Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06f1c022-a507-4a82-804f-ffe8e522f306.roa
File: 06f1c022-a507-4a82-804f-ffe8e522f306.roa (raw, json)
Hash identifier: bprqqVcLBCI5mA197uiabs3ZYDpHiNOc0lxtXaSQ7d0=
Subject key identifier: FA:97:4A:6F:4B:F6:68:99:83:E0:50:7C:30:DD:E0:41:D7:7D:DC:C9
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 79191907151EB332495C588D544CDA0E4252E2FB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06f1c022-a507-4a82-804f-ffe8e522f306.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:19:19:07:15:1e:b3:32:49:5c:58:8d:54:4c:da:0e:42:52:e2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5b:7d:8d:ef:55:85:94:cf:93:24:56:42:2f:
fd:82:8c:fc:ab:75:8a:f4:af:9b:2c:8c:46:14:78:
85:5e:4c:be:ba:fb:c2:f3:ec:ae:59:ee:fe:c5:2a:
07:3d:6a:39:af:cd:04:5e:e7:02:10:90:32:be:73:
25:03:5f:3a:b2:57:a0:9f:78:1c:5f:84:e8:ec:91:
50:cc:b2:ee:e1:d0:76:c3:d6:0a:9e:30:39:ab:45:
b6:c6:49:84:61:93:4c:34:72:37:78:f3:da:7d:11:
41:1f:d4:70:8f:a7:9a:79:81:0d:75:a6:fd:24:e6:
2b:24:df:b8:42:1e:a9:d8:85:b4:93:c8:f0:b5:e0:
2d:d8:af:36:7f:9f:b5:ef:ea:c8:6f:dc:c8:d9:48:
13:84:88:cf:e4:54:81:36:d5:ff:16:fd:3d:51:f2:
ab:b1:5a:13:d9:f4:76:49:67:27:31:62:13:07:38:
a0:a0:cd:92:ed:7c:16:1b:13:d2:6a:44:39:00:39:
99:35:94:5a:af:4b:ca:5f:3e:fe:e1:8d:1b:85:36:
cb:07:ba:78:58:2d:47:ca:7d:eb:d7:49:af:01:87:
db:bc:08:5e:4c:95:d6:7a:61:02:c6:90:c3:f9:e7:
0b:c6:dd:a7:e1:48:16:f3:ad:92:8c:76:c5:62:d3:
a2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:97:4A:6F:4B:F6:68:99:83:E0:50:7C:30:DD:E0:41:D7:7D:DC:C9
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06f1c022-a507-4a82-804f-ffe8e522f306.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
92:6d:64:b9:21:5f:fd:26:2b:f2:66:a1:9a:e0:14:89:1c:4e:
1e:2b:b2:fd:fb:16:3e:ca:1f:af:20:91:5e:3a:e5:d2:ae:6f:
1e:26:b7:50:11:5b:f8:6b:58:26:fd:a8:bb:ff:bc:3b:95:a2:
28:a5:61:04:d5:d0:22:43:fa:11:e9:aa:97:a6:1b:2d:45:af:
df:55:b6:dd:e3:14:54:27:d2:62:13:ea:e1:d6:64:d0:aa:61:
46:b2:47:ae:f8:a5:83:ce:32:0c:0e:50:9b:64:12:c1:b5:c6:
83:3c:7b:59:b1:55:f7:24:2f:63:f7:99:e6:00:d3:78:7d:86:
50:91:2b:ea:e4:9b:b2:67:d9:6a:f6:48:d1:fe:4c:d7:f6:04:
93:ce:52:74:ee:48:e5:3a:3d:57:e8:7d:97:f8:78:bd:b6:82:
09:29:b1:55:5e:fb:d7:54:04:f2:6b:1a:bc:13:e7:a9:e8:96:
fc:2f:26:52:55:6f:4d:0b:91:cd:c4:da:c2:91:02:2e:47:0c:
2b:c3:23:34:c2:a3:54:a8:89:58:07:7e:d8:77:c5:14:f4:a7:
82:11:07:e3:90:52:3c:14:f3:55:89:bc:63:75:d5:09:49:08:
e9:22:40:12:55:dc:24:ea:b6:05:0b:fb:fc:43:b3:46:dd:8e:
fc:eb:18:ca
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeRkZBxUeszJJXFiNVEzaDkJS4vswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMTAxMDAwMDAwWhcNMjUwMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkOTAxZjNmZjI0Mjk5N2JiZjkxYWE2Yzc2M2YyM2JkMWVk
MDllMGI2ZGQzOWU2NzRjZGE0ZmM0NTk4ZGFjNDQ5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNW32N71WFlM+TJFZCL/2CjPyrdYr0r5ssjEYUeIVeTL66
+8Lz7K5Z7v7FKgc9ajmvzQRe5wIQkDK+cyUDXzqyV6CfeBxfhOjskVDMsu7h0HbD
1gqeMDmrRbbGSYRhk0w0cjd489p9EUEf1HCPp5p5gQ11pv0k5isk37hCHqnYhbST
yPC14C3YrzZ/n7Xv6shv3MjZSBOEiM/kVIE21f8W/T1R8quxWhPZ9HZJZycxYhMH
OKCgzZLtfBYbE9JqRDkAOZk1lFqvS8pfPv7hjRuFNssHunhYLUfKfevXSa8Bh9u8
CF5MldZ6YQLGkMP55wvG3afhSBbzrZKMdsVi06LnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+pdKb0v2aJmD4FB8MN3gQdd93MkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA2ZjFjMDIyLWE1MDctNGE4Mi04MDRmLWZmZThlNTIyZjMwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJJtZLkhX/0mK/JmoZrgFIkcTh4r
sv37Fj7KH68gkV465dKubx4mt1ARW/hrWCb9qLv/vDuVoiilYQTV0CJD+hHpqpem
Gy1Fr99Vtt3jFFQn0mIT6uHWZNCqYUayR674pYPOMgwOUJtkEsG1xoM8e1mxVfck
L2P3meYA03h9hlCRK+rkm7Jn2Wr2SNH+TNf2BJPOUnTuSOU6PVfofZf4eL22ggkp
sVVe+9dUBPJrGrwT56nolvwvJlJVb00Lkc3E2sKRAi5HDCvDIzTCo1SoiVgHfth3
xRT0p4IRB+OQUjwU81WJvGN11QlJCOkiQBJV3CTqtgUL+/xDs0bdjvzrGMo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:17:10 2025 by rpki-client