Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ec732f02-5718-49e6-9282-c62c011deae2.roa
File: ec732f02-5718-49e6-9282-c62c011deae2.roa (raw, json)
Hash identifier: ZREFddKIy0/0ZngXR+UcQ8GuipRjVu3JgB0ztOps638=
Subject key identifier: 9B:F2:CB:BA:79:81:C1:74:9F:26:E9:EC:6C:89:2A:F9:66:BD:A1:3E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 7E1E137491CE5F22E3F9A43DEF71558963036708
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ec732f02-5718-49e6-9282-c62c011deae2.roa
Signing time: Sun 29 Dec 2024 00:00:00 +0000
ROA not before: Sun 29 Dec 2024 00:00:00 +0000
ROA not after: Sun 02 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:1e:13:74:91:ce:5f:22:e3:f9:a4:3d:ef:71:55:89:63:03:67:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 29 00:00:00 2024 GMT
Not After : Feb 2 23:59:59 2025 GMT
Subject: serialNumber=97189ea948845aae6ff93bb69ebb9b57ef15ee8f252c152e34e5fc9bf62cb0a3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b4:28:7b:6c:48:f0:41:fc:0e:44:1c:e5:eb:
15:c5:ca:d1:97:9f:3e:f8:72:88:d5:d9:c9:03:19:
73:d9:a3:b7:42:d2:8a:6e:b5:99:b7:79:6c:b7:3c:
b5:cc:b4:2b:11:24:6b:ad:f7:41:82:e3:b5:9c:5c:
76:c0:a6:aa:4e:99:f5:56:e8:60:7b:66:92:5b:3f:
51:7c:f2:32:b6:b5:60:55:9e:42:70:a5:7b:59:1c:
67:e9:d0:e4:b4:73:71:8a:42:1a:93:85:3d:97:65:
4f:10:cf:92:b1:56:a1:65:e7:56:8b:2b:c0:ea:c7:
94:f8:27:92:f2:7d:23:6d:d3:53:ae:86:67:8d:35:
c2:69:69:5d:37:d1:4a:18:b9:a3:de:a6:4d:11:68:
5c:6c:77:84:55:5f:89:8d:83:29:cc:17:6e:81:af:
92:c6:23:68:a5:ca:89:76:0b:a2:2d:a5:7b:04:ec:
7f:0b:93:dd:f2:37:ea:50:c2:3a:8f:9c:96:ff:04:
ca:0f:f5:98:2e:27:0e:1e:57:51:a7:d7:05:67:96:
12:41:38:ac:44:e2:ed:29:98:ec:bd:88:73:c3:3b:
b4:88:b8:66:ca:fc:90:62:82:14:f8:b1:e9:04:83:
17:ca:9b:6d:08:4b:e0:49:05:2c:14:9b:55:19:de:
8f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F2:CB:BA:79:81:C1:74:9F:26:E9:EC:6C:89:2A:F9:66:BD:A1:3E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ec732f02-5718-49e6-9282-c62c011deae2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:00:d2:a9:92:e4:1c:a7:6f:48:ee:90:7a:2b:87:cf:88:ff:
2b:ef:6b:7d:3b:74:1e:1c:da:75:18:a6:86:a8:9e:ad:d8:02:
15:0d:64:f0:ad:48:81:1b:71:96:2d:f6:36:99:ef:43:e8:dc:
9a:50:e0:90:bc:46:b6:9d:95:0a:f9:e4:cf:58:a2:04:00:c2:
e3:49:f5:c2:4e:ed:68:70:e2:d2:cd:c2:3b:2e:32:71:c3:17:
a6:70:5b:b1:ea:32:40:5a:35:e2:a7:b0:03:23:2d:29:a0:3e:
86:71:9c:85:02:01:ea:f1:fa:f4:3d:6f:6d:45:da:65:11:21:
bc:91:2c:00:19:19:9d:75:64:ee:f0:02:aa:cc:81:15:10:a7:
e1:5c:7a:2c:d3:7d:b5:29:8d:b7:2c:0b:77:9e:9a:20:f4:58:
4b:ab:38:46:36:d4:5f:17:7f:24:49:8d:90:9e:94:73:b4:25:
72:30:df:56:cb:01:d3:b0:e2:25:8f:f8:ba:3c:83:e2:34:0a:
bd:3f:5e:64:41:4a:fc:cf:52:95:6b:80:45:5f:37:01:db:a5:
e7:68:47:10:70:4f:c9:25:c3:ef:18:3d:fc:a5:32:89:40:c0:
72:47:8d:4a:31:79:e3:c8:08:67:b8:50:2e:91:5c:8f:54:27:
8a:3a:1a:dd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfh4TdJHOXyLj+aQ973FViWMDZwgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjI5MDAwMDAwWhcNMjUwMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NzE4OWVhOTQ4ODQ1YWFlNmZmOTNiYjY5ZWJiOWI1N2Vm
MTVlZThmMjUyYzE1MmUzNGU1ZmM5YmY2MmNiMGEzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCntCh7bEjwQfwORBzl6xXFytGXnz74cojV2ckDGXPZo7dC
0oputZm3eWy3PLXMtCsRJGut90GC47WcXHbApqpOmfVW6GB7ZpJbP1F88jK2tWBV
nkJwpXtZHGfp0OS0c3GKQhqThT2XZU8Qz5KxVqFl51aLK8Dqx5T4J5LyfSNt01Ou
hmeNNcJpaV030UoYuaPepk0RaFxsd4RVX4mNgynMF26Br5LGI2ilyol2C6ItpXsE
7H8Lk93yN+pQwjqPnJb/BMoP9ZguJw4eV1Gn1wVnlhJBOKxE4u0pmOy9iHPDO7SI
uGbK/JBighT4sekEgxfKm20IS+BJBSwUm1UZ3o+jAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUm/LLunmBwXSfJunsbIkq+Wa9oT4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VjNzMyZjAyLTU3MTgtNDllNi05MjgyLWM2MmMwMTFkZWFlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA8A0qmS5Bynb0jukHorh8+I/yvv
a307dB4c2nUYpoaonq3YAhUNZPCtSIEbcZYt9jaZ70Po3JpQ4JC8RradlQr55M9Y
ogQAwuNJ9cJO7Whw4tLNwjsuMnHDF6ZwW7HqMkBaNeKnsAMjLSmgPoZxnIUCAerx
+vQ9b21F2mURIbyRLAAZGZ11ZO7wAqrMgRUQp+FceizTfbUpjbcsC3eemiD0WEur
OEY21F8XfyRJjZCelHO0JXIw31bLAdOw4iWP+Lo8g+I0Cr0/XmRBSvzPUpVrgEVf
NwHbpedoRxBwT8klw+8YPfylMolAwHJHjUoxeePICGe4UC6RXI9UJ4o6Gt0=
-----END CERTIFICATE-----
Generated at Wed May 7 03:28:01 2025 by rpki-client