPHbIrbuLq9jzHuj
42mulUmFLONTBxfumzLeSkIq6A97+sOrBiXIGo/I8F/T/OvMCr+0Szy2rw6MNPxP
MOxQrl59m9/GZsq+poPGdMwoWSndAlEg5DpAdKdUBnFVaj5LrhkjsGmHcKjGOCg0
8pSISbg/ntPZtTM5aJ+7JSmCVTF4RNMSF8GLKX0yVxUDJW2SdxAdklBWui9O6gtw
aREhSy2SHMCyikscV9b3kFxpDQz9x9hajucsgjsjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcChVuO9Ci0J0AZSP6HBkQ8nQMS0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2YyZTU2Nzk2LTU1Y2QtNGI2My1hZTM3LWU0MzVmY2YzOTljMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAD6MVowg9xa6Y6YSjfV0bZv3axBj
JP3JabyrSyVhTtqVTmSCD9HC7OTtvCja4JCdNtLsMZEy27zNhrW/RI2GSuM2wvoE
NC9CAZdyP8n3oxEnHmeNF91swuT0RGZYDoVpSocyL69NhNW8Ev5cAzUGaSG36sUF
zklQ+mpx57IPNfCYZkTd2O3P5Z/A5tS08yyhU7yDC48uFK9qiTFEmUt27tFN7eMd
o7aY6Xazz3MNCEVLIA3jYSb9Uqg4KDUALvAZkcLbALLKYS13QKWeBZTfskiJ1s61
e3QetJEwTr92Yt2pVH4Zet42ByBjFZlGdpLzDgRMPWentFaJ+P3e7BIviT0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:30:18 2025 by rpki-client