Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/349bfa7d-976d-4497-917c-68b43a00d94e.roa
File: 349bfa7d-976d-4497-917c-68b43a00d94e.roa (raw, json)
Hash identifier: 2dd4tRVArLI/tGOuOAeKyAO4nXinwE5IMvcC2EQw9G0=
Subject key identifier: 5C:0B:7D:32:E5:F1:CB:D3:48:2C:D0:E0:F8:D1:05:2E:F8:FC:58:FB
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6C9B9DD246E0A0BDE1B4BA60208BF8721153EDD4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/349bfa7d-976d-4497-917c-68b43a00d94e.roa
Signing time: Sun 02 Jul 2023 00:00:00 +0000
ROA not before: Sun 02 Jul 2023 00:00:00 +0000
ROA not after: Sun 06 Aug 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:9b:9d:d2:46:e0:a0:bd:e1:b4:ba:60:20:8b:f8:72:11:53:ed:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 2 00:00:00 2023 GMT
Not After : Aug 6 23:59:59 2023 GMT
Subject: serialNumber=3c71e057564c739b0d7ceb7e7e837c1a79dd2269fd58279353963b233315a397, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e5:a4:9c:bb:c7:49:af:18:83:79:87:eb:51:
c1:c9:e0:ff:85:22:6d:9f:8c:60:4b:ca:61:a8:48:
91:ef:3b:6d:af:d4:ed:f8:53:41:e4:5e:c0:6f:94:
12:fb:4e:55:76:0c:96:75:1f:2b:e5:0b:9d:02:56:
34:67:7e:63:68:36:ce:47:00:a2:57:26:34:83:5b:
56:ff:34:a0:01:e0:b1:46:44:3e:65:8a:bb:6e:8e:
9b:9f:c2:a4:49:7d:de:2b:05:52:a2:cb:62:89:cb:
6e:95:1a:d7:f3:26:c3:76:a0:47:95:fa:35:29:a0:
a7:7f:6e:04:5e:56:c1:fd:1f:91:70:08:86:78:f6:
64:4e:77:70:b9:16:17:bb:a8:08:3b:08:56:17:17:
78:bb:2d:e8:13:c7:39:67:28:cd:3c:80:e0:b3:9d:
84:45:7d:11:0e:8d:f7:b8:c1:9c:a3:07:0e:e4:2f:
98:2b:e2:69:fc:91:06:57:69:f9:ba:76:fa:19:19:
62:18:25:e0:f5:12:24:60:ab:2d:99:08:ce:29:8d:
19:93:cd:f1:f3:e4:e4:79:4b:b1:67:1e:b5:4b:0b:
cc:11:69:47:55:f3:07:ef:7e:56:7d:9f:6c:7e:97:
c3:3b:e8:e0:a2:a7:cb:f5:6e:d8:fd:85:ce:39:4d:
f7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0B:7D:32:E5:F1:CB:D3:48:2C:D0:E0:F8:D1:05:2E:F8:FC:58:FB
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/349bfa7d-976d-4497-917c-68b43a00d94e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
02:6d:8e:ce:09:cf:fc:a2:a2:f4:10:ff:7b:a3:90:cf:28:cf:
78:cb:04:1e:31:02:72:09:87:32:20:0a:88:c7:6e:71:7f:3f:
35:fd:54:25:61:23:a1:a8:b6:e4:87:4a:5f:92:11:f6:5f:6c:
0d:df:33:08:16:a9:54:c8:2d:62:b0:c1:85:47:47:55:aa:9c:
03:5b:0d:10:be:75:45:e0:36:7c:10:44:50:51:6e:8f:9d:01:
47:e9:42:f7:ad:8a:59:10:b8:ad:02:88:26:95:72:24:0a:35:
45:22:90:97:8a:fa:f7:24:f3:0a:54:8a:b3:df:61:f9:11:a4:
6a:77:22:ee:6b:ed:ec:05:7d:c0:18:d5:a9:b1:09:03:46:74:
32:3a:4c:65:8f:01:cd:ed:24:8f:fc:5d:0c:3a:8c:82:c0:9e:
1c:c9:a3:ab:b6:43:53:3f:24:89:6f:30:ca:eb:1b:d1:d7:46:
07:83:d9:1a:9b:27:03:a3:e5:c3:1d:e2:58:a0:76:f1:32:72:
b0:43:d4:bf:59:35:f6:0f:12:85:2d:15:e1:36:2a:7c:16:a0:
94:37:3b:6b:b4:4b:2a:01:ef:cf:86:c7:66:61:3f:80:40:15:
89:e7:20:92:06:26:18:e4:9a:4d:8f:7a:c2:0f:34:77:2a:8d:
7a:e1:e2:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbJud0kbgoL3htLpgIIv4chFT7dQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzAyMDAwMDAwWhcNMjMwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYzcxZTA1NzU2NGM3MzliMGQ3Y2ViN2U3ZTgzN2MxYTc5
ZGQyMjY5ZmQ1ODI3OTM1Mzk2M2IyMzMzMTVhMzk3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC95aScu8dJrxiDeYfrUcHJ4P+FIm2fjGBLymGoSJHvO22v
1O34U0HkXsBvlBL7TlV2DJZ1HyvlC50CVjRnfmNoNs5HAKJXJjSDW1b/NKAB4LFG
RD5lirtujpufwqRJfd4rBVKiy2KJy26VGtfzJsN2oEeV+jUpoKd/bgReVsH9H5Fw
CIZ49mROd3C5Fhe7qAg7CFYXF3i7LegTxzlnKM08gOCznYRFfREOjfe4wZyjBw7k
L5gr4mn8kQZXafm6dvoZGWIYJeD1EiRgqy2ZCM4pjRmTzfHz5OR5S7FnHrVLC8wR
aUdV8wfvflZ9n2x+l8M76OCip8v1btj9hc45TffBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXAt9MuXxy9NILNDg+NEFLvj8WPswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzM0OWJmYTdkLTk3NmQtNDQ5Ny05MTdjLTY4YjQzYTAwZDk0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAJtjs4Jz/yiovQQ/3ujkM8oz3jL
BB4xAnIJhzIgCojHbnF/PzX9VCVhI6GotuSHSl+SEfZfbA3fMwgWqVTILWKwwYVH
R1WqnANbDRC+dUXgNnwQRFBRbo+dAUfpQvetilkQuK0CiCaVciQKNUUikJeK+vck
8wpUirPfYfkRpGp3Iu5r7ewFfcAY1amxCQNGdDI6TGWPAc3tJI/8XQw6jILAnhzJ
o6u2Q1M/JIlvMMrrG9HXRgeD2RqbJwOj5cMd4ligdvEycrBD1L9ZNfYPEoUtFeE2
KnwWoJQ3O2u0SyoB78+Gx2ZhP4BAFYnnIJIGJhjkmk2PesIPNHcqjXrh4gg=
-----END CERTIFICATE-----
Generated at Tue May 6 07:20:33 2025 by rpki-client