Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/19df3566-1432-4973-8b03-b96d3ba01f3a.roa
File: 19df3566-1432-4973-8b03-b96d3ba01f3a.roa (raw, json)
Hash identifier: sfdNJp2uevnkolQDSxXrJpe6m2acisgYZgf7okZzACQ=
Subject key identifier: 29:73:3E:20:23:6D:85:B4:F6:4C:C3:2F:35:16:DD:BE:B1:7A:A5:F1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 23DB83C3A24A81343926E84F64A639ECF37BF302
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/19df3566-1432-4973-8b03-b96d3ba01f3a.roa
Signing time: Sat 11 Nov 2023 00:00:00 +0000
ROA not before: Sat 11 Nov 2023 00:00:00 +0000
ROA not after: Sat 16 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:db:83:c3:a2:4a:81:34:39:26:e8:4f:64:a6:39:ec:f3:7b:f3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 11 00:00:00 2023 GMT
Not After : Dec 16 23:59:59 2023 GMT
Subject: serialNumber=9ea7e6a0f77f8ab3948a5f75575782225f515d9e85a520cbc1489091d994fd4f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:c7:63:89:ce:f9:f9:33:91:a8:de:8f:d9:
66:d4:88:33:93:08:94:52:59:cf:18:2f:ec:36:26:
d1:1e:e7:76:0f:f4:8e:7b:88:2e:d5:2c:f1:bf:5a:
ae:85:60:0b:cb:94:45:49:0b:8d:a2:bc:ec:be:ec:
8c:70:7a:f6:e1:34:a8:68:ba:00:9c:d6:d9:e4:c7:
8e:c0:45:3f:f6:60:b1:60:9f:10:19:81:f7:5e:30:
ed:24:0d:e2:09:51:3f:c8:a5:6d:55:34:1a:01:74:
05:f8:01:3a:c2:cf:45:e6:1d:86:e5:16:48:f9:e5:
94:a9:ec:a4:fd:41:63:fb:94:17:da:83:a1:bc:e1:
a8:27:dc:d8:2c:fd:70:9c:20:79:1b:a0:43:06:20:
80:15:25:01:40:c0:f2:4a:58:ed:d1:1c:6a:e9:b3:
d6:64:0b:30:8f:cf:4c:f4:d3:90:cc:79:61:e5:55:
90:a1:13:cc:11:c3:20:cd:e4:59:ac:c0:8a:37:a8:
e0:fe:a3:f2:b0:95:12:7a:d0:68:a7:b4:f5:61:d0:
92:e2:16:2d:aa:83:86:fe:3e:67:c4:38:6a:7a:1a:
9d:bb:bb:3f:b9:63:56:1c:9c:c5:03:8b:cf:1d:26:
ed:c2:24:5a:f4:34:6d:26:02:10:3b:b5:df:c8:e6:
e8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:73:3E:20:23:6D:85:B4:F6:4C:C3:2F:35:16:DD:BE:B1:7A:A5:F1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/19df3566-1432-4973-8b03-b96d3ba01f3a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:a6:6a:fe:98:05:f4:b4:d2:31:a5:b9:c8:1a:91:e8:fe:26:
bf:17:e5:50:f2:1e:6e:4a:52:e4:d6:05:31:1f:2a:0f:96:1f:
6f:25:a5:20:a7:69:b9:ca:f0:6d:83:74:78:38:4a:1c:b7:b3:
dc:33:8e:e3:c1:79:66:38:30:ae:9a:8b:d9:de:dc:5d:6b:ba:
db:d5:89:3d:87:d6:fb:aa:80:95:95:aa:e9:d0:0b:80:9f:df:
e7:f1:90:a9:39:69:35:bb:ed:99:2d:ca:a4:7b:ef:61:21:ce:
51:f3:af:7f:ba:75:5b:71:dc:56:8b:75:4d:eb:01:3e:15:36:
96:75:55:c1:b8:78:28:ef:07:56:c9:ce:60:23:ed:8b:70:c5:
74:82:b8:85:2c:a2:fe:46:3d:55:fe:a3:07:c0:c9:e4:93:3d:
4e:79:66:21:ce:e3:a8:46:31:c0:cf:33:fe:17:c5:49:a8:23:
ef:83:8d:ea:fc:3a:c0:3e:23:fb:e8:e7:32:46:99:91:01:d0:
21:7c:9f:8f:5d:24:de:b9:cb:92:0c:93:83:7a:9b:71:2d:3b:
c1:3f:a9:63:37:ae:3a:c6:8e:9e:40:5f:93:5e:5a:4d:27:10:
d4:55:08:4d:41:77:d8:aa:34:00:24:25:82:6a:13:03:15:0d:
91:05:8e:4e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI9uDw6JKgTQ5JuhPZKY57PN78wIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTExMDAwMDAwWhcNMjMxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZWE3ZTZhMGY3N2Y4YWIzOTQ4YTVmNzU1NzU3ODIyMjVm
NTE1ZDllODVhNTIwY2JjMTQ4OTA5MWQ5OTRmZDRmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCln8djic75+TORqN6P2WbUiDOTCJRSWc8YL+w2JtEe53YP
9I57iC7VLPG/Wq6FYAvLlEVJC42ivOy+7IxwevbhNKhougCc1tnkx47ART/2YLFg
nxAZgfdeMO0kDeIJUT/IpW1VNBoBdAX4ATrCz0XmHYblFkj55ZSp7KT9QWP7lBfa
g6G84agn3Ngs/XCcIHkboEMGIIAVJQFAwPJKWO3RHGrps9ZkCzCPz0z005DMeWHl
VZChE8wRwyDN5FmswIo3qOD+o/KwlRJ60GintPVh0JLiFi2qg4b+PmfEOGp6Gp27
uz+5Y1YcnMUDi88dJu3CJFr0NG0mAhA7td/I5ug5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKXM+ICNthbT2TMMvNRbdvrF6pfEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE5ZGYzNTY2LTE0MzItNDk3My04YjAzLWI5NmQzYmEwMWYzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADqmav6YBfS00jGlucgakej+Jr8X
5VDyHm5KUuTWBTEfKg+WH28lpSCnabnK8G2DdHg4Shy3s9wzjuPBeWY4MK6ai9ne
3F1rutvViT2H1vuqgJWVqunQC4Cf3+fxkKk5aTW77ZktyqR772EhzlHzr3+6dVtx
3FaLdU3rAT4VNpZ1VcG4eCjvB1bJzmAj7YtwxXSCuIUsov5GPVX+owfAyeSTPU55
ZiHO46hGMcDPM/4XxUmoI++Djer8OsA+I/vo5zJGmZEB0CF8n49dJN65y5IMk4N6
m3EtO8E/qWM3rjrGjp5AX5NeWk0nENRVCE1Bd9iqNAAkJYJqEwMVDZEFjk4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:50 2024 by rpki-client on console-ams.rpki-client.org