Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b2e9c561-1b08-4c98-812c-331be3e2c290.roa
File: b2e9c561-1b08-4c98-812c-331be3e2c290.roa (raw, json)
Hash identifier: BX8cFcee89uBti87okPymZXRpNbYhE6vXMrU4qrTlqA=
Subject key identifier: 53:5E:FA:6B:01:92:77:F7:D9:70:C6:AD:62:58:3F:1A:F2:F7:97:6C
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3042F9F893E8C186AB64928FF25ADF574502C0DB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b2e9c561-1b08-4c98-812c-331be3e2c290.roa
Signing time: Mon 03 Mar 2025 18:48:18 +0000
ROA not before: Mon 03 Mar 2025 18:48:18 +0000
ROA not after: Mon 07 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:42:f9:f8:93:e8:c1:86:ab:64:92:8f:f2:5a:df:57:45:02:c0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 3 18:48:18 2025 GMT
Not After : Apr 7 23:59:59 2025 GMT
Subject: serialNumber=b5065fdfa581e4fefcaae905f7a287b7e57a0a77d7c57ca73a68143d04b6507e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:04:3d:b7:17:82:82:32:c4:05:4a:8f:d4:9b:
b8:44:7b:c3:24:5b:3a:6f:57:01:01:af:4c:17:ee:
90:66:fe:86:28:e2:a2:d3:72:dc:00:7a:8e:c6:fc:
fc:1f:70:03:04:cf:6f:e2:88:b0:b9:c5:01:89:d1:
1e:bd:62:e6:ce:f9:c8:85:b8:6d:5b:31:a5:b3:07:
c8:51:05:16:c6:80:41:62:63:91:98:9a:af:bf:f9:
c2:4a:1b:60:06:f6:c7:12:e1:e2:99:83:4b:a8:58:
96:5a:00:a6:fa:6b:86:2c:b3:59:39:0a:55:3f:c0:
f1:3e:58:13:5c:af:84:ae:13:b9:e3:48:1e:e6:cb:
ed:f6:48:4c:dd:cf:ea:f9:a6:4d:49:00:3c:45:50:
16:00:b7:b8:a4:bd:a3:b1:3d:e4:f2:31:f5:a8:9a:
6b:5b:4a:42:f2:88:9d:11:56:17:2f:6d:ca:ae:e8:
b1:ad:48:45:76:b3:d8:52:c1:16:c8:5f:55:8e:b1:
cb:dd:2b:d6:ae:54:1e:b9:c0:5d:44:c7:b2:ab:d6:
5d:d5:65:e1:4c:3f:f4:11:91:ef:1c:ee:fb:37:6c:
c8:c6:dd:a0:71:f9:3e:45:f2:df:e9:96:10:a7:ff:
e7:88:56:0d:ee:ba:b4:d7:47:5e:55:17:24:52:72:
da:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5E:FA:6B:01:92:77:F7:D9:70:C6:AD:62:58:3F:1A:F2:F7:97:6C
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b2e9c561-1b08-4c98-812c-331be3e2c290.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:cb:90:98:4b:31:3b:72:5e:bd:33:12:10:a7:d5:fa:e4:b3:
f8:bf:8c:37:a4:78:e0:64:b7:e4:b2:52:cd:c9:dc:99:24:1a:
79:4c:4b:f9:4d:24:5e:89:e4:85:3c:62:70:21:29:2f:90:ac:
de:33:73:63:7a:e0:5e:66:84:1a:f4:5d:46:b8:9a:17:ad:f0:
fc:9f:b0:cf:71:11:87:ba:00:65:fe:f8:28:98:e7:b7:8e:be:
03:86:dd:e2:d6:48:15:01:eb:35:84:43:e9:8c:bb:b3:5c:8c:
ff:b6:93:b3:d8:06:c3:a8:4a:aa:00:d0:44:d2:63:33:7d:14:
ed:6f:9c:ca:dd:a5:85:f6:7b:63:e1:43:5d:b0:91:23:6d:04:
20:51:1c:3b:0a:b0:e1:e1:71:3a:05:74:37:cb:32:f6:f4:30:
0c:12:d0:8e:f2:1a:8a:f9:62:6d:78:32:6d:f3:25:e8:4b:9d:
ad:e8:23:54:18:ad:66:57:bf:cc:2b:85:68:aa:70:4f:f0:70:
10:19:d6:10:93:5a:9a:ea:07:2a:04:93:88:ea:f3:77:f0:fa:
87:a4:75:7c:b4:ef:23:ae:45:7b:7f:00:2f:35:9c:94:dc:32:
1d:44:a1:5b:19:c0:76:96:17:e5:ae:dc:09:a8:3c:69:a4:cb:
ba:0e:2e:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMEL5+JPowYarZJKP8lrfV0UCwNswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzAzMTg0ODE4WhcNMjUwNDA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNTA2NWZkZmE1ODFlNGZlZmNhYWU5MDVmN2EyODdiN2U1
N2EwYTc3ZDdjNTdjYTczYTY4MTQzZDA0YjY1MDdlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0BD23F4KCMsQFSo/Um7hEe8MkWzpvVwEBr0wX7pBm/oYo
4qLTctwAeo7G/PwfcAMEz2/iiLC5xQGJ0R69YubO+ciFuG1bMaWzB8hRBRbGgEFi
Y5GYmq+/+cJKG2AG9scS4eKZg0uoWJZaAKb6a4Yss1k5ClU/wPE+WBNcr4SuE7nj
SB7my+32SEzdz+r5pk1JADxFUBYAt7ikvaOxPeTyMfWommtbSkLyiJ0RVhcvbcqu
6LGtSEV2s9hSwRbIX1WOscvdK9auVB65wF1Ex7Kr1l3VZeFMP/QRke8c7vs3bMjG
3aBx+T5F8t/plhCn/+eIVg3uurTXR15VFyRSctqHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUU176awGSd/fZcMatYlg/GvL3l2wwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IyZTljNTYxLTFiMDgtNGM5OC04MTJjLTMzMWJlM2UyYzI5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALXLkJhLMTtyXr0zEhCn1frks/i/
jDekeOBkt+SyUs3J3JkkGnlMS/lNJF6J5IU8YnAhKS+QrN4zc2N64F5mhBr0XUa4
mhet8PyfsM9xEYe6AGX++CiY57eOvgOG3eLWSBUB6zWEQ+mMu7NcjP+2k7PYBsOo
SqoA0ETSYzN9FO1vnMrdpYX2e2PhQ12wkSNtBCBRHDsKsOHhcToFdDfLMvb0MAwS
0I7yGor5Ym14Mm3zJehLna3oI1QYrWZXv8wrhWiqcE/wcBAZ1hCTWprqByoEk4jq
83fw+oekdXy07yOuRXt/AC81nJTcMh1EoVsZwHaWF+Wu3AmoPGmky7oOLlg=
-----END CERTIFICATE-----
Generated at Tue May 6 23:28:13 2025 by rpki-client