Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f7153f64-09a3-4a8c-be17-58efd3c3d47a.roa
File: f7153f64-09a3-4a8c-be17-58efd3c3d47a.roa (raw, json)
Hash identifier: hPkcWNnaekhrhvuhuYolgvslXfwB+P+X9G0YStnuqvs=
Subject key identifier: 77:8C:0A:8E:B9:A2:36:ED:BC:A0:B9:6A:54:01:63:8E:54:61:F5:72
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 1CCAFE20825D8E483701845C53B8066406A8D238
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f7153f64-09a3-4a8c-be17-58efd3c3d47a.roa
Signing time: Sat 10 May 2025 00:33:17 +0000
ROA not before: Sat 10 May 2025 00:33:17 +0000
ROA not after: Sat 14 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:ca:fe:20:82:5d:8e:48:37:01:84:5c:53:b8:06:64:06:a8:d2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: May 10 00:33:17 2025 GMT
Not After : Jun 14 23:59:59 2025 GMT
Subject: serialNumber=de37d225cb5f6adc589d500c46ddfe3e6d130e4017fd25161b6f398f1b423a93, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f2:a3:ae:ad:93:83:f4:2d:57:b9:fe:39:12:
63:65:f0:74:60:98:3b:0a:3e:2d:76:d5:49:b6:b5:
0c:96:19:14:04:9a:a2:3c:40:52:78:c4:45:ee:6e:
6d:be:8e:f0:c4:21:05:4b:19:42:4e:6d:34:59:8d:
11:e1:06:99:5d:f3:1b:a4:a5:4d:f5:50:81:36:18:
54:c5:a3:3a:46:ff:8c:20:c6:0c:eb:a4:ad:36:3d:
27:85:fa:f1:0b:d4:02:50:21:d5:69:fe:3c:78:ce:
f1:6e:b3:15:0a:92:b6:e7:6c:ed:3c:7b:f1:8c:0f:
4b:ad:4e:6d:94:59:ac:4c:63:6c:94:8a:10:73:39:
91:f7:aa:08:ee:0c:83:3f:4b:73:ac:9c:7f:d0:f1:
3d:59:fe:32:7b:84:47:f2:c3:d2:77:ad:dd:83:b7:
8d:08:3e:7d:46:aa:f2:71:66:09:17:7f:47:23:53:
73:8c:c9:f6:90:6e:d1:25:4d:68:f0:a9:6f:da:1c:
c0:c9:af:de:3a:2c:b5:74:33:a2:87:a1:e7:23:b8:
0f:86:c9:c8:a3:fe:c6:e9:56:fd:2d:7a:93:3b:51:
68:13:31:2c:e7:48:62:39:db:81:24:e5:65:f8:3a:
6b:7a:ab:5f:ef:39:c6:0d:f1:c8:15:eb:d7:97:2c:
57:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8C:0A:8E:B9:A2:36:ED:BC:A0:B9:6A:54:01:63:8E:54:61:F5:72
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f7153f64-09a3-4a8c-be17-58efd3c3d47a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
19:6d:69:28:51:60:12:c6:a7:5f:fe:ad:3e:0b:be:cb:84:89:
42:52:b3:70:2c:18:d9:73:27:f4:a3:55:54:63:94:5d:33:34:
73:0b:6b:00:41:97:e8:9d:f8:21:1e:47:ac:f2:a1:ee:a1:e5:
44:fc:3f:e1:30:a4:26:c2:59:a0:6f:1d:ac:70:5f:b4:5e:1b:
68:08:e2:d6:b9:8d:7c:b6:0b:25:e1:4e:be:58:ca:97:6b:65:
37:14:cd:e1:ee:d3:af:fb:4b:92:9e:75:62:7a:f5:cb:88:da:
8a:07:b8:7d:7b:74:22:c6:02:08:5c:40:39:a5:fe:ae:fc:4e:
e2:63:71:31:c0:6e:85:69:21:c9:18:b0:bd:00:09:0b:f1:2b:
9c:49:25:7c:b1:12:8b:c3:8c:83:0e:a3:01:77:3e:fc:42:8f:
f0:cf:19:a4:75:46:24:fe:46:b3:a1:12:41:38:fa:4a:80:6e:
2e:55:09:21:57:e7:a1:ec:86:a7:a0:b9:2a:35:59:92:95:1d:
48:d0:47:2e:c5:11:12:f6:09:c2:42:0d:41:b5:f1:c9:be:da:
f3:7d:d0:bd:75:38:22:63:88:f9:34:72:42:2b:f7:14:b5:da:
dd:6a:5c:51:87:f0:e5:97:b3:dd:bf:e6:9c:a6:7d:8c:69:bc:
f6:0e:69:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHMr+IIJdjkg3AYRcU7gGZAao0jgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTEwMDAzMzE3WhcNMjUwNjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTM3ZDIyNWNiNWY2YWRjNTg5ZDUwMGM0NmRkZmUzZTZk
MTMwZTQwMTdmZDI1MTYxYjZmMzk4ZjFiNDIzYTkzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz8qOurZOD9C1Xuf45EmNl8HRgmDsKPi121Um2tQyWGRQE
mqI8QFJ4xEXubm2+jvDEIQVLGUJObTRZjRHhBpld8xukpU31UIE2GFTFozpG/4wg
xgzrpK02PSeF+vEL1AJQIdVp/jx4zvFusxUKkrbnbO08e/GMD0utTm2UWaxMY2yU
ihBzOZH3qgjuDIM/S3OsnH/Q8T1Z/jJ7hEfyw9J3rd2Dt40IPn1GqvJxZgkXf0cj
U3OMyfaQbtElTWjwqW/aHMDJr946LLV0M6KHoecjuA+Gycij/sbpVv0tepM7UWgT
MSznSGI524Ek5WX4Omt6q1/vOcYN8cgV69eXLFcbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUd4wKjrmiNu28oLlqVAFjjlRh9XIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Y3MTUzZjY0LTA5YTMtNGE4Yy1iZTE3LTU4ZWZkM2MzZDQ3YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABltaShRYBLGp1/+rT4LvsuEiUJS
s3AsGNlzJ/SjVVRjlF0zNHMLawBBl+id+CEeR6zyoe6h5UT8P+EwpCbCWaBvHaxw
X7ReG2gI4ta5jXy2CyXhTr5YypdrZTcUzeHu06/7S5KedWJ69cuI2ooHuH17dCLG
AghcQDml/q78TuJjcTHAboVpIckYsL0ACQvxK5xJJXyxEovDjIMOowF3PvxCj/DP
GaR1RiT+RrOhEkE4+kqAbi5VCSFX56HshqeguSo1WZKVHUjQRy7FERL2CcJCDUG1
8cm+2vN90L11OCJjiPk0ckIr9xS12t1qXFGH8OWXs92/5pymfYxpvPYOaYc=
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:51:08 2025 by rpki-client