Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/66733611-de2a-4771-9bb9-00e37f4d16e8.roa
File: 66733611-de2a-4771-9bb9-00e37f4d16e8.roa (raw, json)
Hash identifier: Emlp6D51idnzbnDuOPKXyZJTS3m91Um/0PwuNj88ihs=
Subject key identifier: A3:CB:26:6D:2C:3C:90:A4:95:28:8B:37:23:23:76:01:DC:0C:0E:0F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 46953FE9594F982F94EB4A2A4C62D3261D5A35ED
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/66733611-de2a-4771-9bb9-00e37f4d16e8.roa
Signing time: Wed 11 Dec 2024 00:00:00 +0000
ROA not before: Wed 11 Dec 2024 00:00:00 +0000
ROA not after: Wed 15 Jan 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:95:3f:e9:59:4f:98:2f:94:eb:4a:2a:4c:62:d3:26:1d:5a:35:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 11 00:00:00 2024 GMT
Not After : Jan 15 23:59:59 2025 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:74:8a:04:a1:6b:44:a4:f3:e9:cd:ea:c3:07:
f1:a6:eb:2c:c5:d2:35:ba:cc:69:33:87:ab:d6:25:
c9:c6:e2:cb:5b:73:78:b5:f0:fa:6b:f7:96:a1:9e:
13:8d:10:ab:9c:2a:f3:08:4b:1d:fa:a5:01:49:af:
be:98:b9:10:d3:41:6a:49:61:a0:e6:fd:d8:96:57:
08:7f:54:21:0a:0e:1a:79:f2:b8:55:31:c4:fd:e7:
8d:36:2e:3c:4a:f2:02:73:91:61:2f:62:e3:6e:6f:
06:7d:b7:bb:70:1f:e3:94:ad:89:7d:e6:27:41:7d:
0a:70:7e:ea:2f:7d:58:af:a6:28:f9:b2:9d:b6:7c:
2a:bb:a7:28:b8:7c:1a:dd:7a:38:14:60:33:19:dd:
f8:09:02:23:cb:14:fa:9f:83:9b:40:10:dd:1e:19:
dd:94:71:72:fb:15:44:12:e2:39:5e:ac:d3:08:cf:
d3:84:47:06:c7:d7:65:13:2a:34:b2:55:83:3a:36:
7f:65:c9:82:96:d7:7e:92:bf:e1:7e:e2:eb:13:14:
89:13:50:5c:35:b1:06:76:34:e8:18:27:6c:d5:0c:
77:2f:56:64:cb:16:dc:df:00:aa:01:c6:90:b7:0e:
ee:80:1b:e8:a8:32:e0:38:ac:3a:59:87:1b:99:3d:
9d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CB:26:6D:2C:3C:90:A4:95:28:8B:37:23:23:76:01:DC:0C:0E:0F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/66733611-de2a-4771-9bb9-00e37f4d16e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b7:db:28:3d:cb:33:8a:3a:9a:95:2c:91:cd:3b:5f:6e:a6:
99:50:41:b0:1a:80:ed:2a:e9:22:e4:87:ca:8f:78:15:26:99:
ab:c7:50:46:73:cb:88:e3:e8:70:d8:77:e5:47:fa:3c:59:98:
4e:97:3b:aa:6b:08:3e:47:d5:d5:0e:af:94:f3:46:12:ce:f0:
0a:e9:46:15:07:b6:90:49:60:be:2f:24:a4:85:40:c1:6d:be:
3b:b2:ab:fb:e2:a9:3e:1e:db:fb:75:78:11:19:d7:96:e9:ed:
0f:2a:81:e1:d4:6e:0b:0c:1b:6c:aa:5c:2c:3e:e3:9e:ee:03:
ef:c8:04:10:64:e0:9f:84:cb:95:b8:40:29:a9:a6:68:2d:aa:
8b:50:73:c2:29:f7:d0:81:f8:e5:7e:b4:1e:24:04:30:26:f9:
11:f6:95:33:49:57:d5:89:80:34:81:ec:e4:84:5c:91:07:39:
0b:f0:84:05:81:04:94:8b:46:2e:5b:5d:58:03:4f:86:04:f8:
03:0e:d4:0a:93:b7:43:b6:cf:03:25:57:ef:ad:91:32:6c:37:
99:8e:e2:8a:a3:18:a0:0a:64:13:a9:01:74:7b:e6:81:2d:70:
03:4e:60:fe:7b:72:b2:da:f2:37:52:98:a7:bb:1f:0f:f0:f3:
ee:0a:85:b8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURpU/6VlPmC+U60oqTGLTJh1aNe0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjExMDAwMDAwWhcNMjUwMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZmRiYjY1YTI5NjhiYTA2MzUxNWI4ZTUzMTAxZThiOWY3
MTEzODA5Njg0YjYxY2QyZTI0ZjI1OGM3NGEzYjcyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKdIoEoWtEpPPpzerDB/Gm6yzF0jW6zGkzh6vWJcnG4stb
c3i18Ppr95ahnhONEKucKvMISx36pQFJr76YuRDTQWpJYaDm/diWVwh/VCEKDhp5
8rhVMcT95402LjxK8gJzkWEvYuNubwZ9t7twH+OUrYl95idBfQpwfuovfVivpij5
sp22fCq7pyi4fBrdejgUYDMZ3fgJAiPLFPqfg5tAEN0eGd2UcXL7FUQS4jlerNMI
z9OERwbH12UTKjSyVYM6Nn9lyYKW136Sv+F+4usTFIkTUFw1sQZ2NOgYJ2zVDHcv
VmTLFtzfAKoBxpC3Du6AG+ioMuA4rDpZhxuZPZ2FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUo8smbSw8kKSVKIs3IyN2AdwMDg8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzY2NzMzNjExLWRlMmEtNDc3MS05YmI5LTAwZTM3ZjRkMTZlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABG32yg9yzOKOpqVLJHNO19upplQ
QbAagO0q6SLkh8qPeBUmmavHUEZzy4jj6HDYd+VH+jxZmE6XO6prCD5H1dUOr5Tz
RhLO8ArpRhUHtpBJYL4vJKSFQMFtvjuyq/viqT4e2/t1eBEZ15bp7Q8qgeHUbgsM
G2yqXCw+457uA+/IBBBk4J+Ey5W4QCmppmgtqotQc8Ip99CB+OV+tB4kBDAm+RH2
lTNJV9WJgDSB7OSEXJEHOQvwhAWBBJSLRi5bXVgDT4YE+AMO1AqTt0O2zwMlV++t
kTJsN5mO4oqjGKAKZBOpAXR75oEtcANOYP57crLa8jdSmKe7Hw/w8+4Khbg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:09:14 2025 by rpki-client