Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ff34bf7f-8aab-4236-8a22-5ee2860c4cbf.roa
File: ff34bf7f-8aab-4236-8a22-5ee2860c4cbf.roa (raw, json)
Hash identifier: 0uCIVoyE8YDXTWbBxlmgdTyZ3wCKaKJSEp49o2sZhvo=
Subject key identifier: 4C:55:4C:7F:61:88:69:8F:C6:8F:0A:4C:54:3D:81:69:A9:A0:FC:DF
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6828679238EFB569C9605E0557468C12FD74DCBE
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ff34bf7f-8aab-4236-8a22-5ee2860c4cbf.roa
Signing time: Tue 18 Mar 2025 20:38:20 +0000
ROA not before: Tue 18 Mar 2025 20:38:20 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:28:67:92:38:ef:b5:69:c9:60:5e:05:57:46:8c:12:fd:74:dc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 18 20:38:20 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: serialNumber=9dd4f826be2b85166522a7ba7e8a81b807e69289b124e7f5482b86ef804420c0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1d:84:5f:c9:bb:84:e4:83:a0:48:1a:50:5d:
3d:65:3f:13:4d:9f:87:ec:b2:c7:5a:be:c8:34:5a:
11:98:0b:8b:df:cc:03:aa:96:68:36:26:54:98:f5:
4a:a8:b1:ff:ae:2a:84:40:4b:58:22:cf:72:a9:1d:
ce:f6:cc:c9:7e:b8:c9:b2:ab:d0:da:61:96:55:f5:
48:26:bd:ce:a4:82:21:8c:01:ab:8d:91:c9:0c:8a:
47:17:ec:ae:71:a0:07:f7:01:c1:d3:36:69:bd:b4:
95:7c:ff:99:49:d0:d5:01:f8:40:11:d0:78:63:2b:
4c:39:0b:54:62:ae:26:9c:65:77:4b:3f:88:6f:c2:
93:23:f9:51:e0:7c:b5:29:e0:2e:06:ed:58:7c:c9:
49:db:f3:35:1a:96:72:a7:6f:4f:27:53:45:69:b4:
3d:60:e7:25:d7:cf:58:7b:cc:aa:14:ab:3f:4c:07:
8a:c5:cf:0c:73:91:e6:de:29:b6:1b:33:35:a2:5c:
06:90:09:bd:3e:6b:8e:ff:9c:89:13:a5:fd:86:f3:
d4:73:c8:9c:3e:ff:bb:94:a4:e2:80:23:84:67:fd:
92:2b:2b:ad:29:23:81:4d:14:83:05:90:75:d6:c4:
b4:60:e6:cf:9f:ed:c8:58:ec:90:ec:d1:48:4f:61:
c3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:55:4C:7F:61:88:69:8F:C6:8F:0A:4C:54:3D:81:69:A9:A0:FC:DF
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ff34bf7f-8aab-4236-8a22-5ee2860c4cbf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
77:50:af:a0:cc:c3:d0:88:62:d9:ff:95:6c:99:41:5c:96:6f:
ce:0b:df:39:f6:0a:78:14:39:62:7f:11:59:2e:75:4b:b0:a6:
74:bb:2d:de:a2:28:a3:3d:ff:17:1a:fb:5e:17:ad:0e:88:03:
e4:a3:c0:58:61:a7:b0:f1:d1:11:0c:35:ef:13:4c:c9:da:c0:
73:8c:ea:4b:80:ed:a5:45:4f:f8:a8:16:c0:50:f3:90:ec:10:
44:fe:e2:d4:ae:36:e4:b1:ab:1e:2b:84:a8:4b:00:64:24:d3:
e7:cd:74:27:cd:9b:6c:55:f7:ab:cf:1b:81:97:5a:a4:61:66:
6e:38:3c:66:00:58:38:cf:bd:eb:54:16:b5:61:3d:4f:72:c8:
6e:c3:76:5e:ca:2a:e3:94:4a:1a:a9:65:53:6b:14:49:5b:67:
97:1b:42:e6:cd:df:34:ca:89:8b:c3:d0:70:dd:40:18:50:29:
53:71:ab:c7:b7:cc:ff:e0:73:4b:53:43:f1:c8:41:44:e5:c7:
41:bc:2a:40:82:b7:27:79:db:1d:2b:9c:d3:0b:b3:a6:f5:bd:
d1:6c:cc:6c:d0:16:e1:0a:fd:d3:12:ed:b0:4f:41:68:c8:e6:
11:c4:9a:2a:f1:d5:9d:6e:26:ae:7a:76:00:5c:1c:38:68:09:
7a:24:d4:82
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaChnkjjvtWnJYF4FV0aMEv103L4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzE4MjAzODIwWhcNMjUwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZGQ0ZjgyNmJlMmI4NTE2NjUyMmE3YmE3ZThhODFiODA3
ZTY5Mjg5YjEyNGU3ZjU0ODJiODZlZjgwNDQyMGMwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWHYRfybuE5IOgSBpQXT1lPxNNn4fsssdavsg0WhGYC4vf
zAOqlmg2JlSY9Uqosf+uKoRAS1giz3KpHc72zMl+uMmyq9DaYZZV9Ugmvc6kgiGM
AauNkckMikcX7K5xoAf3AcHTNmm9tJV8/5lJ0NUB+EAR0HhjK0w5C1RiriacZXdL
P4hvwpMj+VHgfLUp4C4G7Vh8yUnb8zUalnKnb08nU0VptD1g5yXXz1h7zKoUqz9M
B4rFzwxzkebeKbYbMzWiXAaQCb0+a47/nIkTpf2G89RzyJw+/7uUpOKAI4Rn/ZIr
K60pI4FNFIMFkHXWxLRg5s+f7chY7JDs0UhPYcM5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTFVMf2GIaY/GjwpMVD2Baamg/N8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZmMzRiZjdmLThhYWItNDIzNi04YTIyLTVlZTI4NjBjNGNiZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHdQr6DMw9CIYtn/lWyZQVyWb84L
3zn2CngUOWJ/EVkudUuwpnS7Ld6iKKM9/xca+14XrQ6IA+SjwFhhp7Dx0REMNe8T
TMnawHOM6kuA7aVFT/ioFsBQ85DsEET+4tSuNuSxqx4rhKhLAGQk0+fNdCfNm2xV
96vPG4GXWqRhZm44PGYAWDjPvetUFrVhPU9yyG7Ddl7KKuOUShqpZVNrFElbZ5cb
QubN3zTKiYvD0HDdQBhQKVNxq8e3zP/gc0tTQ/HIQUTlx0G8KkCCtyd52x0rnNML
s6b1vdFszGzQFuEK/dMS7bBPQWjI5hHEmirx1Z1uJq56dgBcHDhoCXok1II=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:22:56 2025 by rpki-client