Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/26509c44-7cbb-49e2-b3b4-51cd398c81e5.roa
File: 26509c44-7cbb-49e2-b3b4-51cd398c81e5.roa (raw, json)
Hash identifier: OSmJa7gAoA6yC8heMavf2WeHGXewKiVcAS4ujdfpq28=
Subject key identifier: E5:14:C1:C9:7A:0C:9D:25:F1:F3:78:96:D3:6A:A3:84:F6:E0:33:94
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 068DE7214F721FE9FEC71FD6ED23A143A9A68547
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/26509c44-7cbb-49e2-b3b4-51cd398c81e5.roa
Signing time: Fri 08 Dec 2023 00:00:00 +0000
ROA not before: Fri 08 Dec 2023 00:00:00 +0000
ROA not after: Fri 12 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:8d:e7:21:4f:72:1f:e9:fe:c7:1f:d6:ed:23:a1:43:a9:a6:85:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 8 00:00:00 2023 GMT
Not After : Jan 12 23:59:59 2024 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cf:9b:c7:6d:f0:d2:8b:34:db:29:d8:94:09:
2c:40:8d:10:d1:6e:34:84:8b:a9:03:01:82:53:9b:
88:4d:0c:d0:9a:5d:41:68:13:03:2a:1b:cf:38:4f:
92:59:3a:89:df:6b:75:0d:16:db:2d:f6:10:a0:e1:
83:e4:60:98:62:5d:e6:4e:0d:e3:81:35:f6:16:0c:
4c:85:78:4e:3a:1e:9d:c0:64:d9:2e:9a:71:21:83:
5c:b0:31:77:cd:e9:92:74:20:f4:54:98:8a:87:18:
d0:c3:59:cf:5e:9b:5f:d1:32:ad:48:25:4f:79:40:
ac:e8:49:9c:f3:ef:0d:7b:1a:11:76:90:2d:aa:0d:
99:20:d1:98:95:15:0a:8d:ac:4c:92:82:0d:42:c7:
af:1f:b4:8d:9f:45:ec:82:12:99:d7:6d:2b:02:ee:
e1:e7:37:3e:d7:a6:82:77:8a:ba:1e:ba:33:35:d6:
63:79:aa:57:28:64:5e:67:5f:f9:d7:5e:48:2e:1e:
ff:77:cb:f1:d6:b5:67:dd:43:fb:53:2e:7c:7f:0b:
04:25:f7:1e:04:49:df:0b:0b:c1:59:16:de:29:87:
63:1c:a7:a3:02:92:81:08:23:fd:66:3b:66:99:f6:
ad:86:3c:ea:ce:4e:a6:91:e5:5d:83:7c:a5:5f:77:
d7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:14:C1:C9:7A:0C:9D:25:F1:F3:78:96:D3:6A:A3:84:F6:E0:33:94
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/26509c44-7cbb-49e2-b3b4-51cd398c81e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:53:9b:df:32:07:b4:ea:e6:f4:23:ad:f2:4b:17:f5:52:7c:
68:04:87:0a:0b:c5:c5:b7:a9:6a:bc:be:3f:f3:9c:8a:97:87:
09:cd:c1:ef:4a:ce:f4:5e:d1:2b:b5:01:23:9a:42:14:05:c6:
59:db:b7:5f:7b:e9:ac:60:0b:14:da:d4:8a:8c:6e:5a:f2:7f:
5d:0f:bf:50:63:ee:c3:c2:fa:ca:99:81:de:61:3c:2d:f6:5f:
6b:fa:8c:61:2b:fc:b5:77:13:86:7a:0b:c5:7f:df:15:f8:f5:
2f:53:25:b3:63:4a:b5:d1:96:b5:ff:52:79:0f:67:36:fb:6a:
85:66:1e:ed:e0:13:b7:07:df:27:9c:5b:a5:10:f5:6e:09:6f:
86:36:c4:63:2b:99:93:94:da:45:54:cd:4a:a9:e9:48:51:cd:
f2:59:b9:c0:dc:f0:33:f0:68:e5:ef:0c:42:56:fe:73:db:ac:
2e:95:d7:70:36:5f:48:72:66:52:c9:4c:5c:9b:14:d8:05:b9:
0d:70:b4:a4:57:ba:86:18:36:aa:b4:04:ad:b3:0a:0c:2c:44:
17:99:04:47:71:74:20:c9:98:b7:98:e7:92:95:68:2a:c7:c7:
21:49:e6:81:49:ac:5d:7c:7d:dc:89:d0:33:7e:06:d0:c5:47:
80:d5:eb:47
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBo3nIU9yH+n+xx/W7SOhQ6mmhUcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjA4MDAwMDAwWhcNMjQwMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMmM5NDM2MWQ1NjAyYTVlNDViOGJmM2FjNzEyZDIxMDIz
ZDcwNTkyZGNjNDdlMjVmYTAwOWIzMjgzODIxYmI3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPz5vHbfDSizTbKdiUCSxAjRDRbjSEi6kDAYJTm4hNDNCa
XUFoEwMqG884T5JZOonfa3UNFtst9hCg4YPkYJhiXeZODeOBNfYWDEyFeE46Hp3A
ZNkumnEhg1ywMXfN6ZJ0IPRUmIqHGNDDWc9em1/RMq1IJU95QKzoSZzz7w17GhF2
kC2qDZkg0ZiVFQqNrEySgg1Cx68ftI2fReyCEpnXbSsC7uHnNz7XpoJ3iroeujM1
1mN5qlcoZF5nX/nXXkguHv93y/HWtWfdQ/tTLnx/CwQl9x4ESd8LC8FZFt4ph2Mc
p6MCkoEII/1mO2aZ9q2GPOrOTqaR5V2DfKVfd9ePAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5RTByXoMnSXx83iW02qjhPbgM5QwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI2NTA5YzQ0LTdjYmItNDllMi1iM2I0LTUxY2QzOThjODFlNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAC5Tm98yB7Tq5vQjrfJLF/VSfGgE
hwoLxcW3qWq8vj/znIqXhwnNwe9KzvRe0Su1ASOaQhQFxlnbt1976axgCxTa1IqM
blryf10Pv1Bj7sPC+sqZgd5hPC32X2v6jGEr/LV3E4Z6C8V/3xX49S9TJbNjSrXR
lrX/UnkPZzb7aoVmHu3gE7cH3yecW6UQ9W4Jb4Y2xGMrmZOU2kVUzUqp6UhRzfJZ
ucDc8DPwaOXvDEJW/nPbrC6V13A2X0hyZlLJTFybFNgFuQ1wtKRXuoYYNqq0BK2z
CgwsRBeZBEdxdCDJmLeY55KVaCrHxyFJ5oFJrF18fdyJ0DN+BtDFR4DV60c=
-----END CERTIFICATE-----
Generated at Tue Feb 18 07:10:21 2025 by rpki-client