Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/89f68978-5b1e-4d04-a673-9b9895b34b9b.roa
File: 89f68978-5b1e-4d04-a673-9b9895b34b9b.roa (raw, json)
Hash identifier: bJT73YHu+XToyuPvH2LAJsLZL9R9e5Rlsv3ViNeL6PE=
Subject key identifier: EE:9C:87:27:67:23:02:69:3C:DB:A8:D1:23:7B:9E:33:12:F3:E9:F1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 45BF91CD86D7313329FB8BAAB686C6F222D928FF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/89f68978-5b1e-4d04-a673-9b9895b34b9b.roa
Signing time: Sat 15 Mar 2025 19:53:20 +0000
ROA not before: Sat 15 Mar 2025 19:53:20 +0000
ROA not after: Sat 19 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:bf:91:cd:86:d7:31:33:29:fb:8b:aa:b6:86:c6:f2:22:d9:28:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 15 19:53:20 2025 GMT
Not After : Apr 19 23:59:59 2025 GMT
Subject: serialNumber=53b35e61b90618d50a577999b4c8a2361621b64769fce8a7062f978302628e52, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:42:10:f8:6a:ff:ef:ac:aa:40:b0:31:8b:
7b:be:f2:b1:7e:72:e9:32:77:05:9d:53:d8:e2:85:
83:8e:41:a0:6b:b4:df:2f:ff:fb:82:39:ad:b8:f7:
9d:74:2a:11:08:6e:50:44:e0:83:2d:7c:e1:49:7b:
c0:13:2d:e6:8f:2b:88:2c:65:da:09:f6:bf:12:68:
b0:1f:52:af:70:35:39:3a:a7:fa:2b:aa:8f:1e:5c:
55:7f:5e:53:41:af:7e:00:ac:08:d5:dc:4b:59:63:
83:90:02:82:e6:6a:dc:0e:8b:05:db:a5:94:8a:38:
e2:d9:e4:5c:fd:24:61:49:1f:b5:6a:fb:80:f9:92:
b3:40:5c:2f:aa:ae:9a:28:34:dc:b2:44:aa:96:46:
17:3b:61:2c:9f:ba:c7:36:b8:57:35:2b:1c:74:ed:
c0:9a:ee:22:d8:55:ba:c4:f4:3c:2b:30:50:02:a8:
3a:eb:c5:9c:d1:f7:91:17:90:12:5c:ae:68:d5:d4:
74:b7:53:ba:0f:c0:e6:9d:ef:37:a7:d5:bc:f0:6c:
9d:e0:66:80:b4:b5:1b:78:5b:7a:a9:1b:cf:64:95:
09:99:3e:9d:bb:ff:74:c8:df:2f:1f:d6:77:b5:c9:
4f:9b:57:93:50:12:0a:89:4a:54:c7:c7:89:bb:20:
e1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9C:87:27:67:23:02:69:3C:DB:A8:D1:23:7B:9E:33:12:F3:E9:F1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/89f68978-5b1e-4d04-a673-9b9895b34b9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:d8:90:de:60:cf:b4:45:bc:c0:7b:82:5f:aa:89:e5:26:a1:
dd:f1:f7:6b:f9:ab:bf:81:27:00:d1:82:d7:c5:cf:ad:b9:85:
09:af:c5:8c:ed:4b:55:0c:54:40:27:fa:e5:1c:8e:1d:92:40:
cf:af:cd:de:02:29:08:a5:ce:7d:6b:f4:d6:36:06:e6:d8:ef:
93:0c:d0:a5:d6:c5:aa:ec:43:39:c7:2a:68:6c:38:f0:cc:9a:
a9:48:c8:6f:e7:81:5c:e5:cd:11:f7:23:f0:ac:3b:c0:47:69:
00:a6:69:03:b4:c5:f6:e2:78:5e:f1:da:6f:06:64:2b:14:0d:
c9:de:60:53:f4:7f:76:c4:c7:16:ee:f5:f6:93:0a:d1:cc:7f:
23:27:96:b7:aa:35:36:2f:8c:ae:c8:31:b9:53:43:9b:0a:22:
e4:2a:c8:e1:4c:4f:db:90:5b:d1:1d:e1:a2:98:8e:a0:73:53:
0e:55:b4:63:8c:38:58:72:6e:36:91:c5:fc:2f:f3:e7:c3:77:
54:96:2a:99:f0:0f:17:13:fb:06:41:8c:c0:a7:dc:43:be:d5:
72:4e:1d:64:c5:5e:49:ac:42:f7:34:e7:9e:1c:40:d4:e0:0a:
80:32:1f:84:e8:f4:87:70:81:f6:f0:87:85:fa:26:27:3e:d0:
25:fd:93:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURb+RzYbXMTMp+4uqtobG8iLZKP8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzE1MTk1MzIwWhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1M2IzNWU2MWI5MDYxOGQ1MGE1Nzc5OTliNGM4YTIzNjE2
MjFiNjQ3NjlmY2U4YTcwNjJmOTc4MzAyNjI4ZTUyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8EEIQ+Gr/76yqQLAxi3u+8rF+cukydwWdU9jihYOOQaBr
tN8v//uCOa249510KhEIblBE4IMtfOFJe8ATLeaPK4gsZdoJ9r8SaLAfUq9wNTk6
p/orqo8eXFV/XlNBr34ArAjV3EtZY4OQAoLmatwOiwXbpZSKOOLZ5Fz9JGFJH7Vq
+4D5krNAXC+qrpooNNyyRKqWRhc7YSyfusc2uFc1Kxx07cCa7iLYVbrE9DwrMFAC
qDrrxZzR95EXkBJcrmjV1HS3U7oPwOad7zen1bzwbJ3gZoC0tRt4W3qpG89klQmZ
Pp27/3TI3y8f1ne1yU+bV5NQEgqJSlTHx4m7IOFDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7pyHJ2cjAmk826jRI3ueMxLz6fEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg5ZjY4OTc4LTViMWUtNGQwNC1hNjczLTliOTg5NWIzNGI5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAI/YkN5gz7RFvMB7gl+qieUmod3x
92v5q7+BJwDRgtfFz625hQmvxYztS1UMVEAn+uUcjh2SQM+vzd4CKQilzn1r9NY2
BubY75MM0KXWxarsQznHKmhsOPDMmqlIyG/ngVzlzRH3I/CsO8BHaQCmaQO0xfbi
eF7x2m8GZCsUDcneYFP0f3bExxbu9faTCtHMfyMnlreqNTYvjK7IMblTQ5sKIuQq
yOFMT9uQW9Ed4aKYjqBzUw5VtGOMOFhybjaRxfwv8+fDd1SWKpnwDxcT+wZBjMCn
3EO+1XJOHWTFXkmsQvc0554cQNTgCoAyH4To9Idwgfbwh4X6Jic+0CX9k5w=
-----END CERTIFICATE-----
Generated at Tue May 6 07:29:15 2025 by rpki-client