Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/33198722-737f-4801-a978-820cb7553a94.roa
File: 33198722-737f-4801-a978-820cb7553a94.roa (raw, json)
Hash identifier: oUf4d7pgLELX5fXQXqfvE1Jh8Q+USkUixGD93Z+pL9Q=
Subject key identifier: 1A:B0:65:66:DE:0D:3D:64:84:29:A4:10:BE:EF:3A:DF:EB:2E:F3:1E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 7ECE0EEF06C811D04804675668A7DC01C133BC35
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/33198722-737f-4801-a978-820cb7553a94.roa
Signing time: Thu 06 Jul 2023 00:00:00 +0000
ROA not before: Thu 06 Jul 2023 00:00:00 +0000
ROA not after: Thu 10 Aug 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ce:0e:ef:06:c8:11:d0:48:04:67:56:68:a7:dc:01:c1:33:bc:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 6 00:00:00 2023 GMT
Not After : Aug 10 23:59:59 2023 GMT
Subject: serialNumber=67b5cbf0d638fe40887a6988e60cd1425ac54d2a373c22e007d89d85fefc3124, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:d6:49:a2:0b:f5:38:0c:99:dd:96:0e:06:
24:a9:94:07:96:5b:a5:a6:ce:5e:a3:ba:f1:4d:66:
c4:ff:49:7a:8f:66:af:ef:01:70:80:43:cb:32:e4:
2b:0c:c8:a5:8c:f9:e5:2d:b0:54:e4:3c:d1:33:bc:
e1:67:e4:9f:97:47:6f:bf:b5:5c:63:91:dc:8b:53:
5d:8e:bc:ad:2b:b9:42:0e:7d:69:9d:26:4e:5b:45:
7a:a5:a2:0b:09:33:24:bb:6d:c9:ba:f2:da:f9:a0:
f3:50:bc:7e:e9:62:eb:b3:d2:a3:21:9e:9e:5f:eb:
03:b5:e7:65:34:ab:08:21:9e:a0:43:0f:93:72:69:
17:37:2a:f1:a8:fb:d0:7f:52:18:f6:95:75:38:b8:
f4:13:c1:47:79:02:ab:25:d6:6d:ff:7f:ff:e9:df:
64:66:53:01:03:32:c3:3b:e5:42:90:67:38:2e:d9:
c1:1a:81:90:af:ed:64:80:e4:d8:fc:a9:28:31:d2:
e0:72:2c:94:50:17:60:b5:39:39:d1:cd:4d:ec:58:
68:3b:42:07:fc:bc:1a:8f:7d:9b:c7:2b:c8:b0:a0:
78:c0:9f:80:5a:38:bb:d2:b2:f2:a7:e2:98:e2:be:
e3:7a:fe:21:92:c1:d9:ea:f2:e9:de:45:b0:e9:f9:
d8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B0:65:66:DE:0D:3D:64:84:29:A4:10:BE:EF:3A:DF:EB:2E:F3:1E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/33198722-737f-4801-a978-820cb7553a94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:1a:9a:9d:de:76:5f:15:ef:74:28:8b:ad:6c:03:d9:3a:77:
b5:eb:e7:a8:39:ea:76:70:6c:98:2b:53:ce:49:5f:01:95:fb:
00:7b:8f:ce:7a:ef:fe:a6:84:d6:75:48:97:ee:b9:8c:00:d4:
43:f1:71:8c:a1:bd:6d:32:74:98:a5:22:73:7d:5d:50:04:6c:
b4:b1:2c:a7:eb:80:ca:19:10:b0:b2:ce:70:35:d0:36:7d:8a:
bf:f9:2f:6b:92:05:d5:e5:c0:ce:89:b1:a7:8e:f0:84:db:e3:
2a:ee:81:e2:ff:fc:98:de:a9:36:f8:60:06:c0:5d:55:91:ba:
29:8b:21:17:d6:0f:02:10:bd:64:0e:90:05:1b:50:1b:e8:5d:
ae:1a:1d:c3:d9:12:e1:ca:44:02:0c:74:7a:6c:d7:1a:ac:83:
ac:34:6b:43:74:42:49:d3:22:dd:bd:89:c5:7a:d2:8c:f6:56:
3a:e5:3e:94:84:ac:f4:6a:76:4b:3f:38:3d:78:79:93:01:18:
5d:68:ab:60:41:a3:10:7a:da:f4:df:ba:6a:2b:99:82:a7:1f:
a6:21:10:30:7f:3f:96:24:10:f8:2b:5f:da:e7:3a:9e:da:06:
ba:61:72:7c:6c:b8:dc:56:dd:de:2f:9d:cb:b9:6e:f3:bd:7d:
9b:c2:f9:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfs4O7wbIEdBIBGdWaKfcAcEzvDUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzA2MDAwMDAwWhcNMjMwODEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2N2I1Y2JmMGQ2MzhmZTQwODg3YTY5ODhlNjBjZDE0MjVh
YzU0ZDJhMzczYzIyZTAwN2Q4OWQ4NWZlZmMzMTI0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaXtZJogv1OAyZ3ZYOBiSplAeWW6Wmzl6juvFNZsT/SXqP
Zq/vAXCAQ8sy5CsMyKWM+eUtsFTkPNEzvOFn5J+XR2+/tVxjkdyLU12OvK0ruUIO
fWmdJk5bRXqlogsJMyS7bcm68tr5oPNQvH7pYuuz0qMhnp5f6wO152U0qwghnqBD
D5NyaRc3KvGo+9B/Uhj2lXU4uPQTwUd5Aqsl1m3/f//p32RmUwEDMsM75UKQZzgu
2cEagZCv7WSA5Nj8qSgx0uByLJRQF2C1OTnRzU3sWGg7Qgf8vBqPfZvHK8iwoHjA
n4BaOLvSsvKn4pjivuN6/iGSwdnq8uneRbDp+djRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGrBlZt4NPWSEKaQQvu863+su8x4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMzMTk4NzIyLTczN2YtNDgwMS1hOTc4LTgyMGNiNzU1M2E5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJwamp3edl8V73Qoi61sA9k6d7Xr
56g56nZwbJgrU85JXwGV+wB7j8567/6mhNZ1SJfuuYwA1EPxcYyhvW0ydJilInN9
XVAEbLSxLKfrgMoZELCyznA10DZ9ir/5L2uSBdXlwM6JsaeO8ITb4yrugeL//Jje
qTb4YAbAXVWRuimLIRfWDwIQvWQOkAUbUBvoXa4aHcPZEuHKRAIMdHps1xqsg6w0
a0N0QknTIt29icV60oz2VjrlPpSErPRqdks/OD14eZMBGF1oq2BBoxB62vTfumor
mYKnH6YhEDB/P5YkEPgrX9rnOp7aBrphcnxsuNxW3d4vncu5bvO9fZvC+WQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:59 2024 by rpki-client on console-ams.rpki-client.org