Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/db483bf1-a47e-4e51-8d82-1774d53033ad.roa
File: db483bf1-a47e-4e51-8d82-1774d53033ad.roa (raw, json)
Hash identifier: hrjgZu+TNtjxdlCQYZykUIZqvDYPIUL7Ac/aR3jFAd0=
Subject key identifier: DF:FD:F0:2C:30:1A:6E:6D:0D:27:13:6E:0D:D7:31:D6:79:EE:42:69
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2DC43ABF504B809D0FFF6B0F5C2F32B05D0A18B8
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/db483bf1-a47e-4e51-8d82-1774d53033ad.roa
Signing time: Sun 04 Feb 2024 00:00:00 +0000
ROA not before: Sun 04 Feb 2024 00:00:00 +0000
ROA not after: Sun 10 Mar 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:c4:3a:bf:50:4b:80:9d:0f:ff:6b:0f:5c:2f:32:b0:5d:0a:18:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 4 00:00:00 2024 GMT
Not After : Mar 10 23:59:59 2024 GMT
Subject: serialNumber=df03dbc9b41d74d4a439f2ef7f075e6abe8bb6a51286005eb65e4389ff80b05d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:32:2a:f8:16:d3:e8:b5:b7:61:d6:4a:6a:1c:
b6:72:8c:da:d8:e9:e1:95:2a:0c:64:28:f2:34:1e:
ad:07:03:4b:48:a3:fc:24:78:9b:7c:56:41:32:25:
f0:0d:ac:3b:14:6e:86:2d:cf:3e:de:83:6a:76:60:
5e:a1:72:24:d1:ac:ff:67:29:8f:b7:b6:ce:25:18:
86:f8:30:f4:23:77:71:44:93:fb:85:7c:b1:64:8e:
46:a5:de:84:1b:00:fc:d7:77:54:34:bd:c0:41:91:
27:e4:67:f8:ed:73:80:21:5e:af:77:4f:90:f9:d4:
d7:a4:07:3c:4d:52:76:22:2c:b3:00:4e:ed:17:95:
7e:2b:eb:bb:dd:2b:b4:45:1b:9c:c9:f2:ff:64:65:
32:32:63:35:81:e8:7f:c4:c9:cf:fa:7c:1f:00:3e:
ac:6c:ed:14:80:70:8c:31:9e:25:71:8c:fa:0e:e6:
bd:44:8d:6b:97:c1:bb:b1:8b:70:bd:e9:a3:db:8f:
bf:bd:ad:c3:cc:75:f0:f4:e1:8c:33:41:53:9e:72:
13:ca:1c:2e:36:37:77:f4:49:96:39:90:48:70:ab:
32:02:15:8d:e8:b5:0f:17:45:7f:ba:c4:9f:2b:02:
d3:58:af:a7:0d:df:a6:af:a6:73:1f:bb:c5:09:53:
e4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FD:F0:2C:30:1A:6E:6D:0D:27:13:6E:0D:D7:31:D6:79:EE:42:69
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/db483bf1-a47e-4e51-8d82-1774d53033ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:94:54:9c:f4:de:99:fd:bd:0a:23:0f:93:54:14:69:39:a9:
4a:73:a1:fb:3c:a4:6d:0d:3d:88:d0:6f:6d:18:7f:76:08:35:
76:dc:1e:ee:16:b6:2d:25:f4:dd:29:b4:36:4e:24:ca:06:ef:
a9:37:56:be:8f:26:6a:4f:54:a9:33:b3:b8:b3:5d:23:07:63:
24:45:62:0d:46:69:dd:af:6e:ca:5b:db:81:ce:c5:c6:bc:fe:
88:95:12:e3:12:b1:4c:97:80:01:86:33:fb:fd:ff:48:16:87:
3f:6f:fe:3c:4f:f7:51:78:7b:b0:85:58:f2:10:67:58:f8:4e:
a6:d7:92:54:73:b6:8b:17:47:76:1b:8f:5c:c2:19:d1:1d:a9:
23:34:36:70:ad:00:8f:50:77:40:42:2a:18:3c:00:b6:9d:59:
fd:e8:72:83:41:f2:9f:16:be:79:7a:68:e9:94:c2:57:17:4f:
7a:9e:a9:bc:57:77:8c:46:07:c5:db:fb:e4:c1:d9:f1:62:e2:
9f:47:2c:ff:5f:7f:02:2e:78:27:9f:da:1f:44:fe:a8:72:24:
8f:10:22:2f:fe:68:f9:d2:c2:d7:a3:91:c3:56:2f:07:8e:9a:
24:d3:8e:f6:fd:07:80:47:46:f1:6e:a1:c8:c2:64:88:be:e3:
d0:c8:77:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULcQ6v1BLgJ0P/2sPXC8ysF0KGLgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMjA0MDAwMDAwWhcNMjQwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZjAzZGJjOWI0MWQ3NGQ0YTQzOWYyZWY3ZjA3NWU2YWJl
OGJiNmE1MTI4NjAwNWViNjVlNDM4OWZmODBiMDVkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDqMir4FtPotbdh1kpqHLZyjNrY6eGVKgxkKPI0Hq0HA0tI
o/wkeJt8VkEyJfANrDsUboYtzz7eg2p2YF6hciTRrP9nKY+3ts4lGIb4MPQjd3FE
k/uFfLFkjkal3oQbAPzXd1Q0vcBBkSfkZ/jtc4AhXq93T5D51NekBzxNUnYiLLMA
Tu0XlX4r67vdK7RFG5zJ8v9kZTIyYzWB6H/Eyc/6fB8APqxs7RSAcIwxniVxjPoO
5r1EjWuXwbuxi3C96aPbj7+9rcPMdfD04YwzQVOechPKHC42N3f0SZY5kEhwqzIC
FY3otQ8XRX+6xJ8rAtNYr6cN36avpnMfu8UJU+RdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3/3wLDAabm0NJxNuDdcx1nnuQmkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RiNDgzYmYxLWE0N2UtNGU1MS04ZDgyLTE3NzRkNTMwMzNhZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKmUVJz03pn9vQojD5NUFGk5qUpz
ofs8pG0NPYjQb20Yf3YINXbcHu4Wti0l9N0ptDZOJMoG76k3Vr6PJmpPVKkzs7iz
XSMHYyRFYg1Gad2vbspb24HOxca8/oiVEuMSsUyXgAGGM/v9/0gWhz9v/jxP91F4
e7CFWPIQZ1j4TqbXklRztosXR3Ybj1zCGdEdqSM0NnCtAI9Qd0BCKhg8ALadWf3o
coNB8p8Wvnl6aOmUwlcXT3qeqbxXd4xGB8Xb++TB2fFi4p9HLP9ffwIueCef2h9E
/qhyJI8QIi/+aPnSwtejkcNWLweOmiTTjvb9B4BHRvFuocjCZIi+49DId2k=
-----END CERTIFICATE-----
Generated at Tue May 6 18:43:18 2025 by rpki-client