Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8a5e0b89-ac4a-4b36-988c-65c239257ba1.roa
File: 8a5e0b89-ac4a-4b36-988c-65c239257ba1.roa (raw, json)
Hash identifier: h/4vVxTrzRV9CyzH5aRmYEv5PxScLxc1ov3ca9YDuIk=
Subject key identifier: BD:BB:B3:C7:42:FA:7F:22:11:43:57:0C:33:3D:C3:3C:B5:01:5D:E1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 15AAA5C0D015C45C0A4BF92961E5863FEF8104D3
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8a5e0b89-ac4a-4b36-988c-65c239257ba1.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:aa:a5:c0:d0:15:c4:5c:0a:4b:f9:29:61:e5:86:3f:ef:81:04:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=f94b8c37f1afe9aabbd95af66dab40cb31e1fa4f8ab28f683e3fa59db2a7585d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:bc:50:a9:bf:3c:e4:6f:63:54:55:c2:5d:
5a:eb:20:e1:d2:12:16:68:fe:1b:e9:a4:a2:ff:dc:
f4:a8:ef:98:1f:76:1f:be:62:7c:4c:62:a9:5e:74:
af:ce:b2:ab:03:4a:d9:a2:6f:15:d9:c6:dd:2f:fd:
6d:10:9a:d8:a9:e9:a4:6b:2d:de:5b:cf:d0:95:08:
e2:61:18:14:36:f3:cc:12:10:f3:04:35:c2:29:3a:
f6:29:ed:f2:47:f0:87:09:60:4f:3f:ff:45:c6:07:
5b:aa:50:e3:13:f1:8c:2e:1f:dc:5e:1e:c6:5b:c1:
ad:6d:70:bf:95:58:6c:4e:79:35:f4:cf:c4:18:cd:
2d:54:b1:9a:51:b2:da:cd:7e:87:20:01:bc:32:56:
3f:93:f2:bb:a5:c9:ee:25:99:5d:2b:39:c9:9e:2d:
d4:15:03:20:dc:64:51:7c:83:62:08:40:65:b3:7b:
68:3d:ad:37:a8:99:e6:2f:69:48:32:21:3c:0f:9d:
11:80:40:aa:42:75:6f:ec:bb:e4:42:29:13:6d:6a:
08:3b:78:bd:d2:c3:ef:55:cf:86:60:95:76:17:2c:
a0:b5:ed:9e:17:e7:8c:45:ab:e2:ee:dc:f3:4a:92:
fa:02:3d:2a:ec:19:07:c7:41:68:dd:21:ce:8d:c7:
a3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:BB:B3:C7:42:FA:7F:22:11:43:57:0C:33:3D:C3:3C:B5:01:5D:E1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8a5e0b89-ac4a-4b36-988c-65c239257ba1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
68:65:a4:12:b1:b9:2a:4b:1b:53:4f:b9:6e:8a:6c:16:9b:72:
3b:23:7f:47:77:21:4e:79:e7:7d:8d:a2:5a:8a:92:08:ce:19:
59:73:8e:6e:0e:35:9b:87:ec:a5:1b:8f:3e:e1:36:f4:e7:7e:
b1:19:6f:06:80:60:d7:d8:86:3c:ea:06:aa:89:fd:0a:bb:e9:
9a:68:3d:52:a1:f9:4b:bf:fb:69:d4:8c:45:5d:18:9e:00:81:
c6:1c:51:2a:2a:5d:51:68:58:38:f8:9a:52:ae:6f:e7:53:ce:
9c:3e:eb:43:ed:30:52:fe:48:c0:a7:e8:3c:1f:80:86:2b:86:
44:da:cf:d5:d2:50:8d:b2:e5:7e:25:9e:a8:78:b4:16:12:75:
d0:0a:8d:5f:32:8a:2c:8b:f1:71:f3:3c:33:d6:e8:f5:06:38:
9e:42:c6:9e:76:1a:a2:bb:a6:65:92:1c:86:7d:81:0a:ea:18:
9e:b2:15:03:33:d3:cc:46:de:4c:98:72:2b:17:dd:39:ed:96:
ee:a4:b0:15:75:2a:c8:bf:e2:a5:c0:15:ac:7c:0d:d7:fa:d4:
6d:3a:f1:2a:83:d4:72:70:04:c2:70:e0:02:0c:7f:25:8a:4f:
39:54:83:9f:e1:cf:a6:ca:11:82:7f:7b:b3:e3:af:b5:d5:45:
30:76:57:cb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFaqlwNAVxFwKS/kpYeWGP++BBNMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDI5MDAwMDAwWhcNMjQxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOTRiOGMzN2YxYWZlOWFhYmJkOTVhZjY2ZGFiNDBjYjMx
ZTFmYTRmOGFiMjhmNjgzZTNmYTU5ZGIyYTc1ODVkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkLLxQqb885G9jVFXCXVrrIOHSEhZo/hvppKL/3PSo75gf
dh++YnxMYqledK/OsqsDStmibxXZxt0v/W0Qmtip6aRrLd5bz9CVCOJhGBQ288wS
EPMENcIpOvYp7fJH8IcJYE8//0XGB1uqUOMT8YwuH9xeHsZbwa1tcL+VWGxOeTX0
z8QYzS1UsZpRstrNfocgAbwyVj+T8rulye4lmV0rOcmeLdQVAyDcZFF8g2IIQGWz
e2g9rTeomeYvaUgyITwPnRGAQKpCdW/su+RCKRNtagg7eL3Sw+9Vz4ZglXYXLKC1
7Z4X54xFq+Lu3PNKkvoCPSrsGQfHQWjdIc6Nx6NJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvbuzx0L6fyIRQ1cMMz3DPLUBXeEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhhNWUwYjg5LWFjNGEtNGIzNi05ODhjLTY1YzIzOTI1N2JhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGhlpBKxuSpLG1NPuW6KbBabcjsj
f0d3IU55532NolqKkgjOGVlzjm4ONZuH7KUbjz7hNvTnfrEZbwaAYNfYhjzqBqqJ
/Qq76ZpoPVKh+Uu/+2nUjEVdGJ4AgcYcUSoqXVFoWDj4mlKub+dTzpw+60PtMFL+
SMCn6DwfgIYrhkTaz9XSUI2y5X4lnqh4tBYSddAKjV8yiiyL8XHzPDPW6PUGOJ5C
xp52GqK7pmWSHIZ9gQrqGJ6yFQMz08xG3kyYcisX3Tntlu6ksBV1Ksi/4qXAFax8
Ddf61G068SqD1HJwBMJw4AIMfyWKTzlUg5/hz6bKEYJ/e7Pjr7XVRTB2V8s=
-----END CERTIFICATE-----
Generated at Sun May 11 15:04:55 2025 by rpki-client