Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/27ec1e84-d2bc-4093-91a6-6f74ace522e2.roa
File: 27ec1e84-d2bc-4093-91a6-6f74ace522e2.roa (raw, json)
Hash identifier: zBSA1OWfUwKHuyWSlqkd13Zb9xz0sNF43iOy/hA2FOw=
Subject key identifier: CB:3E:48:26:81:43:94:23:41:98:10:B3:AD:09:B2:F8:4A:CB:F8:9D
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6CC6E340E6DB4FBB2DF071EDE5ABD6AFD2752A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/27ec1e84-d2bc-4093-91a6-6f74ace522e2.roa
Signing time: Fri 21 Feb 2025 20:03:23 +0000
ROA not before: Fri 21 Feb 2025 20:03:23 +0000
ROA not after: Fri 28 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:c6:e3:40:e6:db:4f:bb:2d:f0:71:ed:e5:ab:d6:af:d2:75:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 21 20:03:23 2025 GMT
Not After : Mar 28 23:59:59 2025 GMT
Subject: serialNumber=02a0bffd1c4437f0d8f81407be3f20bbec562369c211669a1331028296b0c198, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:fd:4e:41:37:ea:71:5e:15:36:47:72:76:
5a:ff:ca:e9:53:7e:8e:3a:3b:2b:bd:15:20:e8:40:
9d:96:bf:af:aa:71:48:78:4e:94:3d:5f:b0:2d:eb:
65:08:65:f3:0b:8b:e2:a7:b8:f8:6e:84:4a:99:9f:
db:61:a4:78:c0:ef:1a:71:8d:8a:ff:19:7b:03:1e:
ff:18:03:c0:11:8f:44:01:51:df:59:2b:28:3b:cd:
d3:95:32:6d:dd:be:f1:44:b3:a9:41:bf:04:46:e5:
bf:5c:0e:19:e5:0a:5d:f0:c7:3c:69:6f:02:ac:d0:
b4:11:7a:9d:6b:28:47:ef:08:48:54:3e:39:84:9b:
70:5d:a1:ed:de:6a:13:d8:ba:c8:20:b9:47:e8:c0:
cf:21:95:91:44:5d:6c:24:8e:5d:45:da:75:4f:ed:
a1:01:0d:9e:64:65:08:2e:c7:c7:8b:4b:d5:c9:15:
eb:9e:ff:a9:53:6b:a7:28:c6:19:bf:76:c8:3e:1a:
d4:24:2c:c7:6c:8f:2d:12:87:80:4f:33:85:f6:2e:
0d:54:b7:63:15:23:9e:90:55:17:60:25:71:4b:8a:
29:1e:22:48:3f:40:6f:a9:a9:f8:9d:9b:e6:53:98:
dc:b3:58:49:f4:12:7f:bc:21:03:15:21:0a:ac:28:
ad:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3E:48:26:81:43:94:23:41:98:10:B3:AD:09:B2:F8:4A:CB:F8:9D
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/27ec1e84-d2bc-4093-91a6-6f74ace522e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:6f:11:2f:d1:15:9a:b6:85:e5:0d:38:1f:d1:b9:2c:0b:ac:
e7:d0:5a:9c:b6:be:f6:d2:4f:ae:13:41:1f:81:ac:79:24:66:
e4:0e:77:56:d7:71:54:54:35:67:16:8c:79:13:bc:92:ce:51:
93:72:39:12:d1:4f:05:1d:21:e2:92:52:70:73:15:69:72:37:
78:2f:a2:cd:0a:65:fd:f7:95:45:44:af:9c:b8:4b:b4:2e:e5:
f4:ce:4a:17:7c:1e:3c:e8:e8:6a:14:c8:34:71:ce:9f:c4:ba:
