Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7e92cdfa-b9c0-4aa3-92a6-ac3a8c6a3513.roa
File: 7e92cdfa-b9c0-4aa3-92a6-ac3a8c6a3513.roa (raw, json)
Hash identifier: wh0P+0Ro9ezLYs5KdsPE7uUahg2J7JvwhsAfNZNEpEY=
Subject key identifier: 50:61:08:C2:9E:CE:61:00:65:F3:51:9D:48:FE:72:98:87:29:AE:98
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 232278E6D8E1E159DB71DB2C983D1352B6A1C52F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7e92cdfa-b9c0-4aa3-92a6-ac3a8c6a3513.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:22:78:e6:d8:e1:e1:59:db:71:db:2c:98:3d:13:52:b6:a1:c5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=23ba13e5002b16cc77a8b5a9f28c146aa998f0f133e58fa7069359d8e023ff4c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:94:fc:86:71:14:02:6c:e1:4c:eb:c6:f6:d4:
bc:f9:c4:00:d3:28:ed:ee:3c:b9:ef:90:b7:86:e3:
d1:35:bb:ae:50:df:d1:dd:61:7d:c2:f4:af:82:40:
23:af:f2:f0:b1:1f:70:23:9e:e6:f5:66:b7:e7:1e:
db:ce:4a:9d:81:cc:c1:00:73:90:77:02:95:43:63:
11:cc:ce:fb:3a:95:b8:02:23:fd:75:dd:31:69:fd:
b0:6e:40:94:5b:62:fa:a3:25:76:b2:9c:f4:24:3d:
4b:ef:22:f8:2e:23:23:54:ae:c9:ba:ac:37:58:ec:
15:17:7b:71:d7:3f:33:b0:9b:76:c8:ff:1e:9e:42:
17:e6:76:2f:7d:4b:94:7a:78:1f:16:ec:de:d4:fe:
75:8c:e2:ce:01:f0:bf:ba:5b:46:30:19:57:a6:fd:
b4:a0:71:bd:ac:62:f0:ab:3d:7c:50:1e:90:31:a0:
e2:ad:80:ce:0a:1e:b3:26:f0:25:bf:01:6d:45:9b:
eb:6a:96:24:77:ec:63:28:9d:11:c6:ab:2b:1a:7d:
7c:2c:e7:4f:40:52:a9:f5:e6:6e:97:f6:02:1f:fd:
13:1a:65:cd:c2:99:4c:00:32:e6:bd:a3:4a:f7:59:
ab:8d:d6:02:96:50:d2:15:2e:01:1c:7f:8d:d2:9a:
ed:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:61:08:C2:9E:CE:61:00:65:F3:51:9D:48:FE:72:98:87:29:AE:98
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7e92cdfa-b9c0-4aa3-92a6-ac3a8c6a3513.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a6:77:e6:56:f7:3d:16:31:ba:21:62:03:c6:9f:6b:b1:e2:
d4:b9:7a:31:e3:7f:e4:38:a4:61:84:ec:c0:1d:35:33:f0:b7:
d8:68:dd:1c:71:4b:0f:3e:0e:5c:3f:cd:cf:eb:f2:13:d4:27:
55:8e:8b:0c:48:7f:ff:cd:ee:b8:8e:6c:72:7f:69:74:3b:e3:
9b:83:48:76:33:0e:b5:5d:f5:4c:20:e4:12:2a:bd:b4:c9:15:
c6:96:6d:ea:7c:ad:6b:1b:51:0a:4c:30:d0:1c:ef:bb:b0:c1:
e9:52:d1:10:99:c7:9a:58:40:32:e6:d0:4d:6f:bc:3c:e0:91:
e8:e4:1a:63:69:62:9a:b1:b2:64:81:ae:20:1c:17:f9:13:f0:
bf:30:2a:ec:32:fc:2e:fb:03:4a:2b:07:e8:33:fe:09:63:83:
63:ea:22:10:c0:96:df:d2:a0:4c:c4:9d:fc:df:24:27:a5:e9:
8f:2f:d1:bd:d3:ba:b5:51:7a:8e:f5:00:8c:42:df:d2:2c:f1:
be:5e:5d:35:a0:66:44:c3:a5:fc:69:4b:6c:26:75:4c:64:ca:
54:ef:6a:d6:7d:65:d7:d2:18:08:8b:7e:69:b5:37:cf:6e:92:
79:b9:37:16:bf:3b:46:1b:75:dc:da:fa:4a:63:8d:d5:f6:1d:
2c:fb:96:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIyJ45tjh4VnbcdssmD0TUrahxS8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNDE3MDAwMDAwWhcNMjQwNTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyM2JhMTNlNTAwMmIxNmNjNzdhOGI1YTlmMjhjMTQ2YWE5
OThmMGYxMzNlNThmYTcwNjkzNTlkOGUwMjNmZjRjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6lPyGcRQCbOFM68b21Lz5xADTKO3uPLnvkLeG49E1u65Q
39HdYX3C9K+CQCOv8vCxH3Ajnub1ZrfnHtvOSp2BzMEAc5B3ApVDYxHMzvs6lbgC
I/113TFp/bBuQJRbYvqjJXaynPQkPUvvIvguIyNUrsm6rDdY7BUXe3HXPzOwm3bI
/x6eQhfmdi99S5R6eB8W7N7U/nWM4s4B8L+6W0YwGVem/bSgcb2sYvCrPXxQHpAx
oOKtgM4KHrMm8CW/AW1Fm+tqliR37GMonRHGqysafXws509AUqn15m6X9gIf/RMa
Zc3CmUwAMua9o0r3WauN1gKWUNIVLgEcf43Smu3ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUGEIwp7OYQBl81GdSP5ymIcprpgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdlOTJjZGZhLWI5YzAtNGFhMy05MmE2LWFjM2E4YzZhMzUxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHSmd+ZW9z0WMbohYgPGn2ux4tS5
ejHjf+Q4pGGE7MAdNTPwt9ho3RxxSw8+Dlw/zc/r8hPUJ1WOiwxIf//N7riObHJ/
aXQ745uDSHYzDrVd9Uwg5BIqvbTJFcaWbep8rWsbUQpMMNAc77uwwelS0RCZx5pY
QDLm0E1vvDzgkejkGmNpYpqxsmSBriAcF/kT8L8wKuwy/C77A0orB+gz/gljg2Pq
IhDAlt/SoEzEnfzfJCel6Y8v0b3TurVReo71AIxC39Is8b5eXTWgZkTDpfxpS2wm
dUxkylTvatZ9ZdfSGAiLfmm1N89uknm5Nxa/O0Ybddza+kpjjdX2HSz7llY=
-----END CERTIFICATE-----
Generated at Wed May 7 05:25:28 2025 by rpki-client