Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fbf9cf24-9feb-4a89-9298-6e234e045304.roa
File: fbf9cf24-9feb-4a89-9298-6e234e045304.roa (raw, json)
Hash identifier: tb7723F+aDwBrq4ak+0nGyGVc5TW0dkOwENBKIPFyYg=
Subject key identifier: C7:4B:8E:38:FE:5A:D9:61:4A:53:B8:AD:37:D9:63:9B:EB:3F:A5:84
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4FE361E792E37507DAC399991EEA25AC8450E3DD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fbf9cf24-9feb-4a89-9298-6e234e045304.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:e3:61:e7:92:e3:75:07:da:c3:99:99:1e:ea:25:ac:84:50:e3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=9cff014d17e67952fd7746c50103ed349d5bb4dbe3b853946da0f796763ab45e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:54:66:12:6d:7f:50:e6:83:e1:34:f7:df:be:
c0:41:4c:8a:03:e9:09:4b:e0:6a:aa:c0:a8:3a:39:
ff:90:33:e1:9c:43:c0:2e:e2:da:3a:64:d2:56:f4:
f6:56:62:3b:94:f8:55:a6:30:02:49:30:08:5a:26:
2f:b7:6a:cd:11:9b:e3:33:65:3c:2d:c0:d9:04:b0:
64:14:61:3f:1e:27:a5:f4:a7:66:aa:63:49:45:5b:
df:ac:64:02:da:40:10:be:89:34:e0:04:4e:15:aa:
7d:89:4c:f3:6f:d8:40:c5:aa:0e:89:32:8e:2c:90:
da:55:6c:32:4b:cf:38:f7:af:b6:ef:ce:5d:f2:e7:
d6:1d:15:b3:81:72:fc:1c:62:e1:26:db:fd:e1:60:
ff:c2:ca:a8:83:07:3a:c8:01:99:f2:62:e6:e6:cc:
6d:8c:3e:f6:bd:86:5f:30:ae:ef:c9:f4:0a:98:56:
5e:7f:83:c2:12:f0:88:64:bd:66:92:70:c1:2e:86:
6c:50:6b:5e:27:5c:e6:93:bc:1f:a0:4e:7a:68:8d:
d0:66:1e:6a:e2:dd:bb:12:aa:a5:c9:fa:e0:b9:84:
a7:bf:b2:0b:e0:1f:90:31:cc:54:aa:ea:b2:a1:4d:
53:ee:0e:72:11:ab:71:62:92:cc:e9:09:6c:1c:51:
50:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4B:8E:38:FE:5A:D9:61:4A:53:B8:AD:37:D9:63:9B:EB:3F:A5:84
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fbf9cf24-9feb-4a89-9298-6e234e045304.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ab:9f:2b:39:13:de:13:a7:16:74:85:30:4c:d1:22:a5:d7:
76:51:18:63:06:f4:4f:70:ba:75:b7:f6:7c:20:e0:74:d1:4b:
5c:39:6a:ac:42:81:93:2b:b6:3d:49:f7:39:9a:7c:45:14:37:
20:38:79:fe:da:4e:1b:9c:e2:21:f6:46:cc:50:2b:e1:9c:d2:
a3:e6:8e:7a:b8:88:a9:be:c2:40:f8:d5:49:f0:93:c3:c5:8f:
27:45:27:ab:10:25:74:d1:2a:11:b9:54:3f:b1:0f:b5:71:be:
01:d8:2e:43:81:44:10:3e:08:1c:27:18:0b:60:0a:d6:f2:41:
6f:14:fb:62:64:a9:10:a4:17:9c:cb:99:56:86:4e:e5:7b:53:
41:19:9f:ff:b9:b7:bd:63:a8:3f:75:78:a6:bb:50:11:ab:ef:
54:e1:5e:31:7b:ff:f7:9f:0d:99:49:af:61:82:eb:2f:49:b6:
28:99:1e:86:85:e4:95:a8:39:dd:ec:b1:07:c7:07:6d:aa:00:
9f:0a:5c:d5:81:d1:78:dd:4e:e3:a0:ff:2b:9e:27:93:3a:0b:
ed:82:d8:4d:7c:3f:30:cf:fa:c3:7d:45:7e:7c:fb:27:49:6d:
45:e9:78:18:09:77:cf:e7:b4:a6:94:89:27:7b:cd:2f:68:d7:
4c:fc:e8:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT+Nh55LjdQfaw5mZHuolrIRQ490wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5Y2ZmMDE0ZDE3ZTY3OTUyZmQ3NzQ2YzUwMTAzZWQzNDlk
NWJiNGRiZTNiODUzOTQ2ZGEwZjc5Njc2M2FiNDVlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4VGYSbX9Q5oPhNPffvsBBTIoD6QlL4GqqwKg6Of+QM+Gc
Q8Au4to6ZNJW9PZWYjuU+FWmMAJJMAhaJi+3as0Rm+MzZTwtwNkEsGQUYT8eJ6X0
p2aqY0lFW9+sZALaQBC+iTTgBE4Vqn2JTPNv2EDFqg6JMo4skNpVbDJLzzj3r7bv
zl3y59YdFbOBcvwcYuEm2/3hYP/CyqiDBzrIAZnyYubmzG2MPva9hl8wru/J9AqY
Vl5/g8IS8IhkvWaScMEuhmxQa14nXOaTvB+gTnpojdBmHmri3bsSqqXJ+uC5hKe/
sgvgH5AxzFSq6rKhTVPuDnIRq3FikszpCWwcUVB1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUx0uOOP5a2WFKU7itN9ljm+s/pYQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZiZjljZjI0LTlmZWItNGE4OS05Mjk4LTZlMjM0ZTA0NTMwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADirnys5E94TpxZ0hTBM0SKl13ZR
GGMG9E9wunW39nwg4HTRS1w5aqxCgZMrtj1J9zmafEUUNyA4ef7aThuc4iH2RsxQ
K+Gc0qPmjnq4iKm+wkD41Unwk8PFjydFJ6sQJXTRKhG5VD+xD7VxvgHYLkOBRBA+
CBwnGAtgCtbyQW8U+2JkqRCkF5zLmVaGTuV7U0EZn/+5t71jqD91eKa7UBGr71Th
XjF7//efDZlJr2GC6y9JtiiZHoaF5JWoOd3ssQfHB22qAJ8KXNWB0XjdTuOg/yue
J5M6C+2C2E18PzDP+sN9RX58+ydJbUXpeBgJd8/ntKaUiSd7zS9o10z86O0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:08:42 2025 by rpki-client