Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/cce5b066-2f29-4c04-8f56-5cb9b3558765.roa
File: cce5b066-2f29-4c04-8f56-5cb9b3558765.roa (raw, json)
Hash identifier: vZZUuxLRqjXVSWbZ9XM72K07VS9MhvY1vE0Z2zZFp4A=
Subject key identifier: 7F:B8:D1:47:20:AC:4B:6E:29:25:76:6C:4D:72:43:54:7E:E6:67:E6
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 25D4E89A839FE65391BD70F28333AB3E2CC2AF65
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/cce5b066-2f29-4c04-8f56-5cb9b3558765.roa
Signing time: Sat 20 Jan 2024 00:00:00 +0000
ROA not before: Sat 20 Jan 2024 00:00:00 +0000
ROA not after: Sat 24 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d4:e8:9a:83:9f:e6:53:91:bd:70:f2:83:33:ab:3e:2c:c2:af:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 20 00:00:00 2024 GMT
Not After : Feb 24 23:59:59 2024 GMT
Subject: serialNumber=704e1452895e7c8c67abdc698d7e55b71e57f7ab7c8f76f4ba917040f812ec23, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e8:b1:95:bb:05:f9:ee:29:df:b2:e7:7d:25:
56:76:ec:94:63:e2:de:5b:35:fe:74:dd:dd:d1:0c:
3e:ce:96:c3:cf:b4:89:c6:61:34:09:88:c9:a5:14:
b2:78:2d:2f:1f:78:5a:2d:8b:e8:2d:2c:f3:92:d2:
68:09:83:c2:bd:76:cf:49:ff:2f:e4:4d:23:9a:e6:
b4:2d:ef:f0:2b:0b:73:69:0c:b6:1e:43:03:32:5c:
07:7c:8e:64:08:fd:0a:00:32:dc:84:54:46:68:ad:
a9:f4:a3:0b:1c:e6:fe:9a:c1:96:19:08:f6:39:64:
b1:20:74:22:48:c5:83:78:95:28:ff:d2:c7:dd:1b:
ec:cd:cf:18:ef:6e:5c:d3:0d:0a:df:5c:dd:2a:93:
68:fd:af:b0:4e:13:52:6a:7a:ba:a1:8f:18:e2:bb:
38:4e:ff:0e:98:fb:19:89:3c:f0:ff:29:eb:c6:a5:
2b:0c:27:ed:9e:9f:01:f3:8c:70:dc:75:62:a4:60:
b7:0a:f5:d7:65:0e:32:c5:4e:ad:a1:7f:64:60:36:
41:fa:7f:81:37:32:17:a8:03:68:c7:f7:02:cc:73:
91:4b:db:4a:ad:a3:41:1f:c6:01:fa:8f:59:20:52:
d7:8b:79:ae:fb:86:b4:f0:c2:ba:05:8b:30:5c:5c:
1d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B8:D1:47:20:AC:4B:6E:29:25:76:6C:4D:72:43:54:7E:E6:67:E6
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/cce5b066-2f29-4c04-8f56-5cb9b3558765.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
51:4f:29:28:ab:a4:05:3e:21:15:0d:bb:6b:75:56:67:42:ab:
3e:cf:5c:27:6e:5c:60:ca:a5:27:45:f8:70:0d:43:5b:6f:be:
fd:67:99:b8:d3:1a:48:cb:6a:18:ce:0a:b6:8a:20:7c:5a:a9:
84:ca:99:00:18:58:a2:7e:c4:aa:88:8b:d2:92:f8:8e:1e:80:
32:c7:d0:0f:cb:10:5c:f7:78:10:8c:eb:87:87:fc:bc:15:b0:
a7:99:52:eb:01:72:49:98:a7:92:b1:e7:7a:b4:e8:11:c6:22:
67:83:5e:ff:2d:be:22:d6:fb:c1:f3:78:a3:85:86:85:4f:13:
cc:8a:bb:c5:00:f0:d4:d4:53:f5:49:f1:ff:56:c8:79:d9:78:
90:b8:de:6a:ed:47:cb:11:e3:3b:6d:38:8d:da:09:47:6c:78:
24:64:f2:ec:31:03:db:97:93:38:63:25:6b:a4:7b:99:aa:b6:
09:7d:46:45:72:52:fd:7c:8f:a0:23:f6:ae:46:1e:25:3a:e0:
a4:22:cf:7c:e3:e5:3e:fa:bb:fb:4f:1c:fb:8d:15:4e:25:4b:
3e:b9:19:bc:74:f7:70:c4:12:c2:b8:00:d4:29:5e:b9:d5:fb:
98:15:67:b4:e8:ec:87:11:c9:1f:e7:b6:d6:68:00:e3:97:6c:
35:d0:b7:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJdTomoOf5lORvXDygzOrPizCr2UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTIwMDAwMDAwWhcNMjQwMjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDRlMTQ1Mjg5NWU3YzhjNjdhYmRjNjk4ZDdlNTViNzFl
NTdmN2FiN2M4Zjc2ZjRiYTkxNzA0MGY4MTJlYzIzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG6LGVuwX57infsud9JVZ27JRj4t5bNf503d3RDD7OlsPP
tInGYTQJiMmlFLJ4LS8feFoti+gtLPOS0mgJg8K9ds9J/y/kTSOa5rQt7/ArC3Np
DLYeQwMyXAd8jmQI/QoAMtyEVEZoran0owsc5v6awZYZCPY5ZLEgdCJIxYN4lSj/
0sfdG+zNzxjvblzTDQrfXN0qk2j9r7BOE1JqerqhjxjiuzhO/w6Y+xmJPPD/KevG
pSsMJ+2enwHzjHDcdWKkYLcK9ddlDjLFTq2hf2RgNkH6f4E3MheoA2jH9wLMc5FL
20qto0EfxgH6j1kgUteLea77hrTwwroFizBcXB0fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUf7jRRyCsS24pJXZsTXJDVH7mZ+YwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2NjZTViMDY2LTJmMjktNGMwNC04ZjU2LTVjYjliMzU1ODc2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFFPKSirpAU+IRUNu2t1VmdCqz7P
XCduXGDKpSdF+HANQ1tvvv1nmbjTGkjLahjOCraKIHxaqYTKmQAYWKJ+xKqIi9KS
+I4egDLH0A/LEFz3eBCM64eH/LwVsKeZUusBckmYp5Kx53q06BHGImeDXv8tviLW
+8HzeKOFhoVPE8yKu8UA8NTUU/VJ8f9WyHnZeJC43mrtR8sR4zttOI3aCUdseCRk
8uwxA9uXkzhjJWuke5mqtgl9RkVyUv18j6Aj9q5GHiU64KQiz3zj5T76u/tPHPuN
FU4lSz65Gbx093DEEsK4ANQpXrnV+5gVZ7To7IcRyR/nttZoAOOXbDXQt2Q=
-----END CERTIFICATE-----
Generated at Thu May 8 19:03:52 2025 by rpki-client