Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/747f9af6-3cc4-4ea3-ae23-321cb52c8525.roa
File: 747f9af6-3cc4-4ea3-ae23-321cb52c8525.roa (raw, json)
Hash identifier: r5G4/2V7TprpRuDB37wmqvDO+uWjVpr1t4szBC1ELYk=
Subject key identifier: E0:E4:D8:F6:58:4C:63:AF:D4:21:06:6A:71:88:F4:FF:95:E2:E1:82
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 30384154545C162651A70B9D77D87FA071547B32
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/747f9af6-3cc4-4ea3-ae23-321cb52c8525.roa
Signing time: Wed 22 Nov 2023 00:00:00 +0000
ROA not before: Wed 22 Nov 2023 00:00:00 +0000
ROA not after: Wed 27 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:38:41:54:54:5c:16:26:51:a7:0b:9d:77:d8:7f:a0:71:54:7b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 22 00:00:00 2023 GMT
Not After : Dec 27 23:59:59 2023 GMT
Subject: serialNumber=af0229c5d3f66b0740b80ef1f4eb269f54380876135af7c2b48a6fcca00fe145, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e7:b5:53:97:e9:64:38:3f:c4:8a:35:2d:b1:
39:12:e9:2a:04:f9:90:c9:c9:2f:28:9a:2c:ea:95:
65:03:d9:8f:6a:75:38:50:c0:31:7b:17:4d:dc:b3:
f9:c7:7d:03:97:a3:e7:98:3b:2b:ad:b0:5d:4f:c0:
3a:58:b0:e2:8a:9a:8b:6c:d8:d6:90:e3:da:7a:8a:
36:16:d0:0c:7e:46:f2:7f:aa:7a:8e:fe:ba:72:62:
fc:f7:23:2e:84:c5:ac:ea:6b:63:92:f2:7d:25:74:
04:a4:1b:62:0a:b9:11:b8:ca:9a:1d:a6:d6:25:e0:
56:4e:b0:1b:bd:6f:1a:ef:09:72:9a:01:4b:37:7e:
61:47:37:cc:bf:a3:14:a4:b4:71:7b:82:53:59:6d:
5b:b6:2d:ec:df:81:5e:66:c1:51:8b:44:fb:9e:6d:
54:93:0e:59:02:2e:aa:a6:6c:a3:ff:04:c2:f1:5b:
97:b1:7e:04:c9:6f:88:2f:3c:5f:81:7c:92:fa:80:
6e:ee:30:13:bb:a3:2c:15:e9:3a:67:3e:3b:16:a0:
b2:14:aa:11:a9:17:6e:a1:c7:ff:db:dd:3a:3e:ff:
05:98:54:3b:e5:8b:33:0f:5b:70:a9:be:60:18:82:
b2:23:c7:61:83:be:f2:49:70:92:ff:18:f7:de:9a:
61:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E4:D8:F6:58:4C:63:AF:D4:21:06:6A:71:88:F4:FF:95:E2:E1:82
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/747f9af6-3cc4-4ea3-ae23-321cb52c8525.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
39:b4:9a:e0:0b:c3:79:cb:12:03:e5:be:71:17:f4:0f:4a:71:
3f:2d:03:9a:66:48:3b:98:78:30:af:41:d9:af:99:ab:68:58:
92:bd:5c:39:9e:c6:40:a4:26:2c:34:3f:ff:8e:d3:34:1f:b2:
f1:34:59:ad:73:08:14:97:f9:ea:37:6c:9a:ff:1a:e0:37:f1:
4b:f2:6a:a6:0f:97:cf:f7:4c:6d:ef:b7:ca:c9:e8:ef:21:a4:
ca:90:23:3d:37:39:0a:6c:20:2d:99:0c:d8:52:ef:13:bb:d3:
96:06:89:b5:1e:3a:cc:8f:29:77:f9:f6:03:61:a5:87:d1:39:
9e:6a:04:b6:c0:01:6d:17:68:85:55:97:03:89:5b:4a:c7:b2:
f1:ed:f4:ad:e2:55:02:ad:b0:69:d3:0c:09:35:da:03:81:a0:
ae:0d:05:24:71:3c:66:d3:8e:9d:3f:34:db:a3:1f:70:5c:e0:
cc:4f:e8:d0:9e:de:5a:a5:fe:a8:7b:15:45:94:79:be:9e:4a:
a5:e3:78:d2:02:77:dc:b1:83:36:08:79:01:fc:ec:51:25:cd:
7d:2c:19:a1:80:2f:9e:e7:77:07:09:5c:b1:f7:52:64:53:24:
91:f1:81:39:31:f6:ef:d8:10:81:ef:ce:7f:9b:d6:2f:43:f9:
f3:b4:e0:e4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMDhBVFRcFiZRpwudd9h/oHFUezIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTIyMDAwMDAwWhcNMjMxMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjAyMjljNWQzZjY2YjA3NDBiODBlZjFmNGViMjY5ZjU0
MzgwODc2MTM1YWY3YzJiNDhhNmZjY2EwMGZlMTQ1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDS57VTl+lkOD/EijUtsTkS6SoE+ZDJyS8omizqlWUD2Y9q
dThQwDF7F03cs/nHfQOXo+eYOyutsF1PwDpYsOKKmots2NaQ49p6ijYW0Ax+RvJ/
qnqO/rpyYvz3Iy6Exazqa2OS8n0ldASkG2IKuRG4ypodptYl4FZOsBu9bxrvCXKa
AUs3fmFHN8y/oxSktHF7glNZbVu2LezfgV5mwVGLRPuebVSTDlkCLqqmbKP/BMLx
W5exfgTJb4gvPF+BfJL6gG7uMBO7oywV6TpnPjsWoLIUqhGpF26hx//b3To+/wWY
VDvlizMPW3CpvmAYgrIjx2GDvvJJcJL/GPfemmG3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4OTY9lhMY6/UIQZqcYj0/5Xi4YIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc0N2Y5YWY2LTNjYzQtNGVhMy1hZTIzLTMyMWNiNTJjODUyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADm0muALw3nLEgPlvnEX9A9KcT8t
A5pmSDuYeDCvQdmvmatoWJK9XDmexkCkJiw0P/+O0zQfsvE0Wa1zCBSX+eo3bJr/
GuA38UvyaqYPl8/3TG3vt8rJ6O8hpMqQIz03OQpsIC2ZDNhS7xO705YGibUeOsyP
KXf59gNhpYfROZ5qBLbAAW0XaIVVlwOJW0rHsvHt9K3iVQKtsGnTDAk12gOBoK4N
BSRxPGbTjp0/NNujH3Bc4MxP6NCe3lql/qh7FUWUeb6eSqXjeNICd9yxgzYIeQH8
7FElzX0sGaGAL57ndwcJXLH3UmRTJJHxgTkx9u/YEIHvzn+b1i9D+fO04OQ=
-----END CERTIFICATE-----
Generated at Wed May 7 07:55:03 2025 by rpki-client