Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f661b37f-308a-4972-aed3-ebb5ed7c5e89.roa
File: f661b37f-308a-4972-aed3-ebb5ed7c5e89.roa (raw, json)
Hash identifier: EBJEF5dkDQtG4KITMIQ1y2vwf+wojg53TwaLKQJgwsE=
Subject key identifier: 02:7F:B4:8D:F9:4C:DA:6D:E3:C6:33:DC:2D:F3:1D:00:1E:4B:4B:A5
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4A994EC7222520CBFED6C0C19D8605F19E4EE946
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f661b37f-308a-4972-aed3-ebb5ed7c5e89.roa
Signing time: Sat 23 Nov 2024 00:00:00 +0000
ROA not before: Sat 23 Nov 2024 00:00:00 +0000
ROA not after: Sat 28 Dec 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:99:4e:c7:22:25:20:cb:fe:d6:c0:c1:9d:86:05:f1:9e:4e:e9:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 23 00:00:00 2024 GMT
Not After : Dec 28 23:59:59 2024 GMT
Subject: serialNumber=1fa6d7a506befa02d08eb56bb391d3d236473310ea9b74c1cf560ac5fcb9582d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:23:32:d7:cf:b2:53:c3:0e:c6:c5:a0:23:96:
ae:9f:6d:f1:78:09:6d:f2:86:50:ed:57:5a:c8:cf:
21:ae:4c:d1:e5:98:d6:9b:75:71:8b:c1:50:10:69:
fe:f0:4b:1a:44:44:53:bf:7c:e5:54:ac:d8:56:55:
35:d9:b6:aa:30:c6:04:f4:be:c0:2c:31:71:ea:fd:
e9:f0:e1:dd:5f:ee:da:58:43:e9:5b:d8:25:30:19:
f4:b8:8b:a5:f4:84:18:94:a1:67:29:de:1b:44:3d:
99:5d:b7:de:95:d2:b7:d3:53:a9:0c:d9:b2:16:c4:
ff:76:b6:67:fc:f9:02:1c:a9:81:25:2a:de:34:c8:
64:a7:ae:ae:42:47:fe:f8:f7:59:2f:2c:f6:dc:be:
b7:fd:82:18:33:2f:ed:e5:8a:de:0a:85:18:3a:4f:
b8:e7:ac:f4:dc:2d:bd:ea:79:cb:25:f1:4e:6f:75:
81:84:ab:93:8e:bb:66:cf:0f:aa:56:64:29:9e:4f:
20:0a:eb:25:ac:e0:a3:1f:2c:e9:ac:0c:54:bc:17:
51:b4:56:27:48:c2:0b:af:42:39:ae:95:7b:3c:7b:
82:ce:bb:ec:0c:17:6c:4a:d7:8c:b5:cb:0c:2f:05:
80:e8:d5:03:58:9e:ba:7a:be:a2:26:af:e9:99:02:
be:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7F:B4:8D:F9:4C:DA:6D:E3:C6:33:DC:2D:F3:1D:00:1E:4B:4B:A5
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f661b37f-308a-4972-aed3-ebb5ed7c5e89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:10:e8:81:dd:1d:67:ee:f0:cd:a0:df:5b:0f:4c:8e:5a:24:
2b:a9:e9:32:8f:a3:69:3d:19:e2:a0:72:fc:02:b3:bc:75:53:
85:42:ff:44:d9:1e:83:59:c4:b9:71:94:80:42:a6:11:db:bf:
8f:2c:ae:04:77:f7:bb:6b:9a:6b:48:c8:d9:e1:42:2d:34:d6:
fe:00:20:f8:74:ca:ac:50:29:77:19:81:e4:28:76:cf:8d:7a:
ab:e1:92:c4:c0:55:fc:aa:17:27:e2:28:ba:23:64:b9:e6:33:
6e:20:13:79:a5:18:8a:b8:6a:10:21:e2:1a:66:22:bb:5c:eb:
6f:ba:c5:db:39:4f:69:aa:6d:20:2d:b7:05:e9:84:34:26:bb:
a8:02:92:50:41:93:ce:0b:40:90:93:a6:b7:7d:e3:92:ef:76:
e3:e9:88:34:05:f0:ed:fa:b9:02:b0:9f:6c:c7:26:84:47:22:
bb:63:82:cc:7b:ba:9e:da:17:95:80:5d:ae:7c:56:5e:4c:fe:
a2:5e:a7:c7:7d:46:b1:9a:5f:6b:69:df:5e:42:25:50:b1:8d:
e3:1f:90:42:03:37:5c:39:7d:25:47:2b:cc:32:da:7e:d0:76:
70:05:ce:13:55:58:f8:cc:58:32:f7:1b:9e:09:5b:63:07:70:
01:28:87:b6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSplOxyIlIMv+1sDBnYYF8Z5O6UYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTIzMDAwMDAwWhcNMjQxMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZmE2ZDdhNTA2YmVmYTAyZDA4ZWI1NmJiMzkxZDNkMjM2
NDczMzEwZWE5Yjc0YzFjZjU2MGFjNWZjYjk1ODJkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFIzLXz7JTww7GxaAjlq6fbfF4CW3yhlDtV1rIzyGuTNHl
mNabdXGLwVAQaf7wSxpERFO/fOVUrNhWVTXZtqowxgT0vsAsMXHq/enw4d1f7tpY
Q+lb2CUwGfS4i6X0hBiUoWcp3htEPZldt96V0rfTU6kM2bIWxP92tmf8+QIcqYEl
Kt40yGSnrq5CR/7491kvLPbcvrf9ghgzL+3lit4KhRg6T7jnrPTcLb3qecsl8U5v
dYGEq5OOu2bPD6pWZCmeTyAK6yWs4KMfLOmsDFS8F1G0VidIwguvQjmulXs8e4LO
u+wMF2xK14y1ywwvBYDo1QNYnrp6vqImr+mZAr4nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAn+0jflM2m3jxjPcLfMdAB5LS6UwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Y2NjFiMzdmLTMwOGEtNDk3Mi1hZWQzLWViYjVlZDdjNWU4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIoQ6IHdHWfu8M2g31sPTI5aJCup
6TKPo2k9GeKgcvwCs7x1U4VC/0TZHoNZxLlxlIBCphHbv48srgR397trmmtIyNnh
Qi001v4AIPh0yqxQKXcZgeQods+NeqvhksTAVfyqFyfiKLojZLnmM24gE3mlGIq4
ahAh4hpmIrtc62+6xds5T2mqbSAttwXphDQmu6gCklBBk84LQJCTprd945LvduPp
iDQF8O36uQKwn2zHJoRHIrtjgsx7up7aF5WAXa58Vl5M/qJep8d9RrGaX2tp315C
JVCxjeMfkEIDN1w5fSVHK8wy2n7QdnAFzhNVWPjMWDL3G54JW2MHcAEoh7Y=
-----END CERTIFICATE-----
Generated at Wed May 7 22:07:47 2025 by rpki-client