Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/814867a9-505c-4db2-87d2-46be6664b4c9.roa
File: 814867a9-505c-4db2-87d2-46be6664b4c9.roa (raw, json)
Hash identifier: 4+dVus1wOzJ1/0NhXSq1zVbfmHNPu9DtxYmOLM/Sfv8=
Subject key identifier: 22:D7:F2:7C:35:F4:22:A9:E5:2A:22:0E:06:DE:2F:83:60:B1:C1:D7
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 19D77ACEE51E242C4800F4AB4332210DFDCFF78B
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/814867a9-505c-4db2-87d2-46be6664b4c9.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:d7:7a:ce:e5:1e:24:2c:48:00:f4:ab:43:32:21:0d:fd:cf:f7:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=34be9a334335817590d47b9a8fbe3455c66afb485aae8a0bac5f9e762e571d01, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:c3:4c:4a:52:2d:18:ce:d4:6d:1d:d1:76:
5a:56:e0:7b:25:f0:75:f4:68:56:3e:08:05:5b:b3:
cf:91:04:68:cc:a9:a2:70:04:75:bb:bc:2d:d1:5a:
4c:f2:c7:ed:a1:3d:ae:fe:a4:15:ea:46:58:a7:31:
28:9e:6a:96:9c:3d:46:a6:76:be:76:90:94:cb:99:
24:2a:fa:76:ba:4f:62:97:07:b3:53:2c:dd:b1:09:
91:a6:28:18:a3:52:b8:0c:3b:43:63:b5:39:63:82:
1c:26:45:71:e6:63:ee:05:fb:41:ad:93:4f:dc:ff:
72:be:b4:df:4b:df:6e:8c:80:b6:48:41:52:a0:1c:
03:e7:12:7d:85:4c:36:5f:77:fe:30:91:3b:33:05:
20:ac:0d:28:92:b0:52:e0:f5:54:8b:73:62:89:ee:
84:e7:f7:2c:d2:cd:1d:eb:41:00:c5:54:f2:c6:fd:
b2:91:fd:8d:c2:1b:b3:ce:94:59:92:b4:a5:b1:ce:
9a:a0:d0:48:74:e0:01:33:47:56:18:b8:95:59:91:
70:d3:a5:de:52:00:df:34:b9:13:22:10:6d:a2:d7:
78:05:a0:e0:6a:6d:78:6d:7b:4c:67:e1:60:b8:53:
83:02:6f:69:89:f7:f0:4e:91:49:9b:6e:11:de:0c:
ac:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D7:F2:7C:35:F4:22:A9:E5:2A:22:0E:06:DE:2F:83:60:B1:C1:D7
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/814867a9-505c-4db2-87d2-46be6664b4c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c4:6d:0a:08:a9:4d:45:47:e4:15:03:7f:da:64:99:62:e2:
26:de:b4:f3:dc:39:6b:d8:e0:b4:9b:0a:b3:e2:2c:b9:43:c9:
ef:6d:9d:45:51:44:95:74:29:7e:f6:96:c1:90:a7:33:3d:de:
78:84:fe:4d:4d:01:0f:c5:98:36:66:92:36:94:bc:06:cc:9a:
e7:94:81:1c:cb:e4:1f:57:a4:19:15:3e:f4:4c:93:ed:1d:9f:
27:7f:58:8f:83:73:91:74:5d:4e:77:ac:c5:0a:0e:23:a8:40:
11:d7:8c:75:31:71:bf:d2:57:f7:f9:2e:e5:e5:1f:a4:a2:fb:
1b:43:de:ff:df:6b:78:d0:56:07:71:8d:44:b4:9b:1c:9d:6f:
84:12:46:10:ad:67:ab:78:95:a8:32:ae:77:d9:e6:08:44:00:
25:38:57:1a:f9:e6:c0:c7:eb:37:41:5e:c6:9d:35:a3:d0:32:
66:2e:4a:21:1f:df:f6:ef:4f:e7:a5:b1:56:8e:7d:1d:d3:73:
34:10:54:73:3c:8b:d6:7e:c8:ad:1d:8c:36:a1:73:c7:e2:ac:
fd:12:da:aa:7e:72:2b:18:93:df:c9:dd:a6:0f:ce:a0:24:ad:
dc:69:77:36:75:1f:7e:60:f9:69:78:16:63:18:e2:e2:de:50:
9a:14:4a:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGdd6zuUeJCxIAPSrQzIhDf3P94swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNDIzMDAwMDAwWhcNMjQwNTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNGJlOWEzMzQzMzU4MTc1OTBkNDdiOWE4ZmJlMzQ1NWM2
NmFmYjQ4NWFhZThhMGJhYzVmOWU3NjJlNTcxZDAxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCm6sNMSlItGM7UbR3RdlpW4Hsl8HX0aFY+CAVbs8+RBGjM
qaJwBHW7vC3RWkzyx+2hPa7+pBXqRlinMSieapacPUamdr52kJTLmSQq+na6T2KX
B7NTLN2xCZGmKBijUrgMO0NjtTljghwmRXHmY+4F+0Gtk0/c/3K+tN9L326MgLZI
QVKgHAPnEn2FTDZfd/4wkTszBSCsDSiSsFLg9VSLc2KJ7oTn9yzSzR3rQQDFVPLG
/bKR/Y3CG7POlFmStKWxzpqg0Eh04AEzR1YYuJVZkXDTpd5SAN80uRMiEG2i13gF
oOBqbXhte0xn4WC4U4MCb2mJ9/BOkUmbbhHeDKxnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUItfyfDX0IqnlKiIOBt4vg2CxwdcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzgxNDg2N2E5LTUwNWMtNGRiMi04N2QyLTQ2YmU2NjY0YjRjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJTEbQoIqU1FR+QVA3/aZJli4ibe
tPPcOWvY4LSbCrPiLLlDye9tnUVRRJV0KX72lsGQpzM93niE/k1NAQ/FmDZmkjaU
vAbMmueUgRzL5B9XpBkVPvRMk+0dnyd/WI+Dc5F0XU53rMUKDiOoQBHXjHUxcb/S
V/f5LuXlH6Si+xtD3v/fa3jQVgdxjUS0mxydb4QSRhCtZ6t4lagyrnfZ5ghEACU4
Vxr55sDH6zdBXsadNaPQMmYuSiEf3/bvT+elsVaOfR3TczQQVHM8i9Z+yK0djDah
c8firP0S2qp+cisYk9/J3aYPzqAkrdxpdzZ1H35g+Wl4FmMY4uLeUJoUSoQ=
-----END CERTIFICATE-----
Generated at Wed May 7 14:14:13 2025 by rpki-client