Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2033d7f0-585d-4121-b1f5-95c91aabba23.roa
File: 2033d7f0-585d-4121-b1f5-95c91aabba23.roa (raw, json)
Hash identifier: PI91h6RSadBIyIG/auYcQZH40YhB40F1k0Q5ctJ+VWU=
Subject key identifier: F3:B7:CE:9B:E6:0E:42:45:1F:03:D2:42:30:E8:2A:4C:5C:11:3D:84
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 146163A3600476294517B29BB05A83A30549542D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2033d7f0-585d-4121-b1f5-95c91aabba23.roa
Signing time: Sat 05 Aug 2023 00:00:00 +0000
ROA not before: Sat 05 Aug 2023 00:00:00 +0000
ROA not after: Sat 09 Sep 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:61:63:a3:60:04:76:29:45:17:b2:9b:b0:5a:83:a3:05:49:54:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 5 00:00:00 2023 GMT
Not After : Sep 9 23:59:59 2023 GMT
Subject: serialNumber=cdf3c03adaca384cca8778333fe14417fc6a513059c3852641f153a3d7a6f91d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:69:0b:36:b9:af:ca:5d:d3:ab:07:17:04:de:
de:f6:e2:1e:bc:54:40:6d:62:b6:f0:8e:f8:73:af:
66:f5:fc:df:8e:c9:9a:76:51:b7:55:82:fd:47:34:
bd:7c:66:78:b7:34:f6:ac:cd:e1:47:19:07:6f:a1:
96:f6:a1:1b:11:c1:0d:9f:aa:08:3d:52:70:25:0c:
4a:97:d7:fc:25:a3:56:fd:08:bd:47:eb:be:dc:e2:
94:e2:b2:78:77:f6:ed:b5:15:eb:ee:47:57:82:46:
4e:75:dd:b4:97:e6:e4:1b:25:b0:19:d2:db:95:cd:
18:61:19:50:df:16:87:2c:75:76:94:fc:ee:9a:1f:
21:aa:16:c8:e5:85:c3:ae:42:e0:a3:9a:25:15:5c:
19:4f:d7:15:e2:bb:2f:17:2b:65:f9:4a:53:3c:00:
66:bb:58:a1:f9:9b:05:44:87:b6:10:c9:b7:d2:20:
d5:8f:b8:e0:a2:5a:59:5d:0c:99:16:1b:a2:1f:70:
0a:0c:ce:86:10:17:27:db:8d:72:87:bc:e6:95:31:
10:74:39:f3:5a:46:0f:68:06:b1:87:f5:7b:67:d2:
55:72:c6:29:90:1d:5e:4a:9f:7a:e1:bd:70:4b:9a:
18:4b:0c:97:b3:e0:63:b5:e3:43:da:24:44:96:46:
6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B7:CE:9B:E6:0E:42:45:1F:03:D2:42:30:E8:2A:4C:5C:11:3D:84
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2033d7f0-585d-4121-b1f5-95c91aabba23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
81:78:32:a7:9c:cf:b9:9a:2e:c5:6c:7a:69:7f:9e:04:ca:8f:
ee:d1:70:cc:f4:3b:1d:7a:4f:ae:f7:97:e8:43:3d:0e:12:43:
06:a3:14:62:11:f5:85:99:bf:54:38:27:77:7f:2e:c5:3c:69:
95:f1:b6:4c:47:c8:71:9d:24:cd:5f:9d:91:87:8d:dc:9a:77:
be:8b:3b:41:08:f1:cb:d9:c6:8c:29:f0:1b:18:01:83:49:5a:
65:f3:25:aa:f9:de:d9:6a:37:43:20:3a:8a:d3:ee:66:e7:0e:
fd:a9:c0:f3:9b:58:a9:fe:a1:22:26:5d:f4:83:81:be:c8:47:
5d:39:03:6e:e7:6e:ef:2f:a4:c2:64:b2:f2:4a:a2:66:41:35:
24:be:06:18:91:db:bb:81:4a:50:b9:80:71:b5:70:1a:d2:2e:
e6:bf:0c:22:9a:5d:69:48:d4:32:1e:be:08:f0:f8:a3:1d:6a:
4d:2c:16:3f:b6:6a:6f:9f:07:be:59:14:f0:31:1f:c7:c9:e3:
4c:40:c8:16:d6:35:e0:04:6a:a5:22:c6:1f:46:d6:a7:23:49:
64:46:ce:d0:f8:c0:68:01:f0:e8:f0:6a:07:6b:fc:04:a2:7b:
04:d8:d9:29:0e:3c:90:60:ec:44:cc:a3:50:80:10:2c:29:56:
c6:95:2b:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFGFjo2AEdilFF7KbsFqDowVJVC0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODA1MDAwMDAwWhcNMjMwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGYzYzAzYWRhY2EzODRjY2E4Nzc4MzMzZmUxNDQxN2Zj
NmE1MTMwNTljMzg1MjY0MWYxNTNhM2Q3YTZmOTFkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYaQs2ua/KXdOrBxcE3t724h68VEBtYrbwjvhzr2b1/N+O
yZp2UbdVgv1HNL18Zni3NPaszeFHGQdvoZb2oRsRwQ2fqgg9UnAlDEqX1/wlo1b9
CL1H677c4pTisnh39u21FevuR1eCRk513bSX5uQbJbAZ0tuVzRhhGVDfFocsdXaU
/O6aHyGqFsjlhcOuQuCjmiUVXBlP1xXiuy8XK2X5SlM8AGa7WKH5mwVEh7YQybfS
INWPuOCiWlldDJkWG6IfcAoMzoYQFyfbjXKHvOaVMRB0OfNaRg9oBrGH9Xtn0lVy
ximQHV5Kn3rhvXBLmhhLDJez4GO140PaJESWRm1dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU87fOm+YOQkUfA9JCMOgqTFwRPYQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIwMzNkN2YwLTU4NWQtNDEyMS1iMWY1LTk1YzkxYWFiYmEyMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIF4Mqecz7maLsVseml/ngTKj+7R
cMz0Ox16T673l+hDPQ4SQwajFGIR9YWZv1Q4J3d/LsU8aZXxtkxHyHGdJM1fnZGH
jdyad76LO0EI8cvZxowp8BsYAYNJWmXzJar53tlqN0MgOorT7mbnDv2pwPObWKn+
oSImXfSDgb7IR105A27nbu8vpMJksvJKomZBNSS+BhiR27uBSlC5gHG1cBrSLua/
DCKaXWlI1DIevgjw+KMdak0sFj+2am+fB75ZFPAxH8fJ40xAyBbWNeAEaqUixh9G
1qcjSWRGztD4wGgB8Ojwagdr/ASiewTY2SkOPJBg7ETMo1CAECwpVsaVK14=
-----END CERTIFICATE-----
Generated at Sun May 11 02:04:35 2025 by rpki-client