Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/305895aa-e718-4d9e-9958-6aacf4d8edff.roa
File: 305895aa-e718-4d9e-9958-6aacf4d8edff.roa (raw, json)
Hash identifier: BLDfttznRekWJYJkuYnB50+P28rTmhfEfT7wfiNKQSE=
Subject key identifier: 3C:8D:18:B8:CC:7A:2E:B2:A6:83:C3:69:97:E6:83:C4:92:5C:76:11
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3317AD7D805CC0346DE1FE2A342C08439B707C9D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/305895aa-e718-4d9e-9958-6aacf4d8edff.roa
Signing time: Sat 06 Jan 2024 00:00:00 +0000
ROA not before: Sat 06 Jan 2024 00:00:00 +0000
ROA not after: Sat 10 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:17:ad:7d:80:5c:c0:34:6d:e1:fe:2a:34:2c:08:43:9b:70:7c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 6 00:00:00 2024 GMT
Not After : Feb 10 23:59:59 2024 GMT
Subject: serialNumber=a011f8655e551d5c5dd12d893f97564529f57f48346753607b85178d3a7bde55, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:97:2d:23:55:ca:95:be:49:a3:84:6c:c2:43:
35:85:cf:60:72:9d:ed:e1:46:bf:65:2d:96:3a:9e:
15:bd:81:2a:21:da:84:c0:ad:62:f4:99:48:f2:aa:
11:e1:c1:ad:9e:a6:21:4a:4a:60:79:86:c8:f4:ad:
a2:4d:11:b4:06:37:75:99:f9:ba:1c:38:ea:7f:f8:
59:06:45:3e:44:5b:1c:6a:fa:33:15:8f:91:e5:d1:
9c:8a:e3:41:50:aa:fe:9b:e2:ed:a1:b2:4d:50:78:
07:f2:21:89:62:7f:c0:05:9b:e8:8a:ef:81:df:5b:
98:c5:0b:61:7b:de:0a:26:9c:13:ab:8c:69:3f:7a:
d5:a1:f5:cf:87:a8:b1:c5:c5:c8:22:a2:f8:45:b3:
6d:aa:29:69:33:0f:31:6d:33:04:2e:e3:f3:74:b2:
25:92:ed:cf:30:2e:12:46:99:1e:9a:e0:36:ef:bb:
a2:b0:6c:0c:7e:32:4f:84:89:3d:54:2e:70:56:08:
61:84:b8:82:0c:76:16:19:27:bf:fa:02:5b:73:09:
61:96:85:28:9e:3e:fe:23:af:d2:27:be:32:ec:e1:
ea:bc:31:1c:5e:8e:30:7b:27:08:5c:34:c0:0a:b4:
47:f9:f0:b9:e8:38:21:5e:a4:3a:1e:31:89:18:f0:
78:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8D:18:B8:CC:7A:2E:B2:A6:83:C3:69:97:E6:83:C4:92:5C:76:11
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/305895aa-e718-4d9e-9958-6aacf4d8edff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ea:f7:0b:4e:89:b9:9d:36:d5:4a:a0:ba:93:ae:c1:4b:a1:
fc:37:aa:b6:60:54:47:bf:5c:48:38:c4:4c:92:1d:60:9a:e0:
4f:56:17:fa:fa:52:68:ba:70:1b:9c:51:11:58:29:1b:f3:27:
9e:2f:d8:8c:d3:ec:4c:5b:b1:d6:17:8a:2a:1f:f0:bf:da:6a:
f3:64:56:d0:78:d5:ee:82:5a:9a:34:e0:8c:0f:a1:05:f5:c2:
ec:4b:4f:69:b7:76:f2:4c:84:61:18:8d:33:f3:65:b1:73:97:
98:b3:a8:33:c4:11:35:7f:22:bc:32:cd:b5:b3:34:08:61:02:
51:66:7c:81:08:0c:66:d7:bc:94:60:df:88:98:3d:06:86:85:
17:ae:18:e5:c2:2b:a0:81:13:8d:27:65:af:92:f6:d7:8e:72:
20:d1:5b:2e:7f:dc:a6:89:53:c6:fb:97:89:05:37:18:b6:db:
ea:15:a3:30:c6:fe:6e:c7:9c:32:bc:09:44:68:26:d0:01:b6:
1e:ee:21:f7:47:ad:76:75:ae:97:d8:78:fd:da:6e:1f:d8:a9:
ee:68:f7:fd:db:ce:d1:97:fb:fa:39:4a:3f:8a:d5:00:fe:41:
c9:cd:c0:35:08:aa:e9:77:4a:e9:b7:b1:ce:21:22:5e:bd:6f:
b4:b8:0e:5f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMxetfYBcwDRt4f4qNCwIQ5twfJ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTA2MDAwMDAwWhcNMjQwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDExZjg2NTVlNTUxZDVjNWRkMTJkODkzZjk3NTY0NTI5
ZjU3ZjQ4MzQ2NzUzNjA3Yjg1MTc4ZDNhN2JkZTU1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVly0jVcqVvkmjhGzCQzWFz2Byne3hRr9lLZY6nhW9gSoh
2oTArWL0mUjyqhHhwa2epiFKSmB5hsj0raJNEbQGN3WZ+bocOOp/+FkGRT5EWxxq
+jMVj5Hl0ZyK40FQqv6b4u2hsk1QeAfyIYlif8AFm+iK74HfW5jFC2F73gomnBOr
jGk/etWh9c+HqLHFxcgiovhFs22qKWkzDzFtMwQu4/N0siWS7c8wLhJGmR6a4Dbv
u6KwbAx+Mk+EiT1ULnBWCGGEuIIMdhYZJ7/6AltzCWGWhSiePv4jr9InvjLs4eq8
MRxejjB7JwhcNMAKtEf58LnoOCFepDoeMYkY8HghAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPI0YuMx6LrKmg8Npl+aDxJJcdhEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMwNTg5NWFhLWU3MTgtNGQ5ZS05OTU4LTZhYWNmNGQ4ZWRmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEHq9wtOibmdNtVKoLqTrsFLofw3
qrZgVEe/XEg4xEySHWCa4E9WF/r6Umi6cBucURFYKRvzJ54v2IzT7ExbsdYXiiof
8L/aavNkVtB41e6CWpo04IwPoQX1wuxLT2m3dvJMhGEYjTPzZbFzl5izqDPEETV/
IrwyzbWzNAhhAlFmfIEIDGbXvJRg34iYPQaGhReuGOXCK6CBE40nZa+S9teOciDR
Wy5/3KaJU8b7l4kFNxi22+oVozDG/m7HnDK8CURoJtABth7uIfdHrXZ1rpfYeP3a
bh/Yqe5o9/3bztGX+/o5Sj+K1QD+QcnNwDUIqul3Sum3sc4hIl69b7S4Dl8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:59 2024 by rpki-client on console-ams.rpki-client.org