Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e670bae1-cb51-4e2c-8184-7ca72f99a9df.roa
File: e670bae1-cb51-4e2c-8184-7ca72f99a9df.roa (raw, json)
Hash identifier: pqMVbFAJXDyZeQbkmJudLaA0Zh2R3q+/UHe7NZNFz+A=
Subject key identifier: 4F:3F:AC:AB:96:31:D4:B1:C7:BB:FF:DC:D0:26:86:91:62:C2:9F:A3
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 55C052B6020A31AB91367947272161A687315DEF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e670bae1-cb51-4e2c-8184-7ca72f99a9df.roa
Signing time: Fri 23 Jun 2023 00:00:00 +0000
ROA not before: Fri 23 Jun 2023 00:00:00 +0000
ROA not after: Fri 28 Jul 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c0:52:b6:02:0a:31:ab:91:36:79:47:27:21:61:a6:87:31:5d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 23 00:00:00 2023 GMT
Not After : Jul 28 23:59:59 2023 GMT
Subject: serialNumber=323aa5229a9ffe0de01689c0c244891e5cfe6fcea01c0e54b41af065ddf07ce8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e0:6c:58:b6:7b:8c:cb:34:9b:a4:5e:0d:3e:
12:39:85:34:55:9d:1e:51:cc:ec:92:7b:0f:5e:19:
a6:fb:86:29:98:dc:12:09:1d:a0:0a:2f:e3:ce:ed:
77:66:02:a4:ba:dd:3d:9c:1a:55:e6:fa:e6:c6:de:
85:29:21:8d:d3:b1:a6:bb:66:29:1a:89:f3:37:1f:
dc:49:57:e1:b6:dd:f3:31:87:c9:34:2d:43:33:f9:
04:c9:ce:5b:e4:35:fe:ca:61:97:f3:73:ca:6f:77:
17:fc:8d:6e:49:e7:c2:c3:b6:20:2d:ec:28:a7:ef:
da:2c:74:54:10:f1:ea:bb:c0:f1:ec:7d:cb:cd:bb:
fc:db:68:89:95:af:ac:dd:59:b7:90:e4:de:ec:1d:
55:b3:a6:98:a0:79:e2:9d:7a:96:c7:5b:e8:12:b1:
60:13:10:fe:26:81:19:c0:f9:4b:b3:37:26:d4:c6:
dd:d1:69:b3:0a:fb:42:55:1c:eb:6b:67:f8:73:92:
e3:71:90:9a:e0:82:46:09:fe:df:d7:15:94:49:58:
b1:4c:fd:a9:01:8b:c9:c6:88:b5:84:ef:1b:0e:49:
84:ad:1a:21:ed:0e:3e:3f:b7:1b:c8:f8:2c:e2:26:
f7:4d:3e:1d:9e:9a:9d:12:2b:f2:79:52:1d:f4:9c:
02:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3F:AC:AB:96:31:D4:B1:C7:BB:FF:DC:D0:26:86:91:62:C2:9F:A3
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e670bae1-cb51-4e2c-8184-7ca72f99a9df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
09:0d:6c:8c:8f:dd:ba:3e:05:a9:a5:a9:26:d1:93:20:05:81:
12:5c:dc:f9:06:c7:19:cc:2e:51:f3:d7:c4:2b:dd:f4:39:28:
6b:50:c2:91:53:53:ab:92:7b:e6:09:67:d7:7e:9e:f9:35:61:
06:8c:98:84:c0:09:9f:66:3d:9a:af:ab:a0:eb:5b:02:12:79:
20:50:b9:23:0f:86:0f:3d:99:7f:cc:44:45:16:61:1c:eb:ee:
b3:0e:3d:65:d0:46:ab:3b:f9:31:e7:c1:b8:6a:13:6f:d2:05:
21:51:d9:c7:28:25:50:fc:8a:3f:c6:fd:1d:87:25:cc:3d:d7:
0e:d3:24:6f:8b:79:f7:90:99:07:91:53:ee:5b:8a:e1:30:16:
fb:9f:a4:2f:8b:b0:92:61:70:3d:11:1f:67:ba:f5:31:0b:54:
b2:bf:c4:5f:46:e6:40:fb:e8:25:c1:2e:7a:2e:33:d9:27:c4:
af:25:3a:9c:59:77:31:a9:0f:53:68:f8:6e:9f:46:19:53:d0:
ec:fd:08:4d:03:c5:5f:30:e8:66:55:50:bf:1c:69:f2:bf:e6:
14:aa:ab:f3:a8:40:42:64:28:32:af:1e:20:73:d5:cd:c1:5c:
4c:ff:61:51:ba:09:b3:70:e2:56:53:53:f0:01:fe:5e:bf:bb:
fe:55:f1:b5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVcBStgIKMauRNnlHJyFhpocxXe8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjIzMDAwMDAwWhcNMjMwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjNhYTUyMjlhOWZmZTBkZTAxNjg5YzBjMjQ0ODkxZTVj
ZmU2ZmNlYTAxYzBlNTRiNDFhZjA2NWRkZjA3Y2U4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDD4GxYtnuMyzSbpF4NPhI5hTRVnR5RzOySew9eGab7himY
3BIJHaAKL+PO7XdmAqS63T2cGlXm+ubG3oUpIY3Tsaa7ZikaifM3H9xJV+G23fMx
h8k0LUMz+QTJzlvkNf7KYZfzc8pvdxf8jW5J58LDtiAt7Cin79osdFQQ8eq7wPHs
fcvNu/zbaImVr6zdWbeQ5N7sHVWzppigeeKdepbHW+gSsWATEP4mgRnA+UuzNybU
xt3RabMK+0JVHOtrZ/hzkuNxkJrggkYJ/t/XFZRJWLFM/akBi8nGiLWE7xsOSYSt
GiHtDj4/txvI+CziJvdNPh2emp0SK/J5Uh30nALTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTz+sq5Yx1LHHu//c0CaGkWLCn6MwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2U2NzBiYWUxLWNiNTEtNGUyYy04MTg0LTdjYTcyZjk5YTlkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAkNbIyP3bo+BamlqSbRkyAFgRJc
3PkGxxnMLlHz18Qr3fQ5KGtQwpFTU6uSe+YJZ9d+nvk1YQaMmITACZ9mPZqvq6Dr
WwISeSBQuSMPhg89mX/MREUWYRzr7rMOPWXQRqs7+THnwbhqE2/SBSFR2ccoJVD8
ij/G/R2HJcw91w7TJG+LefeQmQeRU+5biuEwFvufpC+LsJJhcD0RH2e69TELVLK/
xF9G5kD76CXBLnouM9knxK8lOpxZdzGpD1No+G6fRhlT0Oz9CE0DxV8w6GZVUL8c
afK/5hSqq/OoQEJkKDKvHiBz1c3BXEz/YVG6CbNw4lZTU/AB/l6/u/5V8bU=
-----END CERTIFICATE-----
Generated at Tue May 6 07:24:26 2025 by rpki-client