Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8b1405a5-9549-44fc-afdc-6049e116e7cf.roa
File: 8b1405a5-9549-44fc-afdc-6049e116e7cf.roa (raw, json)
Hash identifier: Ob/23n94sPpkJJ85Zkt2HkLQkLXo/sfdnUilnGZv/j4=
Subject key identifier: C6:95:A6:70:D5:45:B1:D8:D5:53:63:1D:72:CF:57:10:1B:0B:4C:75
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3227642A088DB843BAC6233D19C7CF204C21E714
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8b1405a5-9549-44fc-afdc-6049e116e7cf.roa
Signing time: Sun 02 Feb 2025 00:00:00 +0000
ROA not before: Sun 02 Feb 2025 00:00:00 +0000
ROA not after: Sun 09 Mar 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:27:64:2a:08:8d:b8:43:ba:c6:23:3d:19:c7:cf:20:4c:21:e7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 2 00:00:00 2025 GMT
Not After : Mar 9 23:59:59 2025 GMT
Subject: serialNumber=4060ae73c79781852de479c2fb111dafa08e132c327ae5b63687da4be10b5487, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:60:b2:67:28:fd:1f:29:b4:db:84:b8:2a:29:
c9:c7:8b:87:b6:3c:88:55:72:e6:16:a6:f0:db:17:
a6:a7:6e:8a:b7:fa:38:5d:65:fa:99:68:d8:4e:2e:
cc:fb:80:ad:37:2d:8a:87:e9:60:f9:c3:c9:92:dd:
fd:d6:f0:57:35:e6:58:d7:ff:43:f1:e4:4e:1e:85:
cd:31:59:03:65:36:7f:80:d5:d0:c3:74:50:ab:da:
b3:88:16:28:f9:4c:19:8b:fe:8f:ba:8c:66:30:24:
02:d1:6e:7b:88:d9:c6:9b:94:74:31:08:ae:01:ab:
0a:47:12:ee:c5:f9:7e:90:d8:47:76:97:52:f7:f1:
d8:c6:fa:19:0d:23:c3:f6:67:04:00:f0:15:d1:ac:
c3:97:85:d0:e6:e6:82:4d:b8:8b:d1:0f:e0:92:94:
93:b4:16:b1:4b:65:ce:db:e8:16:3a:e8:43:56:a7:
fa:6d:d2:e6:47:6b:b5:78:6d:54:36:d8:ce:43:f8:
b2:ff:8d:ff:44:d7:a9:a6:5e:22:19:d2:ef:b9:28:
7f:f0:9a:b0:49:e0:85:98:cd:03:82:04:27:17:75:
ed:3f:e9:87:81:78:0b:34:98:6c:7e:72:38:ce:77:
7b:81:3a:91:98:1e:2d:2e:d3:16:bd:15:3b:db:73:
4d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:95:A6:70:D5:45:B1:D8:D5:53:63:1D:72:CF:57:10:1B:0B:4C:75
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8b1405a5-9549-44fc-afdc-6049e116e7cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
24:79:da:cd:58:1d:7c:10:f0:1b:f9:56:ad:a2:09:b2:0b:b1:
f2:e1:9c:8c:66:74:30:59:93:e3:44:1d:fd:62:4a:5a:dd:95:
2d:c7:2e:41:19:e3:a0:e3:07:d8:e6:1f:ef:bc:db:e6:50:62:
43:06:e4:ea:ad:6b:2f:57:ca:3c:85:8f:dc:a5:f6:f5:04:49:
81:9c:8f:e3:5c:fc:a9:c6:fc:5b:b2:32:12:e0:df:e8:b1:e8:
da:3b:40:85:45:af:5c:ba:a4:ef:99:dd:a9:d5:01:27:a0:f8:
d6:65:a8:9f:20:0a:fa:a2:56:1e:18:e9:94:8c:ad:fd:ff:94:
97:1c:3f:91:76:e8:40:be:d9:c6:98:81:30:63:3d:ef:93:5b:
94:66:2b:01:a7:b5:56:4d:69:de:eb:36:b8:2e:2c:cf:f3:a2:
28:25:e5:11:26:f0:a6:f5:78:61:ee:22:22:f1:d1:f9:6e:ae:
d2:49:61:1f:16:54:91:9a:0a:11:fe:52:1d:03:f7:0c:e2:b7:
86:37:36:0c:f0:79:25:f7:ab:fa:71:6a:1c:f1:bb:39:e6:26:
b6:29:7e:e3:91:46:3a:23:2b:e2:4b:2d:98:29:fe:b6:98:f0:
28:0e:87:4b:fc:84:48:5b:b8:a3:61:d7:5d:54:d8:da:15:df:
25:53:b2:4f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMidkKgiNuEO6xiM9GcfPIEwh5xQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjAyMDAwMDAwWhcNMjUwMzA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MDYwYWU3M2M3OTc4MTg1MmRlNDc5YzJmYjExMWRhZmEw
OGUxMzJjMzI3YWU1YjYzNjg3ZGE0YmUxMGI1NDg3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSYLJnKP0fKbTbhLgqKcnHi4e2PIhVcuYWpvDbF6anboq3
+jhdZfqZaNhOLsz7gK03LYqH6WD5w8mS3f3W8Fc15ljX/0Px5E4ehc0xWQNlNn+A
1dDDdFCr2rOIFij5TBmL/o+6jGYwJALRbnuI2cablHQxCK4BqwpHEu7F+X6Q2Ed2
l1L38djG+hkNI8P2ZwQA8BXRrMOXhdDm5oJNuIvRD+CSlJO0FrFLZc7b6BY66ENW
p/pt0uZHa7V4bVQ22M5D+LL/jf9E16mmXiIZ0u+5KH/wmrBJ4IWYzQOCBCcXde0/
6YeBeAs0mGx+cjjOd3uBOpGYHi0u0xa9FTvbc03NAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxpWmcNVFsdjVU2Mdcs9XEBsLTHUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhiMTQwNWE1LTk1NDktNDRmYy1hZmRjLTYwNDllMTE2ZTdjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACR52s1YHXwQ8Bv5Vq2iCbILsfLh
nIxmdDBZk+NEHf1iSlrdlS3HLkEZ46DjB9jmH++82+ZQYkMG5Oqtay9XyjyFj9yl
9vUESYGcj+Nc/KnG/FuyMhLg3+ix6No7QIVFr1y6pO+Z3anVASeg+NZlqJ8gCvqi
Vh4Y6ZSMrf3/lJccP5F26EC+2caYgTBjPe+TW5RmKwGntVZNad7rNrguLM/zoigl
5REm8Kb1eGHuIiLx0flurtJJYR8WVJGaChH+Uh0D9wzit4Y3NgzweSX3q/pxahzx
uznmJrYpfuORRjojK+JLLZgp/raY8CgOh0v8hEhbuKNh111U2NoV3yVTsk8=
-----END CERTIFICATE-----
Generated at Fri May 9 05:05:23 2025 by rpki-client