Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb7be99d-0680-4b2b-92b3-d05546d7f848.roa
File: fb7be99d-0680-4b2b-92b3-d05546d7f848.roa (raw, json)
Hash identifier: AmmqESQE+DRLIkhDKecjNPzn/NYY2btVyvvqRMExt2c=
Subject key identifier: D1:7E:07:6A:DE:3A:64:48:D4:42:7F:20:77:31:88:97:DB:8C:F5:63
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3C7BF4F45CA965DD450D643C44D3B4759EC81E58
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb7be99d-0680-4b2b-92b3-d05546d7f848.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:7b:f4:f4:5c:a9:65:dd:45:0d:64:3c:44:d3:b4:75:9e:c8:1e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: serialNumber=daa75f9c0a532813f13f9236432ddb923e55a735581dd70c4abaa28d85c0de77, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:55:24:c0:ca:b6:fa:ef:ca:cf:76:40:f5:
42:78:e6:a2:d3:f8:85:4c:a8:ab:23:31:f8:fc:1b:
43:ea:2b:4b:ae:ab:16:2f:84:66:36:63:af:06:fc:
8f:9e:16:1b:14:39:d1:52:af:4e:3d:05:0e:65:ee:
ab:9b:8d:8b:2d:29:8e:0f:02:21:89:de:a8:cb:6c:
7b:f1:a9:41:87:96:76:f1:f9:4c:65:df:a2:58:8b:
ee:83:fc:9d:64:14:69:31:42:83:df:57:7f:e6:e7:
b8:7a:32:10:9c:52:81:df:37:e5:51:00:3c:4b:ce:
7d:82:05:55:d3:9b:1d:80:15:41:42:73:45:db:da:
98:31:f4:27:c6:59:33:c9:d6:99:a3:83:64:22:1f:
f2:e6:3d:06:81:95:8c:8d:53:fd:1c:99:e6:84:ef:
61:e8:00:d7:fe:70:c4:c1:9d:02:bb:ce:1b:e9:10:
14:94:d9:7c:ed:f0:ae:79:fa:76:19:49:77:b9:b0:
28:9a:d4:2d:dd:17:ab:bf:ae:53:f5:b9:1a:0c:d9:
0e:72:0f:99:fd:e9:8e:45:63:99:b6:2b:a3:b6:6f:
9f:ee:00:f1:be:cd:66:6b:5d:a3:00:7b:36:63:3c:
12:14:c4:96:f4:8c:60:c7:e9:ef:78:85:f5:7e:75:
fd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7E:07:6A:DE:3A:64:48:D4:42:7F:20:77:31:88:97:DB:8C:F5:63
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb7be99d-0680-4b2b-92b3-d05546d7f848.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
43:03:0c:1f:54:02:75:71:e6:72:05:ae:b2:d1:7b:a4:24:8c:
d5:bc:31:60:8c:08:39:aa:8f:80:5d:d8:25:02:d3:d8:1e:f8:
4e:2b:51:4d:95:f7:aa:46:62:3b:c7:c2:8f:96:1e:68:c4:16:
72:87:17:e5:72:31:3d:71:1e:c5:73:4d:87:6d:29:0e:5e:b4:
06:76:02:09:fd:d7:7c:33:f5:39:c3:f0:c0:6d:64:2e:0f:18:
67:53:07:d6:05:98:47:06:7b:32:f8:74:be:ed:0f:c4:07:06:
b0:a8:6c:df:17:2f:7b:34:40:e7:65:e2:94:b9:68:e3:7c:22:
1b:54:f2:a4:6d:79:95:ae:52:02:26:79:e6:f9:df:cc:46:69:
13:54:6a:71:e2:83:15:eb:99:51:7d:ed:e1:76:6e:ee:2a:cb:
10:9b:67:61:49:ef:ad:42:2e:e6:1a:79:62:76:23:20:ca:47:
ca:41:58:bc:90:51:aa:77:a4:29:7c:0b:01:fb:4a:97:ab:3c:
2d:93:ff:38:ed:4c:c3:21:c8:c2:a1:42:a3:00:73:4f:89:f8:
f4:56:a0:82:73:40:f9:73:fc:46:c0:a2:70:fa:76:0f:23:c9:
6d:bf:1e:4f:88:c8:45:84:1a:ee:0c:32:e7:7c:cf:cb:84:3b:
c7:c2:6e:5f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPHv09FypZd1FDWQ8RNO0dZ7IHlgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjMxMDAwMDAwWhcNMjUwMjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYWE3NWY5YzBhNTMyODEzZjEzZjkyMzY0MzJkZGI5MjNl
NTVhNzM1NTgxZGQ3MGM0YWJhYTI4ZDg1YzBkZTc3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCztVUkwMq2+u/Kz3ZA9UJ45qLT+IVMqKsjMfj8G0PqK0uu
qxYvhGY2Y68G/I+eFhsUOdFSr049BQ5l7qubjYstKY4PAiGJ3qjLbHvxqUGHlnbx
+Uxl36JYi+6D/J1kFGkxQoPfV3/m57h6MhCcUoHfN+VRADxLzn2CBVXTmx2AFUFC
c0Xb2pgx9CfGWTPJ1pmjg2QiH/LmPQaBlYyNU/0cmeaE72HoANf+cMTBnQK7zhvp
EBSU2Xzt8K55+nYZSXe5sCia1C3dF6u/rlP1uRoM2Q5yD5n96Y5FY5m2K6O2b5/u
APG+zWZrXaMAezZjPBIUxJb0jGDH6e94hfV+df2JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0X4Hat46ZEjUQn8gdzGIl9uM9WMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZiN2JlOTlkLTA2ODAtNGIyYi05MmIzLWQwNTU0NmQ3Zjg0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEMDDB9UAnVx5nIFrrLRe6QkjNW8
MWCMCDmqj4Bd2CUC09ge+E4rUU2V96pGYjvHwo+WHmjEFnKHF+VyMT1xHsVzTYdt
KQ5etAZ2Agn913wz9TnD8MBtZC4PGGdTB9YFmEcGezL4dL7tD8QHBrCobN8XL3s0
QOdl4pS5aON8IhtU8qRteZWuUgImeeb538xGaRNUanHigxXrmVF97eF2bu4qyxCb
Z2FJ761CLuYaeWJ2IyDKR8pBWLyQUap3pCl8CwH7SperPC2T/zjtTMMhyMKhQqMA
c0+J+PRWoIJzQPlz/EbAonD6dg8jyW2/Hk+IyEWEGu4MMud8z8uEO8fCbl8=
-----END CERTIFICATE-----
Generated at Sat May 10 02:25:45 2025 by rpki-client