Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c5baf00d-b91d-4780-992a-0c4123bb7d46.roa
File: c5baf00d-b91d-4780-992a-0c4123bb7d46.roa (raw, json)
Hash identifier: ZpM6GfkmPsWpWHTl9bynv+/zGn7gIPDarmzzENmJTsU=
Subject key identifier: D6:60:AE:3D:AA:41:F2:EC:49:7F:23:AC:80:5E:08:E0:0E:4C:EF:80
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 498875FF52D5A14F0066E2D979E6069707D12D79
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c5baf00d-b91d-4780-992a-0c4123bb7d46.roa
Signing time: Sun 07 Jan 2024 00:00:00 +0000
ROA not before: Sun 07 Jan 2024 00:00:00 +0000
ROA not after: Sun 11 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:88:75:ff:52:d5:a1:4f:00:66:e2:d9:79:e6:06:97:07:d1:2d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 7 00:00:00 2024 GMT
Not After : Feb 11 23:59:59 2024 GMT
Subject: serialNumber=9665ce29db7ee9b03984b9ed290bfc7bcfc780718451da1c25bbc82d2189f732, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cb:f9:72:d6:b0:ff:6c:93:95:59:b0:9e:6e:
00:2f:19:68:87:81:d2:66:56:37:3e:db:2b:51:ce:
58:ec:58:4a:4a:39:31:64:3e:d3:f9:c7:f8:03:3c:
22:94:a9:f7:c1:fc:af:7d:5e:7b:a2:dc:25:54:e9:
9c:e4:33:cb:02:21:4c:7c:32:d1:6f:3a:1f:74:e1:
c9:50:d7:58:02:be:7e:f1:38:9d:de:a0:5b:ba:7b:
c4:f6:93:ad:d9:c3:64:a0:97:18:51:0f:26:c2:1d:
e8:6b:a9:00:f6:8b:ee:76:c2:94:29:d9:88:65:7d:
e8:23:66:d2:9c:f2:51:fe:6c:c7:f8:d9:85:e9:29:
d0:d1:9c:d9:4e:00:79:bd:67:d0:fb:28:93:05:6d:
88:62:9f:be:96:9e:b5:ff:bc:ec:e7:64:7f:8e:30:
36:50:fe:79:98:52:22:ac:bc:a4:92:ff:94:ae:28:
b0:62:42:5b:3f:fa:35:0b:ed:1c:41:d0:b1:12:24:
38:4c:20:4e:44:27:4f:3f:24:3e:52:7b:2f:e4:62:
e7:78:77:01:f1:42:28:96:ee:77:f7:86:c4:91:0c:
a6:40:5c:85:61:7f:48:f7:be:b5:0a:9e:77:fa:82:
bd:ae:39:71:29:b7:fa:16:4b:ee:d9:ec:2e:db:10:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:60:AE:3D:AA:41:F2:EC:49:7F:23:AC:80:5E:08:E0:0E:4C:EF:80
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c5baf00d-b91d-4780-992a-0c4123bb7d46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:8c:26:5f:06:8e:dc:b5:fd:bc:6c:12:81:36:9f:66:1d:76:
76:87:56:28:e6:9b:7b:fc:c6:bc:2f:ba:ec:3a:94:ac:9f:2b:
ce:b5:6d:a0:93:2c:fe:73:cd:64:d5:20:16:e0:a4:f7:e9:a7:
bb:23:9f:01:03:39:a7:1d:2a:e3:4a:2c:24:5e:40:bb:3c:c7:
e1:a8:49:a5:15:06:03:7a:81:5b:d6:87:a2:03:29:55:36:2e:
9c:36:21:65:aa:65:c4:d4:39:aa:d0:93:40:ff:27:b3:2c:bf:
8e:01:67:6a:b5:f6:dc:c9:ab:ad:c6:95:e8:98:7b:bd:96:f1:
ec:1a:50:c5:9a:dd:7f:71:34:25:1c:b0:54:ec:0d:19:86:4e:
cd:67:97:23:af:ac:fe:0a:08:20:89:7e:00:ab:82:03:fb:cf:
b7:44:54:d1:55:55:32:6c:d1:56:06:0e:6b:46:37:ae:d6:d1:
46:ee:b4:98:2a:28:69:c9:24:e7:46:09:0e:1a:f3:e2:31:d0:
1d:8a:e0:bd:07:44:e6:28:34:69:a0:64:85:ed:16:9d:31:d4:
29:86:da:da:1f:3b:7a:44:ad:06:37:85:91:cc:be:98:43:9c:
8f:82:b0:02:6a:77:7a:56:3f:c8:7e:c6:1e:1f:84:4e:54:e5:
9c:11:78:c9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSYh1/1LVoU8AZuLZeeYGlwfRLXkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTA3MDAwMDAwWhcNMjQwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NjY1Y2UyOWRiN2VlOWIwMzk4NGI5ZWQyOTBiZmM3YmNm
Yzc4MDcxODQ1MWRhMWMyNWJiYzgyZDIxODlmNzMyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3y/ly1rD/bJOVWbCebgAvGWiHgdJmVjc+2ytRzljsWEpK
OTFkPtP5x/gDPCKUqffB/K99Xnui3CVU6ZzkM8sCIUx8MtFvOh904clQ11gCvn7x
OJ3eoFu6e8T2k63Zw2SglxhRDybCHehrqQD2i+52wpQp2YhlfegjZtKc8lH+bMf4
2YXpKdDRnNlOAHm9Z9D7KJMFbYhin76WnrX/vOznZH+OMDZQ/nmYUiKsvKSS/5Su
KLBiQls/+jUL7RxB0LESJDhMIE5EJ08/JD5Sey/kYud4dwHxQiiW7nf3hsSRDKZA
XIVhf0j3vrUKnnf6gr2uOXEpt/oWS+7Z7C7bEFCvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1mCuPapB8uxJfyOsgF4I4A5M74AwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2M1YmFmMDBkLWI5MWQtNDc4MC05OTJhLTBjNDEyM2JiN2Q0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKKMJl8Gjty1/bxsEoE2n2YddnaH
Vijmm3v8xrwvuuw6lKyfK861baCTLP5zzWTVIBbgpPfpp7sjnwEDOacdKuNKLCRe
QLs8x+GoSaUVBgN6gVvWh6IDKVU2Lpw2IWWqZcTUOarQk0D/J7Msv44BZ2q19tzJ
q63GleiYe72W8ewaUMWa3X9xNCUcsFTsDRmGTs1nlyOvrP4KCCCJfgCrggP7z7dE
VNFVVTJs0VYGDmtGN67W0UbutJgqKGnJJOdGCQ4a8+Ix0B2K4L0HROYoNGmgZIXt
Fp0x1CmG2tofO3pErQY3hZHMvphDnI+CsAJqd3pWP8h+xh4fhE5U5ZwReMk=
-----END CERTIFICATE-----
Generated at Tue May 6 18:33:48 2025 by rpki-client