Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20a1de77-c0f1-4422-a8f5-05696312e377.roa
File: 20a1de77-c0f1-4422-a8f5-05696312e377.roa (raw, json)
Hash identifier: 1cILrfNYDnXBr0ICXvHLZLcxyMi2HE+ABJY51JVmVoU=
Subject key identifier: 8F:B1:FC:3D:8B:6F:12:71:56:39:10:FA:F2:60:55:74:CD:DE:28:B8
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0D31710DA409ABAD59B40B892291278B1B0ECE2C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20a1de77-c0f1-4422-a8f5-05696312e377.roa
Signing time: Thu 30 Nov 2023 00:00:00 +0000
ROA not before: Thu 30 Nov 2023 00:00:00 +0000
ROA not after: Thu 04 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:31:71:0d:a4:09:ab:ad:59:b4:0b:89:22:91:27:8b:1b:0e:ce:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 30 00:00:00 2023 GMT
Not After : Jan 4 23:59:59 2024 GMT
Subject: serialNumber=66d325654e90f9f51585dba1841a9a7110457f1333c87829b64e96343224d42f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:da:70:0e:4e:f6:99:c6:62:35:19:d6:5c:80:
fe:3a:da:ca:00:03:ae:69:e9:43:57:f6:d2:7b:09:
9e:de:d6:c9:91:13:6f:15:17:c8:35:86:7f:90:9d:
d9:94:8e:b3:b5:18:91:84:de:5d:1e:0b:f5:dc:ea:
64:6e:ed:c1:89:a1:75:84:3f:32:30:d3:1f:4e:53:
94:0b:8e:d5:51:46:37:ed:ed:e0:48:75:29:6d:01:
37:be:bb:6b:55:63:d0:c1:1f:62:77:83:81:74:d8:
a7:36:20:73:73:98:94:ae:55:bb:cd:96:a7:3a:ff:
68:86:30:18:66:93:d2:04:d6:74:dd:09:52:b9:11:
b6:f4:44:df:de:60:fc:52:81:f8:a0:55:2b:f8:14:
f3:29:a9:75:c1:be:93:fa:02:11:14:11:c6:c8:98:
51:a9:bf:2a:68:1b:24:b7:cb:ab:cc:db:8b:29:5e:
04:c2:b4:e5:73:12:10:d6:75:72:40:c2:98:99:e1:
61:e1:f9:92:5e:fe:61:c1:45:83:9e:62:de:ac:40:
2d:8d:b7:93:ff:a6:eb:27:a2:55:15:77:7d:71:e2:
90:95:eb:90:82:27:3a:7e:2a:23:85:8a:aa:3f:05:
7d:93:2e:f8:6e:73:b7:2b:78:f6:bc:52:e1:10:00:
4b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B1:FC:3D:8B:6F:12:71:56:39:10:FA:F2:60:55:74:CD:DE:28:B8
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/20a1de77-c0f1-4422-a8f5-05696312e377.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:04:16:86:a3:79:9f:2f:02:d0:c8:8c:0b:b5:23:99:80:bc:
ef:f2:4a:aa:83:35:94:f6:46:c9:c1:73:1f:a2:bb:80:b1:f9:
f4:c8:75:aa:7c:db:dc:9f:b7:71:04:b6:a7:a1:5b:99:06:56:
d0:05:85:76:c5:2c:84:b2:68:f7:05:8e:b6:51:59:3c:15:f0:
56:7d:61:60:24:76:95:d5:df:a9:70:54:49:2f:b9:e4:04:4a:
5f:c0:54:1e:cd:36:13:ad:a1:e7:6e:8a:92:4f:f6:36:e0:06:
ea:90:c6:85:12:ee:9e:68:a1:ef:91:e9:f2:66:30:5b:bc:b3:
11:65:ae:2e:f2:31:6c:cc:66:5f:f1:02:19:10:5d:00:42:95:
2e:3d:93:e1:6c:8d:c3:4f:86:c9:2c:b4:11:20:cb:c5:ba:47:
c8:6a:b4:d2:c7:6c:53:b3:0a:38:a4:6c:00:c1:c5:22:c7:75:
76:93:25:19:50:c6:71:7d:13:df:a1:34:46:fe:7f:2c:75:52:
2e:79:ea:48:90:10:9f:f7:a9:67:a6:d8:a7:9f:a7:85:59:ca:
a9:76:32:00:07:65:28:cc:62:4c:f4:23:f1:55:a9:07:89:e0:
3c:71:83:98:3c:ca:fb:b4:fe:4c:43:08:4e:26:fc:b6:94:59:
d7:52:f4:4c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDTFxDaQJq61ZtAuJIpEnixsOziwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTMwMDAwMDAwWhcNMjQwMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NmQzMjU2NTRlOTBmOWY1MTU4NWRiYTE4NDFhOWE3MTEw
NDU3ZjEzMzNjODc4MjliNjRlOTYzNDMyMjRkNDJmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO2nAOTvaZxmI1GdZcgP462soAA65p6UNX9tJ7CZ7e1smR
E28VF8g1hn+QndmUjrO1GJGE3l0eC/Xc6mRu7cGJoXWEPzIw0x9OU5QLjtVRRjft
7eBIdSltATe+u2tVY9DBH2J3g4F02Kc2IHNzmJSuVbvNlqc6/2iGMBhmk9IE1nTd
CVK5Ebb0RN/eYPxSgfigVSv4FPMpqXXBvpP6AhEUEcbImFGpvypoGyS3y6vM24sp
XgTCtOVzEhDWdXJAwpiZ4WHh+ZJe/mHBRYOeYt6sQC2Nt5P/pusnolUVd31x4pCV
65CCJzp+KiOFiqo/BX2TLvhuc7crePa8UuEQAEuJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUj7H8PYtvEnFWORD68mBVdM3eKLgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIwYTFkZTc3LWMwZjEtNDQyMi1hOGY1LTA1Njk2MzEyZTM3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKkEFoajeZ8vAtDIjAu1I5mAvO/y
SqqDNZT2RsnBcx+iu4Cx+fTIdap829yft3EEtqehW5kGVtAFhXbFLISyaPcFjrZR
WTwV8FZ9YWAkdpXV36lwVEkvueQESl/AVB7NNhOtoeduipJP9jbgBuqQxoUS7p5o
oe+R6fJmMFu8sxFlri7yMWzMZl/xAhkQXQBClS49k+FsjcNPhskstBEgy8W6R8hq
tNLHbFOzCjikbADBxSLHdXaTJRlQxnF9E9+hNEb+fyx1Ui556kiQEJ/3qWem2Kef
p4VZyql2MgAHZSjMYkz0I/FVqQeJ4Dxxg5g8yvu0/kxDCE4m/LaUWddS9Ew=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:55 2024 by rpki-client on console-ams.rpki-client.org