Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7f90ce9b-8807-4af6-b991-0df1c5dd2318.roa
File: 7f90ce9b-8807-4af6-b991-0df1c5dd2318.roa (raw, json)
Hash identifier: +dlKFCVhDMHL6SUJUlNpVarA2Za5aF9mVQw1dyiHcf8=
Subject key identifier: 79:EE:5E:7B:7A:4F:70:E6:5D:A1:9B:29:F6:41:8F:20:DC:3E:7E:01
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6C778154467F49A35D0AD38972C95D29E066CA76
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7f90ce9b-8807-4af6-b991-0df1c5dd2318.roa
Signing time: Fri 12 Jan 2024 00:00:00 +0000
ROA not before: Fri 12 Jan 2024 00:00:00 +0000
ROA not after: Fri 16 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:77:81:54:46:7f:49:a3:5d:0a:d3:89:72:c9:5d:29:e0:66:ca:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 12 00:00:00 2024 GMT
Not After : Feb 16 23:59:59 2024 GMT
Subject: serialNumber=93105cba721a5f7721c1e1071674392c7ae8ad4bbbc163b59de3033685aba211, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fd:08:49:39:01:5f:bb:c7:37:25:20:37:3a:
3e:bb:d3:6e:02:e4:b7:08:fd:aa:4d:ab:d5:0c:18:
5a:13:5f:b8:ff:cd:3d:db:59:10:7b:66:ba:a3:ca:
58:df:0a:98:44:23:92:a2:af:d2:a9:31:46:ac:89:
0f:50:47:8b:43:13:5c:6e:82:90:78:fd:ea:3c:52:
03:c9:22:40:85:ba:fd:e0:a6:7c:6e:9b:09:df:b4:
8d:b2:4e:ad:3f:34:fb:45:ca:1c:0b:c9:66:ea:0b:
23:5f:13:c8:2a:d5:c4:07:73:34:e8:b0:d1:8a:5a:
33:aa:7b:5b:f2:61:0f:43:e0:35:bf:e0:c7:0f:00:
b4:04:a3:ce:2a:9e:a6:57:b0:5e:1a:74:ef:ce:24:
05:9c:2c:41:ef:71:02:a3:05:3d:8b:d4:ca:d2:e9:
1a:35:8d:26:34:e7:93:db:8a:6f:a6:52:7c:bb:e3:
a6:14:32:04:1c:67:b8:5e:57:b5:f0:3a:15:bd:70:
74:68:74:7f:66:10:18:19:b5:68:e5:0d:40:b1:60:
e4:80:60:0d:19:c5:2e:26:cf:6d:d6:a0:c2:49:8b:
61:3b:e7:a9:68:b6:ae:13:c9:ca:55:cb:39:fd:1e:
60:c0:c3:e5:9e:6d:41:fe:70:af:8e:a0:59:5c:c6:
88:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:EE:5E:7B:7A:4F:70:E6:5D:A1:9B:29:F6:41:8F:20:DC:3E:7E:01
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7f90ce9b-8807-4af6-b991-0df1c5dd2318.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
22:9f:ca:ac:9c:6b:56:44:e3:a0:33:b4:5f:18:f1:73:85:54:
e9:42:d1:2d:85:4f:a7:b1:56:e7:9f:1d:63:29:d1:69:1b:f0:
23:93:e7:a9:3d:50:e8:97:de:0f:a8:07:0b:1c:56:f5:e8:b5:
9d:22:77:db:00:c2:74:f3:8a:d0:05:50:49:20:35:15:00:20:
93:bd:13:6d:02:ee:bc:85:38:60:4d:c6:7c:55:fc:9e:d7:85:
fc:d9:58:86:e9:db:c9:c1:2d:57:1e:ac:a8:77:73:be:ec:a9:
5f:a8:40:73:94:98:fe:8d:85:9a:9d:2c:f3:66:2c:83:03:d3:
f5:db:28:b4:d6:f9:14:23:05:dd:ab:13:cd:74:85:b8:d7:38:
f8:dd:45:c5:93:64:b6:ac:ab:72:ed:26:7f:37:6a:1f:8c:9f:
42:0d:d4:b0:3b:75:61:25:ec:4a:4c:cf:39:be:23:99:72:8d:
eb:6b:d3:80:6d:e2:4b:7f:68:0c:8d:d4:0c:7f:b3:2d:ee:8f:
51:60:37:7a:ed:26:79:39:70:e8:c6:6d:b7:78:77:b0:e0:d8:
fd:e8:c1:bc:c4:e7:e5:33:85:db:21:64:f5:5f:3d:64:30:48:
9b:f0:32:74:6a:9c:16:74:66:43:b6:da:41:f8:c6:ce:5a:65:
ae:0a:f8:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbHeBVEZ/SaNdCtOJcsldKeBmynYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTEyMDAwMDAwWhcNMjQwMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MzEwNWNiYTcyMWE1Zjc3MjFjMWUxMDcxNjc0MzkyYzdh
ZThhZDRiYmJjMTYzYjU5ZGUzMDMzNjg1YWJhMjExMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDK/QhJOQFfu8c3JSA3Oj67024C5LcI/apNq9UMGFoTX7j/
zT3bWRB7ZrqjyljfCphEI5Kir9KpMUasiQ9QR4tDE1xugpB4/eo8UgPJIkCFuv3g
pnxumwnftI2yTq0/NPtFyhwLyWbqCyNfE8gq1cQHczTosNGKWjOqe1vyYQ9D4DW/
4McPALQEo84qnqZXsF4adO/OJAWcLEHvcQKjBT2L1MrS6Ro1jSY055Pbim+mUny7
46YUMgQcZ7heV7XwOhW9cHRodH9mEBgZtWjlDUCxYOSAYA0ZxS4mz23WoMJJi2E7
56lotq4TycpVyzn9HmDAw+WebUH+cK+OoFlcxojTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUee5ee3pPcOZdoZsp9kGPINw+fgEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdmOTBjZTliLTg4MDctNGFmNi1iOTkxLTBkZjFjNWRkMjMxOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACKfyqyca1ZE46AztF8Y8XOFVOlC
0S2FT6exVuefHWMp0Wkb8COT56k9UOiX3g+oBwscVvXotZ0id9sAwnTzitAFUEkg
NRUAIJO9E20C7ryFOGBNxnxV/J7XhfzZWIbp28nBLVcerKh3c77sqV+oQHOUmP6N
hZqdLPNmLIMD0/XbKLTW+RQjBd2rE810hbjXOPjdRcWTZLasq3LtJn83ah+Mn0IN
1LA7dWEl7EpMzzm+I5lyjetr04Bt4kt/aAyN1Ax/sy3uj1FgN3rtJnk5cOjGbbd4
d7Dg2P3owbzE5+UzhdshZPVfPWQwSJvwMnRqnBZ0ZkO22kH4xs5aZa4K+Cc=
-----END CERTIFICATE-----
Generated at Wed May 7 03:52:31 2025 by rpki-client