81:e9:d2:8d:6b:7e:31:07:92:53:b1:10:5e:43:e0:10:10:9c:
50:ca:2b:dd:b7:18:8f:25:6f:be:fb:c4:75:b4:b1:ea:96:70:
e2:dd:d6:a5:dc:8a:6a:16:46:60:e9:26:0d:2e:6b:32:48:99:
fe:ba:6a:4a:b3:b1:66:9d:1d:ce:9b:99:81:c5:cd:a6:4c:df:
96:f8:23:8f:7e:d9:0b:3e:da:b4:ac:4f:96:1d:f9:c0:e0:04:
10:6f:a2:85:31:89:15:5c:57:66:fb:19:9d:2f:19:c5:48:43:
b7:8a:32:fc:28:a1:47:af:c1:72:c5:50:27:5b:ae:76:22:6e:
45:7b:dd:c5:09:6b:33:41:fe:1a:77:d3:81:49:01:bc:23:ad:
6d:11:21:7e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITbMbjQObbT7st8HHt5avWr9J1KjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjY2MmNlMTRlOTA1ZTE4ZWJjYjc1MjJm
OTJiMzY4NGJjNDg2NWI0ZDAeFw0yNTAyMjEyMDAzMjNaFw0yNTAzMjgyMzU5NTla
MHoxSTBHBgNVBAUTQDAyYTBiZmZkMWM0NDM3ZjBkOGY4MTQwN2JlM2YyMGJiZWM1
NjIzNjljMjExNjY5YTEzMzEwMjgyOTZiMGMxOTgxLTArBgNVBAMTJGMwY2UyM2Vh
LTQzZmMtNGJlNC1iZWVlLWMwMTQ3ODEyMmEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFw/U5BN+pxXhU2R3J2Wv/K6VN+jjo7K70VIOhAnZa/r6px
SHhOlD1fsC3rZQhl8wuL4qe4+G6ESpmf22GkeMDvGnGNiv8ZewMe/xgDwBGPRAFR
31krKDvN05Uybd2+8USzqUG/BEblv1wOGeUKXfDHPGlvAqzQtBF6nWsoR+8ISFQ+
OYSbcF2h7d5qE9i6yCC5R+jAzyGVkURdbCSOXUXadU/toQENnmRlCC7Hx4tL1ckV
657/qVNrpyjGGb92yD4a1CQsx2yPLRKHgE8zhfYuDVS3YxUjnpBVF2AlcUuKKR4i
SD9Ab6mp+J2b5lOY3LNYSfQSf7whAxUhCqworfsCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBTLPkgmgUOUI0GYELOtCbL4Ssv4nTAfBgNVHSMEGDAWgBRVqN1F2UQT+dGS
9Sxjzoz7xhSWuDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzE0MzNlYmZmLWRm
ZDYtNGM1Yy1iN2ZmLTk5Yzg1MTM5ZDRhOC8yNzhhYWI4NzhmMjY2MmNlMTRlOTA1
ZTE4ZWJjYjc1MjJmOTJiMzY4NGJjNDg2NWI0ZC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8xNmYxZmZlZS03NDYxLTQ2NzQtYmIwNS1mZGRl
ZmE5YTAyYzYvMjdlYzFlODQtZDJiYy00MDkzLTkxYTYtNmY3NGFjZTUyMmUyLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUt
ZmRkZWZhOWEwMmM2L0ptTE9GT2tGNFk2OHQxSXZrck5vUzhTR1cwMC5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAem8RL9EVmraF5Q04H9G5LAus59Ba
nLa+9tJPrhNBH4GseSRm5A53VtdxVFQ1ZxaMeRO8ks5Rk3I5EtFPBR0h4pJScHMV
aXI3eC+izQpl/feVRUSvnLhLtC7l9M5KF3wePOjoahTINHHOn8S6genSjWt+MQeS
U7EQXkPgEBCcUMor3bcYjyVvvvvEdbSx6pZw4t3WpdyKahZGYOkmDS5rMkiZ/rpq
SrOxZp0dzpuZgcXNpkzflvgjj37ZCz7atKxPlh35wOAEEG+ihTGJFVxXZvsZnS8Z
xUhDt4oy/CihR6/BcsVQJ1uudiJuRXvdxQlrM0H+GnfTgUkBvCOtbREhfg==
-----END CERTIFICATE-----
Generated at Tue May 6 08:09:57 2025 by rpki-client