Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/128707f8-3dae-4c8d-8c78-61f65e84bf6d.roa
File: 128707f8-3dae-4c8d-8c78-61f65e84bf6d.roa (raw, json)
Hash identifier: uVOG97o/C+esAvak6J9NmVkQul4pRLIunjzeFZksjyY=
Subject key identifier: 38:80:57:F3:49:EE:58:EF:E7:02:5E:F5:C2:63:D1:A1:B4:DD:4A:31
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5A9812435A1151E2812724F66BF11647844B14C6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/128707f8-3dae-4c8d-8c78-61f65e84bf6d.roa
Signing time: Tue 10 Oct 2023 00:00:00 +0000
ROA not before: Tue 10 Oct 2023 00:00:00 +0000
ROA not after: Tue 14 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:98:12:43:5a:11:51:e2:81:27:24:f6:6b:f1:16:47:84:4b:14:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 10 00:00:00 2023 GMT
Not After : Nov 14 23:59:59 2023 GMT
Subject: serialNumber=78986e6c1d2c7844539d705c74581fe6722ed3910cf3cf9468f40be740d19b9b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7b:ad:2b:fe:91:fb:ae:33:91:e0:14:fc:f4:
13:16:6b:89:3c:b9:f8:be:09:79:d4:bb:bb:99:83:
c8:91:ee:26:cc:83:26:62:c1:5d:e8:03:a9:de:5b:
2a:f1:b4:6c:86:ed:c5:5d:fb:a3:63:22:b2:0e:8a:
a4:e7:48:d5:e1:33:8f:fd:2c:6f:1a:31:db:6d:a8:
c7:73:8d:4c:07:e9:75:e5:43:60:3a:d4:1d:48:b0:
3d:cd:62:83:97:8d:a1:0d:58:03:5a:6f:45:22:73:
82:a3:ec:85:e1:eb:36:2b:04:a4:07:54:9f:05:1e:
99:0f:d3:e5:ba:bd:54:b4:2a:ac:f4:cd:99:32:d1:
c2:f7:37:c7:cf:50:8b:48:ff:4c:1a:63:73:db:68:
78:1f:20:cb:b4:89:55:47:00:7c:91:09:08:9a:8c:
1b:22:53:96:6b:eb:0c:37:4b:d4:e2:1f:a3:0c:9e:
dc:91:8e:fd:53:bf:8c:01:2e:b9:66:ba:e4:5d:07:
74:ef:94:45:a6:af:4c:59:ae:cf:ee:b9:d6:db:2b:
43:76:06:a1:6e:ac:cc:f3:2a:c4:14:94:d8:a0:92:
e8:05:9e:f8:1c:0d:06:74:e3:5d:0b:50:0a:0f:e8:
57:6d:4a:95:00:63:61:44:a4:1c:39:81:0f:81:95:
75:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:80:57:F3:49:EE:58:EF:E7:02:5E:F5:C2:63:D1:A1:B4:DD:4A:31
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/128707f8-3dae-4c8d-8c78-61f65e84bf6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
44:4c:b4:6e:cd:9a:97:06:1c:6e:b4:f2:df:02:06:e3:0f:87:
9e:48:b5:39:70:8f:5e:da:4c:da:92:fe:2d:b0:bb:c1:09:1a:
a8:ea:6d:fc:5c:f7:a1:08:e5:d8:c6:9b:79:36:5d:46:69:eb:
b0:d2:c4:82:f3:cd:d6:3c:b6:4d:a0:8e:40:33:f3:19:a2:59:
18:c9:74:b2:df:62:e3:55:b6:ce:12:9a:44:fb:d8:f5:99:a0:
60:6d:69:20:65:60:5e:44:8b:cd:10:ad:a2:3e:63:31:a0:9d:
c7:04:da:6e:91:16:e5:85:0a:fc:69:56:c4:28:32:25:fa:a1:
9d:8f:85:27:f8:6d:2b:59:3e:ca:c9:83:b5:f3:51:08:2d:ad:
11:75:ca:8d:27:61:5d:40:36:63:42:d4:d8:bb:4e:2f:e3:24:
48:16:40:e0:eb:4e:c8:c8:cf:61:fd:b7:d6:f1:c6:15:3c:7e:
c0:32:50:9c:e7:49:f8:b0:bc:6a:8c:dc:ac:b1:5b:fd:83:54:
6c:78:89:e4:20:c7:28:c9:0c:7e:55:15:a5:02:d8:b2:13:06:
d6:9e:cd:b2:30:cc:0f:6d:ce:0e:14:ee:e6:03:25:c7:fa:9d:
68:dc:6e:30:c2:cb:d3:f2:f6:a6:9f:50:4c:6d:41:6b:59:8f:
31:14:93:bf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWpgSQ1oRUeKBJyT2a/EWR4RLFMYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDEwMDAwMDAwWhcNMjMxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ODk4NmU2YzFkMmM3ODQ0NTM5ZDcwNWM3NDU4MWZlNjcy
MmVkMzkxMGNmM2NmOTQ2OGY0MGJlNzQwZDE5YjliMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhe60r/pH7rjOR4BT89BMWa4k8ufi+CXnUu7uZg8iR7ibM
gyZiwV3oA6neWyrxtGyG7cVd+6NjIrIOiqTnSNXhM4/9LG8aMdttqMdzjUwH6XXl
Q2A61B1IsD3NYoOXjaENWANab0Uic4Kj7IXh6zYrBKQHVJ8FHpkP0+W6vVS0Kqz0
zZky0cL3N8fPUItI/0waY3PbaHgfIMu0iVVHAHyRCQiajBsiU5Zr6ww3S9TiH6MM
ntyRjv1Tv4wBLrlmuuRdB3TvlEWmr0xZrs/uudbbK0N2BqFurMzzKsQUlNigkugF
nvgcDQZ0410LUAoP6FdtSpUAY2FEpBw5gQ+BlXWPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOIBX80nuWO/nAl71wmPRobTdSjEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzEyODcwN2Y4LTNkYWUtNGM4ZC04Yzc4LTYxZjY1ZTg0YmY2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAERMtG7NmpcGHG608t8CBuMPh55I
tTlwj17aTNqS/i2wu8EJGqjqbfxc96EI5djGm3k2XUZp67DSxILzzdY8tk2gjkAz
8xmiWRjJdLLfYuNVts4SmkT72PWZoGBtaSBlYF5Ei80QraI+YzGgnccE2m6RFuWF
CvxpVsQoMiX6oZ2PhSf4bStZPsrJg7XzUQgtrRF1yo0nYV1ANmNC1Ni7Ti/jJEgW
QODrTsjIz2H9t9bxxhU8fsAyUJznSfiwvGqM3KyxW/2DVGx4ieQgxyjJDH5VFaUC
2LITBtaezbIwzA9tzg4U7uYDJcf6nWjcbjDCy9Py9qafUExtQWtZjzEUk78=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:49 2024 by rpki-client on console-ams.rpki-client.org