Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ab70c730-c9e3-433f-9874-6c6317e65e66.roa
File: ab70c730-c9e3-433f-9874-6c6317e65e66.roa (raw, json)
Hash identifier: wb6istD86kc+9yQ/or6LKM5h0fTgaIZGiQ0296Go0ic=
Subject key identifier: E1:8E:52:C7:56:20:95:2A:0B:64:6D:F6:06:7E:7F:D6:C8:BE:E2:4E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 14DFD39B63B8936147153CBE9AF8D79AD46F2040
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ab70c730-c9e3-433f-9874-6c6317e65e66.roa
Signing time: Mon 08 Jan 2024 00:00:00 +0000
ROA not before: Mon 08 Jan 2024 00:00:00 +0000
ROA not after: Mon 12 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:df:d3:9b:63:b8:93:61:47:15:3c:be:9a:f8:d7:9a:d4:6f:20:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 8 00:00:00 2024 GMT
Not After : Feb 12 23:59:59 2024 GMT
Subject: serialNumber=e5ec48b45f10c88edcc49692b29fb722de1e6965436b0fb04fa9d4bc1a4d1719, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d1:90:da:3b:e2:72:5f:b8:c0:45:f2:5f:59:
3a:ae:80:6e:a1:f3:0e:3e:76:c9:99:3a:62:2f:e6:
06:91:34:dd:a6:ad:1c:bf:df:e9:a6:99:d1:e7:78:
31:96:43:8f:4d:69:1f:74:51:25:cb:3d:59:0b:51:
a1:1f:e4:a5:ba:c3:16:7e:80:87:75:a3:36:1b:bc:
b8:25:2d:8f:35:80:65:c5:8b:3d:41:b7:e0:ad:8f:
95:90:e2:ce:f1:39:04:b8:b8:06:e7:1f:91:d9:17:
f5:fd:7d:05:7a:a8:65:c0:72:e4:09:02:38:b5:53:
f0:1b:17:7b:0d:60:ef:5b:10:46:f7:39:f0:05:61:
e6:cc:dd:54:52:a5:e6:54:1e:c6:5b:e7:c1:5a:3f:
21:94:ae:46:b3:ae:cf:13:06:91:ef:02:5a:d7:51:
0c:28:ae:e7:48:e8:51:58:e1:b7:d3:a7:6a:95:52:
35:c0:a9:a9:d5:8d:ef:2f:b0:e2:da:7a:01:1f:2d:
82:0c:1c:20:ff:55:99:cf:09:9f:9b:e0:3f:4b:d6:
10:cd:be:9a:a6:10:0d:0b:de:91:b4:1a:42:a5:ca:
81:8e:72:01:e3:8c:dc:c1:a1:d9:e6:5a:f4:fa:ea:
71:14:25:e5:01:7b:95:21:40:99:af:b0:ee:4f:4e:
a2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8E:52:C7:56:20:95:2A:0B:64:6D:F6:06:7E:7F:D6:C8:BE:E2:4E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ab70c730-c9e3-433f-9874-6c6317e65e66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
21:5d:33:fa:00:01:80:a7:2f:e1:8b:7c:f5:df:c2:40:ee:91:
63:29:24:7a:f4:3f:bd:42:98:e4:b3:c2:12:0f:77:75:63:a3:
9f:74:5c:c2:e8:17:f0:a9:f6:aa:df:66:ac:1d:18:16:17:16:
89:7b:65:c2:7e:ea:10:80:67:d3:8c:51:09:e5:2f:5b:18:f1:
7a:ab:45:54:35:de:72:62:73:a6:f9:95:24:65:4d:0c:fd:9f:
6c:5a:99:b2:de:67:ca:7e:7f:65:65:9e:8b:11:b5:62:ae:32:
89:e6:ad:7f:25:04:ce:52:2b:54:83:b5:73:ff:21:c4:6f:50:
26:1e:d1:db:05:f7:25:d7:39:00:76:f1:f0:6e:80:e7:85:bf:
8f:c1:98:2c:cd:f0:b5:49:4a:ab:3c:02:73:3c:39:01:a9:6c:
34:c6:e3:dc:43:53:1a:a7:63:25:de:b0:65:c5:c5:4f:e2:13:
c9:2f:94:68:f8:d8:d3:0f:b4:e8:c7:1d:65:4b:35:ba:67:10:
0d:74:ee:d9:bc:c9:2f:98:14:13:05:d0:3d:bd:b4:df:24:03:
21:ad:5f:52:56:17:0f:d6:ca:71:2e:f0:d1:77:9e:3e:de:ff:
f8:ce:ec:c5:04:da:18:9e:23:e1:4b:4a:8a:ba:3f:17:24:31:
4e:1f:18:20
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFN/Tm2O4k2FHFTy+mvjXmtRvIEAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTA4MDAwMDAwWhcNMjQwMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNWVjNDhiNDVmMTBjODhlZGNjNDk2OTJiMjlmYjcyMmRl
MWU2OTY1NDM2YjBmYjA0ZmE5ZDRiYzFhNGQxNzE5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr0ZDaO+JyX7jARfJfWTqugG6h8w4+dsmZOmIv5gaRNN2m
rRy/3+mmmdHneDGWQ49NaR90USXLPVkLUaEf5KW6wxZ+gId1ozYbvLglLY81gGXF
iz1Bt+Ctj5WQ4s7xOQS4uAbnH5HZF/X9fQV6qGXAcuQJAji1U/AbF3sNYO9bEEb3
OfAFYebM3VRSpeZUHsZb58FaPyGUrkazrs8TBpHvAlrXUQworudI6FFY4bfTp2qV
UjXAqanVje8vsOLaegEfLYIMHCD/VZnPCZ+b4D9L1hDNvpqmEA0L3pG0GkKlyoGO
cgHjjNzBodnmWvT66nEUJeUBe5UhQJmvsO5PTqJzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4Y5Sx1YglSoLZG32Bn5/1si+4k4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FiNzBjNzMwLWM5ZTMtNDMzZi05ODc0LTZjNjMxN2U2NWU2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACFdM/oAAYCnL+GLfPXfwkDukWMp
JHr0P71CmOSzwhIPd3Vjo590XMLoF/Cp9qrfZqwdGBYXFol7ZcJ+6hCAZ9OMUQnl
L1sY8XqrRVQ13nJic6b5lSRlTQz9n2xambLeZ8p+f2VlnosRtWKuMonmrX8lBM5S
K1SDtXP/IcRvUCYe0dsF9yXXOQB28fBugOeFv4/BmCzN8LVJSqs8AnM8OQGpbDTG
49xDUxqnYyXesGXFxU/iE8kvlGj42NMPtOjHHWVLNbpnEA107tm8yS+YFBMF0D29
tN8kAyGtX1JWFw/WynEu8NF3nj7e//jO7MUE2hieI+FLSoq6PxckMU4fGCA=
-----END CERTIFICATE-----
Generated at Tue May 6 08:03:26 2025 by rpki-client