Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/295a49d7-c70f-4196-9742-f063fd2712fe.roa
File: 295a49d7-c70f-4196-9742-f063fd2712fe.roa (raw, json)
Hash identifier: TtEY/i/MbWlzUBjVeWGuVjpyHYp60evZBWnlvMnxd/M=
Subject key identifier: 54:B8:CC:E3:5A:44:D3:3E:18:0D:42:41:A0:26:21:07:E6:5F:DB:76
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 39BA2A4CA5C9BAD7AAF1B64D42758386C27644BF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/295a49d7-c70f-4196-9742-f063fd2712fe.roa
Signing time: Wed 21 Aug 2024 00:00:00 +0000
ROA not before: Wed 21 Aug 2024 00:00:00 +0000
ROA not after: Wed 25 Sep 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:ba:2a:4c:a5:c9:ba:d7:aa:f1:b6:4d:42:75:83:86:c2:76:44:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 21 00:00:00 2024 GMT
Not After : Sep 25 23:59:59 2024 GMT
Subject: serialNumber=cee1f8c750e9861106ea5a3bf7e43abe814cc9b0ab6f0509ea2f0c48014d7142, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:89:9e:39:de:98:b9:5a:f4:49:8c:ac:4c:30:
39:ee:e5:16:81:c0:9e:f1:4a:c7:20:85:8d:43:4c:
df:2e:87:8d:08:b2:9e:70:71:0d:c3:e2:65:54:c8:
1f:75:43:95:0c:34:94:f2:b9:71:bb:94:8f:b1:fc:
bf:61:dd:61:90:60:cc:3f:8c:88:20:e5:45:80:bb:
bd:21:52:85:1a:26:59:ee:9d:73:fc:fa:dd:af:ef:
52:71:1a:07:da:d0:68:eb:69:93:e7:23:73:7b:02:
04:09:00:52:0b:20:40:48:fc:19:3e:dc:16:5b:da:
2e:50:8c:67:eb:ef:eb:09:be:d2:f1:f0:27:8f:18:
da:98:08:a2:d9:54:6b:9b:cd:d3:f4:4b:29:81:bf:
61:d3:78:46:11:78:3f:ea:a3:48:a2:82:7a:e0:75:
fc:5d:79:7e:54:ca:b2:6f:48:0d:54:05:71:a3:48:
8b:59:76:a0:ff:71:fd:af:9e:61:e1:f3:64:b0:2e:
38:eb:26:1b:69:82:09:37:2e:5f:7b:5a:cb:7a:ec:
b3:d2:99:a2:ab:a1:ec:0f:be:7a:d1:f8:f5:ea:9d:
ce:7a:ca:52:a9:43:8f:da:cc:eb:98:76:7e:dc:e1:
95:e8:90:44:df:5c:f2:a5:de:ce:7b:d3:b3:99:49:
60:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B8:CC:E3:5A:44:D3:3E:18:0D:42:41:A0:26:21:07:E6:5F:DB:76
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/295a49d7-c70f-4196-9742-f063fd2712fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
86:87:68:ed:a4:c1:77:c8:ed:8a:d3:92:65:88:a9:6a:fb:dc:
31:72:0e:2b:50:e1:13:59:f1:1d:7a:46:f4:72:68:3d:86:72:
68:99:ae:32:97:42:06:78:fa:cd:39:55:41:7b:4c:c6:37:81:
00:45:ee:e0:e6:1b:c5:28:d6:b4:51:44:a3:c7:d8:06:0e:67:
ca:e4:8e:e7:6e:a0:6f:0f:49:b5:51:b1:a7:6a:41:b0:0f:e3:
02:bb:cd:80:ce:c0:82:58:c1:19:52:ff:af:ab:f9:4b:88:8c:
a6:40:19:7c:07:df:3f:ad:e2:6c:9e:90:21:be:b0:d5:4d:ef:
34:81:6a:4e:e4:c3:4f:eb:a1:96:44:15:97:79:2f:21:49:2c:
5f:50:22:9c:77:8e:38:2c:0b:24:76:2a:6e:3e:86:41:ac:31:
9f:52:32:29:16:cf:5f:3d:44:bd:7f:8b:c1:1f:b4:96:7e:2e:
df:f9:a0:cf:69:f5:65:ff:cb:8a:01:fa:c8:40:71:4c:0e:08:
f9:4b:73:58:93:60:e1:20:63:d2:3e:aa:d9:c6:73:4b:ff:cc:
cf:f8:3c:72:33:9c:76:7a:53:e9:4b:4d:ec:83:18:b5:c9:89:
dc:f8:39:b7:e2:98:aa:df:31:69:9e:23:c4:c4:e0:5d:be:00:
65:29:c8:ae
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOboqTKXJuteq8bZNQnWDhsJ2RL8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwODIxMDAwMDAwWhcNMjQwOTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZWUxZjhjNzUwZTk4NjExMDZlYTVhM2JmN2U0M2FiZTgx
NGNjOWIwYWI2ZjA1MDllYTJmMGM0ODAxNGQ3MTQyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQiZ453pi5WvRJjKxMMDnu5RaBwJ7xSscghY1DTN8uh40I
sp5wcQ3D4mVUyB91Q5UMNJTyuXG7lI+x/L9h3WGQYMw/jIgg5UWAu70hUoUaJlnu
nXP8+t2v71JxGgfa0GjraZPnI3N7AgQJAFILIEBI/Bk+3BZb2i5QjGfr7+sJvtLx
8CePGNqYCKLZVGubzdP0SymBv2HTeEYReD/qo0iignrgdfxdeX5UyrJvSA1UBXGj
SItZdqD/cf2vnmHh82SwLjjrJhtpggk3Ll97Wst67LPSmaKroewPvnrR+PXqnc56
ylKpQ4/azOuYdn7c4ZXokETfXPKl3s5707OZSWDFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVLjM41pE0z4YDUJBoCYhB+Zf23YwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI5NWE0OWQ3LWM3MGYtNDE5Ni05NzQyLWYwNjNmZDI3MTJmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIaHaO2kwXfI7YrTkmWIqWr73DFy
DitQ4RNZ8R16RvRyaD2GcmiZrjKXQgZ4+s05VUF7TMY3gQBF7uDmG8Uo1rRRRKPH
2AYOZ8rkjuduoG8PSbVRsadqQbAP4wK7zYDOwIJYwRlS/6+r+UuIjKZAGXwH3z+t
4myekCG+sNVN7zSBak7kw0/roZZEFZd5LyFJLF9QIpx3jjgsCyR2Km4+hkGsMZ9S
MikWz189RL1/i8EftJZ+Lt/5oM9p9WX/y4oB+shAcUwOCPlLc1iTYOEgY9I+qtnG
c0v/zM/4PHIznHZ6U+lLTeyDGLXJidz4ObfimKrfMWmeI8TE4F2+AGUpyK4=
-----END CERTIFICATE-----
Generated at Wed May 7 16:55:54 2025 by rpki-client