Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b58cf5ca-abca-4119-8b35-8e5d16807551.roa
File: b58cf5ca-abca-4119-8b35-8e5d16807551.roa (raw, json)
Hash identifier: JsTfzAPsDtH2QjSabzlP+CfSAWmI13s6O3RQ4g/p5mg=
Subject key identifier: 37:6B:D9:95:51:CD:29:EF:EC:A0:71:4F:97:B3:B8:42:A5:78:9C:60
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 78CD13974FB3D770506D65B4BA6C0E711E41A6E1
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b58cf5ca-abca-4119-8b35-8e5d16807551.roa
Signing time: Sun 12 May 2024 00:00:00 +0000
ROA not before: Sun 12 May 2024 00:00:00 +0000
ROA not after: Sun 16 Jun 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:cd:13:97:4f:b3:d7:70:50:6d:65:b4:ba:6c:0e:71:1e:41:a6:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: May 12 00:00:00 2024 GMT
Not After : Jun 16 23:59:59 2024 GMT
Subject: serialNumber=58add55bd169e3dfa4d5cecabfbe7c443e079df923f346a0d17f2ddf0c74520f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ca:fd:4b:fd:cd:a0:80:42:14:ec:96:90:16:
b8:fd:c5:67:36:0b:bc:81:5c:77:2e:28:47:b3:7f:
ab:49:05:6b:f7:71:b7:18:36:a3:8b:70:37:0c:0c:
33:93:ca:2a:11:27:af:d9:93:48:c1:06:f8:c4:f4:
0d:c5:01:eb:08:65:45:46:3a:66:23:7a:00:ab:0e:
e9:a1:08:a5:de:3a:b6:48:4b:4d:fe:3e:7d:84:9e:
b0:7a:78:01:3b:62:6a:f2:6c:c8:98:a9:aa:1b:80:
fe:86:fe:30:3b:3d:04:d0:7f:31:35:55:37:66:7f:
bf:e0:c8:81:ef:46:a1:d3:73:7f:d7:8b:d6:07:17:
be:42:7d:51:33:62:93:83:18:fb:f3:ab:a7:7f:b0:
75:9f:48:20:0c:64:d8:4c:20:53:d7:09:1f:e7:6e:
dd:80:63:58:72:c5:f5:59:48:65:68:51:5e:e5:48:
b7:ec:fd:8f:51:7d:93:36:c4:3b:b5:42:d1:86:2e:
4b:39:21:bb:f1:ca:6d:b0:dc:7c:69:bb:48:04:da:
bf:f4:fa:e6:52:c7:e7:4d:1b:ee:d3:e9:cb:60:78:
3a:6b:30:2d:2f:ef:ec:89:43:a7:13:10:71:5e:44:
73:59:4b:8d:04:69:71:ca:38:95:10:98:47:6b:ae:
a4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6B:D9:95:51:CD:29:EF:EC:A0:71:4F:97:B3:B8:42:A5:78:9C:60
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b58cf5ca-abca-4119-8b35-8e5d16807551.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
76:2d:cf:a1:1b:1f:69:81:d8:93:24:60:31:d6:5f:26:4c:18:
4f:dc:37:7c:f3:61:53:8e:dd:f2:49:9a:fb:7b:6b:2e:7a:38:
12:ee:d1:1c:ee:3b:ac:9b:19:4c:0f:63:67:5e:a2:c3:5d:b2:
b7:13:f8:a0:14:fd:39:d6:7d:c7:d6:9c:fc:51:de:df:7f:7c:
ff:39:9f:cb:40:42:08:a3:0c:ab:1d:1e:5d:01:d8:0c:6b:ab:
5b:fe:c4:e8:f9:0c:e4:59:0d:54:e9:bf:e8:a7:b5:eb:eb:b0:
ac:bc:57:bf:2e:32:16:2e:8e:68:02:4a:7e:d2:16:9e:ec:fa:
2a:08:61:cb:ec:d2:5c:f9:3b:3a:02:ce:20:46:37:ec:4b:84:
52:9b:73:4e:98:e1:57:ec:6a:aa:97:65:41:da:36:c3:6a:29:
89:93:38:87:2f:83:83:96:9a:8d:1e:05:6d:bd:ba:0a:6b:28:
a7:08:e4:c6:4f:b0:68:0a:6a:f2:9f:46:12:06:1f:d0:20:ac:
60:d9:2b:6f:41:44:70:38:9e:8e:d7:74:0c:05:01:70:b6:1c:
d0:7c:ce:e1:d3:35:1b:bc:a5:20:42:27:36:1d:9a:0c:98:ff:
03:3b:35:79:65:02:b2:06:49:ee:df:74:96:ed:3a:03:79:aa:
7b:5b:19:fd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeM0Tl0+z13BQbWW0umwOcR5BpuEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTEyMDAwMDAwWhcNMjQwNjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1OGFkZDU1YmQxNjllM2RmYTRkNWNlY2FiZmJlN2M0NDNl
MDc5ZGY5MjNmMzQ2YTBkMTdmMmRkZjBjNzQ1MjBmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfyv1L/c2ggEIU7JaQFrj9xWc2C7yBXHcuKEezf6tJBWv3
cbcYNqOLcDcMDDOTyioRJ6/Zk0jBBvjE9A3FAesIZUVGOmYjegCrDumhCKXeOrZI
S03+Pn2EnrB6eAE7YmrybMiYqaobgP6G/jA7PQTQfzE1VTdmf7/gyIHvRqHTc3/X
i9YHF75CfVEzYpODGPvzq6d/sHWfSCAMZNhMIFPXCR/nbt2AY1hyxfVZSGVoUV7l
SLfs/Y9RfZM2xDu1QtGGLks5Ibvxym2w3Hxpu0gE2r/0+uZSx+dNG+7T6ctgeDpr
MC0v7+yJQ6cTEHFeRHNZS40EaXHKOJUQmEdrrqRHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUN2vZlVHNKe/soHFPl7O4QqV4nGAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I1OGNmNWNhLWFiY2EtNDExOS04YjM1LThlNWQxNjgwNzU1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHYtz6EbH2mB2JMkYDHWXyZMGE/c
N3zzYVOO3fJJmvt7ay56OBLu0RzuO6ybGUwPY2deosNdsrcT+KAU/TnWfcfWnPxR
3t9/fP85n8tAQgijDKsdHl0B2Axrq1v+xOj5DORZDVTpv+intevrsKy8V78uMhYu
jmgCSn7SFp7s+ioIYcvs0lz5OzoCziBGN+xLhFKbc06Y4VfsaqqXZUHaNsNqKYmT
OIcvg4OWmo0eBW29ugprKKcI5MZPsGgKavKfRhIGH9AgrGDZK29BRHA4no7XdAwF
AXC2HNB8zuHTNRu8pSBCJzYdmgyY/wM7NXllArIGSe7fdJbtOgN5qntbGf0=
-----END CERTIFICATE-----
Generated at Fri May 9 23:54:23 2025 by rpki-client