Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0b0e95d5-db2f-48e2-b8c8-8577148b2094.roa
File: 0b0e95d5-db2f-48e2-b8c8-8577148b2094.roa (raw, json)
Hash identifier: jcydjg8OYzVfpb60oS3AxFrWfRacOW1yBIgIjgGPu/0=
Subject key identifier: BC:E1:2D:42:AF:39:28:DA:12:E4:3E:B6:4C:11:53:2D:B5:7F:7F:0B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2565C188C063A2042AFF965C439A09DECF6C4765
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0b0e95d5-db2f-48e2-b8c8-8577148b2094.roa
Signing time: Sun 24 Sep 2023 00:00:00 +0000
ROA not before: Sun 24 Sep 2023 00:00:00 +0000
ROA not after: Sun 29 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:65:c1:88:c0:63:a2:04:2a:ff:96:5c:43:9a:09:de:cf:6c:47:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 24 00:00:00 2023 GMT
Not After : Oct 29 23:59:59 2023 GMT
Subject: serialNumber=b6ba8a633eee81dc184570f41debc154fd587f0b72ba00c2722166ce3a966b4e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:7d:fd:59:07:06:43:f6:72:92:78:6b:8f:
7d:a5:fb:63:fd:fe:53:c6:50:57:2a:68:e9:ec:84:
08:53:1e:d4:15:5c:ca:0e:3c:b2:e6:9f:ae:a0:f6:
04:e2:de:1f:7e:e3:d7:fc:11:dc:fc:1d:31:75:c2:
b4:ec:c6:db:ee:22:d2:c1:4d:78:e4:bd:a2:21:42:
48:e8:68:96:20:44:63:90:6c:ad:bc:12:0f:13:6c:
61:16:c8:9c:c3:cc:5a:e9:93:16:54:e7:01:65:81:
ef:fb:0d:01:b4:bc:e9:34:12:35:3d:b0:f5:ec:3e:
88:cc:68:47:bd:45:f9:68:ae:9c:11:b6:21:27:e9:
6c:51:dd:5f:30:b0:45:54:42:b5:c7:fb:ea:65:13:
06:d1:dd:7e:eb:78:81:9e:02:6f:fe:1e:3f:a1:09:
b7:c3:d8:2b:6e:3f:8d:08:cd:0a:e0:6f:0d:8d:ff:
0b:c2:a5:6f:23:4b:36:9c:79:bf:1e:a7:1c:78:c2:
b1:30:8d:19:dc:86:d7:a2:b7:b0:20:b2:ff:e9:00:
72:ce:38:a6:c1:65:b2:0c:69:9d:db:83:c7:7b:ba:
e5:06:53:4f:2d:76:84:72:5c:12:2c:f6:be:b2:04:
0f:c9:5c:0b:e8:b7:e9:7b:41:0c:fb:38:d7:5e:48:
a0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E1:2D:42:AF:39:28:DA:12:E4:3E:B6:4C:11:53:2D:B5:7F:7F:0B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0b0e95d5-db2f-48e2-b8c8-8577148b2094.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c1:47:9a:85:52:f0:49:89:89:44:1e:34:86:49:43:08:9e:
bd:4d:1b:04:e2:6c:14:ec:02:6c:df:6f:89:3a:16:92:51:32:
97:ed:df:16:2d:dc:f5:07:42:42:26:57:60:4c:8f:52:c1:a7:
a1:5b:15:09:f2:45:9b:60:0b:c6:ae:71:53:3b:e7:51:af:99:
b2:f6:f5:34:fb:8a:71:6f:70:99:7e:d9:42:6b:e8:12:28:29:
28:d8:bf:86:c0:f5:ca:98:1e:fa:b8:44:a9:7e:07:76:cf:8b:
6a:ba:26:7a:96:cb:60:e2:e7:90:c7:42:ac:b2:26:57:bb:40:
6c:c4:99:13:ba:5d:27:53:e3:9e:ab:5f:3a:94:1e:2f:4c:8e:
86:e0:2b:d9:70:8c:90:ff:be:72:71:f7:1b:e2:33:2f:5f:59:
e6:6b:ee:ab:48:48:b7:5a:d0:ba:57:fb:4b:32:59:7f:62:be:
0b:5c:b8:88:ae:04:fa:77:ca:1e:af:22:06:03:01:23:fa:2f:
c0:5a:28:b3:d7:10:44:da:3b:d4:dd:53:04:48:3a:1c:fb:46:
de:bb:4e:40:61:42:40:f9:b1:40:be:4d:da:af:50:69:be:6a:
10:67:41:5b:fa:fc:a0:f1:bd:16:46:a7:06:d3:2d:23:27:20:
73:14:f1:f6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJWXBiMBjogQq/5ZcQ5oJ3s9sR2UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTI0MDAwMDAwWhcNMjMxMDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNmJhOGE2MzNlZWU4MWRjMTg0NTcwZjQxZGViYzE1NGZk
NTg3ZjBiNzJiYTAwYzI3MjIxNjZjZTNhOTY2YjRlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzEn39WQcGQ/Zyknhrj32l+2P9/lPGUFcqaOnshAhTHtQV
XMoOPLLmn66g9gTi3h9+49f8Edz8HTF1wrTsxtvuItLBTXjkvaIhQkjoaJYgRGOQ
bK28Eg8TbGEWyJzDzFrpkxZU5wFlge/7DQG0vOk0EjU9sPXsPojMaEe9RflorpwR
tiEn6WxR3V8wsEVUQrXH++plEwbR3X7reIGeAm/+Hj+hCbfD2CtuP40IzQrgbw2N
/wvCpW8jSzaceb8epxx4wrEwjRnchteit7Agsv/pAHLOOKbBZbIMaZ3bg8d7uuUG
U08tdoRyXBIs9r6yBA/JXAvot+l7QQz7ONdeSKAvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvOEtQq85KNoS5D62TBFTLbV/fwswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBiMGU5NWQ1LWRiMmYtNDhlMi1iOGM4LTg1NzcxNDhiMjA5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABvBR5qFUvBJiYlEHjSGSUMInr1N
GwTibBTsAmzfb4k6FpJRMpft3xYt3PUHQkImV2BMj1LBp6FbFQnyRZtgC8aucVM7
51GvmbL29TT7inFvcJl+2UJr6BIoKSjYv4bA9cqYHvq4RKl+B3bPi2q6JnqWy2Di
55DHQqyyJle7QGzEmRO6XSdT456rXzqUHi9MjobgK9lwjJD/vnJx9xviMy9fWeZr
7qtISLda0LpX+0syWX9ivgtcuIiuBPp3yh6vIgYDASP6L8BaKLPXEETaO9TdUwRI
Ohz7Rt67TkBhQkD5sUC+TdqvUGm+ahBnQVv6/KDxvRZGpwbTLSMnIHMU8fY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:11 2024 by rpki-client on console-fra.rpki-client.org