Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/cbc2cfa7-3a1a-4638-8eaa-122b9c776e4a.roa
File: cbc2cfa7-3a1a-4638-8eaa-122b9c776e4a.roa (raw, json)
Hash identifier: xLU2lpoD8gImaNAfquWzmzNKXNnOS2pAf68SZS7JSSM=
Subject key identifier: E3:15:88:03:DE:13:32:46:24:52:5B:E5:82:E8:76:98:42:28:05:22
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 045C327B005E637D98284B8DE3EF85BDA054350F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/cbc2cfa7-3a1a-4638-8eaa-122b9c776e4a.roa
Signing time: Tue 27 Jun 2023 00:00:00 +0000
ROA not before: Tue 27 Jun 2023 00:00:00 +0000
ROA not after: Tue 01 Aug 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:5c:32:7b:00:5e:63:7d:98:28:4b:8d:e3:ef:85:bd:a0:54:35:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 27 00:00:00 2023 GMT
Not After : Aug 1 23:59:59 2023 GMT
Subject: serialNumber=04035c49cad22ea760198ae89ab7c63607fcc56a9a9c892d84e00943b2201053, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4d:94:89:a6:02:21:c2:74:5d:be:30:c7:ec:
28:00:4f:ea:44:e3:c9:a2:81:25:c0:95:a7:ff:c1:
73:42:c0:63:73:45:4e:6a:84:52:11:0c:24:64:39:
63:10:af:0b:e1:db:09:44:34:00:8a:b1:a2:0d:03:
79:06:6b:83:c6:85:7b:34:46:04:d4:c5:ca:65:a8:
2a:fb:b9:f5:b1:c1:54:ae:90:05:c2:ba:9b:70:39:
8a:2f:90:fd:71:0a:b0:5a:c5:e2:5b:74:3e:79:97:
b0:46:ee:96:d4:e0:92:29:66:c8:bf:ce:fe:68:64:
f7:06:6f:ab:ef:ca:f5:86:66:11:75:5a:6a:52:19:
28:7b:4c:90:e3:4a:cb:c5:bc:10:3a:cb:83:b7:9d:
a2:b2:49:09:b7:a0:33:85:97:1f:0e:33:fc:44:dd:
ec:54:22:a3:25:ff:84:f1:40:00:7d:a9:bb:16:db:
0b:ab:84:f9:48:7f:73:ed:08:1d:bf:f0:1d:86:1d:
ca:ef:05:69:fe:79:4f:a5:f5:e5:b4:f2:f3:dd:53:
9a:64:55:7c:2f:5a:5a:6b:ac:ab:25:40:22:0e:ab:
e6:ec:ae:f3:28:d4:ee:c2:c2:5e:82:9b:73:e9:eb:
c7:c9:b0:c1:a8:8b:9b:56:e4:e0:be:35:8d:a3:ec:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:15:88:03:DE:13:32:46:24:52:5B:E5:82:E8:76:98:42:28:05:22
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/cbc2cfa7-3a1a-4638-8eaa-122b9c776e4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ab:ad:49:1b:29:32:e0:82:05:24:de:ce:db:1a:92:32:03:
95:3a:60:cb:70:83:7a:93:3c:eb:cf:b7:d5:c9:03:da:c3:20:
dd:9c:48:a7:67:b3:a2:8a:a7:90:85:1e:9c:13:e0:fe:9b:a3:
fb:4c:ad:18:b8:6b:fd:4b:3f:91:58:62:1b:8a:24:fd:f6:65:
3f:5e:ee:a2:d7:05:83:a1:70:ad:6d:aa:d8:ba:92:7a:22:4c:
bc:28:ac:44:df:b8:b2:89:91:50:e8:70:de:ce:aa:d5:c5:d2:
62:fe:5b:64:2b:ea:10:69:2e:7e:6c:c2:7e:57:4e:13:67:f9:
b0:64:95:5d:c1:ef:7b:07:49:08:da:d0:01:90:7f:48:c9:dd:
c0:1f:de:20:f0:2a:a1:95:40:ff:b9:0d:af:45:36:5b:ad:fa:
61:85:23:0f:24:5f:48:0f:d9:26:87:52:13:49:e4:8f:e9:3d:
a4:be:d0:f2:ee:02:e2:68:a4:9a:3c:d0:05:f9:ee:50:ff:f7:
fd:40:6c:e1:43:34:5d:07:68:bb:22:b5:94:0b:74:b9:b0:d2:
f0:17:a4:e9:a7:40:90:f4:95:80:f7:b1:8f:d5:65:76:11:c2:
b6:50:f9:ee:ca:64:c5:dd:12:83:1c:94:83:e3:a0:2e:3e:f5:
0a:98:d3:20
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBFwyewBeY32YKEuN4++FvaBUNQ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjI3MDAwMDAwWhcNMjMwODAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDAzNWM0OWNhZDIyZWE3NjAxOThhZTg5YWI3YzYzNjA3
ZmNjNTZhOWE5Yzg5MmQ4NGUwMDk0M2IyMjAxMDUzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDjTZSJpgIhwnRdvjDH7CgAT+pE48migSXAlaf/wXNCwGNz
RU5qhFIRDCRkOWMQrwvh2wlENACKsaINA3kGa4PGhXs0RgTUxcplqCr7ufWxwVSu
kAXCuptwOYovkP1xCrBaxeJbdD55l7BG7pbU4JIpZsi/zv5oZPcGb6vvyvWGZhF1
WmpSGSh7TJDjSsvFvBA6y4O3naKySQm3oDOFlx8OM/xE3exUIqMl/4TxQAB9qbsW
2wurhPlIf3PtCB2/8B2GHcrvBWn+eU+l9eW08vPdU5pkVXwvWlprrKslQCIOq+bs
rvMo1O7Cwl6Cm3Pp68fJsMGoi5tW5OC+NY2j7MLZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4xWIA94TMkYkUlvlguh2mEIoBSIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2NiYzJjZmE3LTNhMWEtNDYzOC04ZWFhLTEyMmI5Yzc3NmU0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFCrrUkbKTLgggUk3s7bGpIyA5U6
YMtwg3qTPOvPt9XJA9rDIN2cSKdns6KKp5CFHpwT4P6bo/tMrRi4a/1LP5FYYhuK
JP32ZT9e7qLXBYOhcK1tqti6knoiTLworETfuLKJkVDocN7OqtXF0mL+W2Qr6hBp
Ln5swn5XThNn+bBklV3B73sHSQja0AGQf0jJ3cAf3iDwKqGVQP+5Da9FNlut+mGF
Iw8kX0gP2SaHUhNJ5I/pPaS+0PLuAuJopJo80AX57lD/9/1AbOFDNF0HaLsitZQL
dLmw0vAXpOmnQJD0lYD3sY/VZXYRwrZQ+e7KZMXdEoMclIPjoC4+9QqY0yA=
-----END CERTIFICATE-----
Generated at Wed May 7 04:19:18 2025 by rpki-client