Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d34ad6cf-ee87-4e51-a685-1634ee9cd39b.roa
File: d34ad6cf-ee87-4e51-a685-1634ee9cd39b.roa (raw, json)
Hash identifier: +P792Lhhb0tYLOrYXaJB0VRV2O7rwj5+XiebIp58Do4=
Subject key identifier: B5:F2:94:8A:24:C7:62:0E:D4:22:26:EF:80:E2:0E:76:C9:5F:FD:D2
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5E2012C5F1E96848EEB7D5B101D6A20D3272FD3D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d34ad6cf-ee87-4e51-a685-1634ee9cd39b.roa
Signing time: Sat 08 Jun 2024 00:00:00 +0000
ROA not before: Sat 08 Jun 2024 00:00:00 +0000
ROA not after: Sat 13 Jul 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:20:12:c5:f1:e9:68:48:ee:b7:d5:b1:01:d6:a2:0d:32:72:fd:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 8 00:00:00 2024 GMT
Not After : Jul 13 23:59:59 2024 GMT
Subject: serialNumber=00a890fc5602ad21c4d752f7af565537df5038a0cdea663a88a36fd59345d94b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:00:8d:95:89:33:8e:21:c6:fe:06:94:ac:20:
0a:6f:2f:fb:bc:ec:cb:4a:9d:ac:77:d4:77:9e:52:
0f:96:ff:1d:c0:db:ae:a3:82:49:e8:2e:22:8c:fa:
aa:13:f7:f1:cb:32:b8:05:ed:44:fb:1a:68:63:50:
4a:84:5d:32:cc:ff:98:d8:61:72:50:c5:f7:01:c6:
8c:7f:6b:a7:6a:ec:b2:8c:85:10:cc:63:0e:c5:96:
45:3e:c7:7b:e7:45:2f:29:84:18:fa:82:57:d5:74:
c7:fd:c7:55:2b:e4:58:5e:3b:c8:9e:31:98:f6:2f:
d3:a9:f0:f4:be:12:8b:e6:d5:ad:19:19:91:9b:12:
f8:8d:d1:a9:6e:52:f7:1c:be:d1:a0:20:6f:06:1b:
92:d6:c0:34:9f:65:f9:bf:db:e3:f1:c3:1e:28:fa:
11:18:0e:40:51:2a:26:e6:19:5f:a3:eb:64:24:49:
58:ac:a2:75:8d:f1:ed:5a:91:b6:5d:7e:43:ff:e1:
f3:28:21:20:0c:04:3b:c9:4d:2a:34:2a:09:1e:6c:
8c:74:b1:f1:8f:92:42:28:63:bc:3e:d7:3f:9b:7a:
a7:5a:f2:7e:3d:a3:72:b6:22:3e:41:e3:bb:e6:9e:
f0:4a:b8:f5:15:b0:ed:dd:00:18:3b:95:dd:75:a8:
2b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F2:94:8A:24:C7:62:0E:D4:22:26:EF:80:E2:0E:76:C9:5F:FD:D2
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d34ad6cf-ee87-4e51-a685-1634ee9cd39b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c4:a0:3a:15:7c:68:67:c9:ae:2e:1b:fb:02:aa:a4:21:79:
8d:d9:ad:65:f6:8d:aa:54:93:e1:a7:51:c8:74:22:65:e6:0e:
e8:9c:48:f2:f1:74:fe:78:25:ee:ee:98:ee:cc:59:5b:0f:41:
a2:17:9a:2b:09:1b:d9:a1:1e:3e:ef:c0:21:61:92:0a:9a:16:
e0:9a:81:06:f3:a6:2d:01:a9:1b:8f:de:88:02:14:7e:51:6c:
94:8e:91:97:c9:79:3b:7b:fb:34:5c:73:90:85:81:d2:b7:c4:
37:c3:83:2f:60:a1:2f:94:4f:b5:f8:01:70:1c:29:6f:f5:8f:
6c:2d:04:3f:6c:09:c9:aa:97:43:d0:14:5b:5f:f8:97:53:33:
40:f4:90:4a:30:c1:1a:a6:14:01:0f:1c:fd:da:f2:0e:ac:ae:
0b:2c:ad:90:f6:40:e3:5f:84:ec:62:91:20:e3:ac:5b:0c:7c:
3c:47:02:1e:46:71:ec:45:dc:c6:64:92:fa:05:fe:a7:50:67:
db:bf:d9:1a:cd:15:94:84:52:13:ff:1a:6b:23:68:6a:a6:70:
cb:b4:4f:cd:b9:f0:af:dd:41:6c:80:0d:4a:ea:5f:af:89:63:
8a:49:15:34:e7:ee:bb:17:3c:f8:10:d9:3e:de:10:77:d9:b5:
7b:61:88:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXiASxfHpaEjut9WxAdaiDTJy/T0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjA4MDAwMDAwWhcNMjQwNzEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMGE4OTBmYzU2MDJhZDIxYzRkNzUyZjdhZjU2NTUzN2Rm
NTAzOGEwY2RlYTY2M2E4OGEzNmZkNTkzNDVkOTRiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjAI2ViTOOIcb+BpSsIApvL/u87MtKnax31HeeUg+W/x3A
266jgknoLiKM+qoT9/HLMrgF7UT7GmhjUEqEXTLM/5jYYXJQxfcBxox/a6dq7LKM
hRDMYw7FlkU+x3vnRS8phBj6glfVdMf9x1Ur5FheO8ieMZj2L9Op8PS+Eovm1a0Z
GZGbEviN0aluUvccvtGgIG8GG5LWwDSfZfm/2+Pxwx4o+hEYDkBRKibmGV+j62Qk
SVisonWN8e1akbZdfkP/4fMoISAMBDvJTSo0KgkebIx0sfGPkkIoY7w+1z+beqda
8n49o3K2Ij5B47vmnvBKuPUVsO3dABg7ld11qCtnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtfKUiiTHYg7UIibvgOIOdslf/dIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2QzNGFkNmNmLWVlODctNGU1MS1hNjg1LTE2MzRlZTljZDM5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFDEoDoVfGhnya4uG/sCqqQheY3Z
rWX2japUk+GnUch0ImXmDuicSPLxdP54Je7umO7MWVsPQaIXmisJG9mhHj7vwCFh
kgqaFuCagQbzpi0BqRuP3ogCFH5RbJSOkZfJeTt7+zRcc5CFgdK3xDfDgy9goS+U
T7X4AXAcKW/1j2wtBD9sCcmql0PQFFtf+JdTM0D0kEowwRqmFAEPHP3a8g6srgss
rZD2QONfhOxikSDjrFsMfDxHAh5GcexF3MZkkvoF/qdQZ9u/2RrNFZSEUhP/Gmsj
aGqmcMu0T8258K/dQWyADUrqX6+JY4pJFTTn7rsXPPgQ2T7eEHfZtXthiIE=
-----END CERTIFICATE-----
Generated at Tue May 6 07:58:19 2025 by rpki-client