Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3e60052e-20fd-4464-8795-d22c03351f41.roa
File: 3e60052e-20fd-4464-8795-d22c03351f41.roa (raw, json)
Hash identifier: XLqGsQCFKs2AZabY8mkh65nAEmoEgyeMYRYIGXgavV4=
Subject key identifier: 55:09:C1:8B:B2:70:93:24:32:0D:42:42:CC:3F:10:73:9D:83:58:A4
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 23C917C7D28D0DE7571247F041AC7BDB259C313B
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3e60052e-20fd-4464-8795-d22c03351f41.roa
Signing time: Sat 02 Mar 2024 00:00:00 +0000
ROA not before: Sat 02 Mar 2024 00:00:00 +0000
ROA not after: Sat 06 Apr 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:c9:17:c7:d2:8d:0d:e7:57:12:47:f0:41:ac:7b:db:25:9c:31:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 2 00:00:00 2024 GMT
Not After : Apr 6 23:59:59 2024 GMT
Subject: serialNumber=e6f1530dc21b5f1ab378db75f7ab4f96d5b3e3f04df6a9a7694ef4cf220fb685, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3e:12:80:8d:53:66:8a:2f:79:64:90:1e:b9:
42:15:de:f1:d8:fe:3a:e4:09:b3:a5:bf:c1:d4:63:
35:ba:e7:97:ae:28:50:db:18:c0:f8:60:41:3a:cb:
ac:88:8e:89:26:e6:f3:97:f1:29:66:f7:ce:66:61:
46:c4:37:23:e2:ab:8d:8d:8e:80:be:da:ad:57:bf:
f9:25:93:62:21:e1:b4:a8:23:5c:ed:24:a3:71:35:
27:21:75:fb:79:6b:a8:1d:aa:92:e0:ae:90:bf:dd:
39:84:ca:ce:92:ab:d2:46:8b:5b:2f:1f:93:cd:17:
77:7b:f5:04:a2:1b:aa:51:a4:ed:99:da:05:98:94:
ea:7d:ef:72:9d:bf:4f:d3:38:b6:6e:b1:52:a0:d7:
ec:53:c8:b5:da:5e:8c:f9:7f:a3:3b:24:b4:ea:f5:
2a:31:b1:dc:80:33:2e:fc:8e:0a:7e:08:c4:28:54:
99:0a:c6:03:f3:b0:5e:ab:88:48:a8:21:31:20:a4:
60:06:08:5b:e8:44:d7:3f:c3:97:e0:0f:91:b1:2f:
39:ab:34:47:01:e6:b1:76:fd:55:f5:a3:56:41:cf:
ca:f3:56:bc:87:33:3b:f5:50:2b:57:f7:68:a4:9e:
7b:af:fb:45:d9:f1:97:4e:1e:6f:46:cc:f7:9e:5f:
f6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:09:C1:8B:B2:70:93:24:32:0D:42:42:CC:3F:10:73:9D:83:58:A4
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3e60052e-20fd-4464-8795-d22c03351f41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
61:99:bc:6d:fe:7f:71:18:7d:4c:80:3b:89:d2:4c:60:65:b7:
06:e4:a5:04:6d:fa:dc:23:99:e8:3d:df:f3:e5:f2:72:7f:b8:
5f:5b:1b:aa:8f:69:7c:f2:17:8d:81:e8:23:ed:95:cb:89:c7:
c4:58:07:36:f8:e5:c9:39:30:82:54:8f:49:47:1c:69:a7:9d:
c2:e0:44:a8:89:03:d8:47:dd:60:15:4a:6a:ba:5d:14:0d:b0:
cd:8e:30:eb:1e:99:3b:6c:c3:dd:16:3a:95:f5:2c:99:99:b2:
4d:97:b9:4e:c5:af:5b:a6:fd:8b:a2:e8:96:5e:75:21:d7:2c:
1a:a3:d1:e2:9d:ba:59:9d:9b:6b:69:f5:61:19:90:26:a9:53:
49:f5:13:0f:db:c3:5c:07:2e:51:53:ca:8f:84:a0:1b:9f:cc:
99:da:e6:0d:50:9b:9d:50:24:89:2f:4e:27:6c:e3:d8:a5:f3:
7f:f0:67:27:88:1b:2b:0a:97:52:b7:65:a1:98:02:e2:d2:15:
c5:fa:ff:42:20:9b:eb:3c:87:66:f1:4a:e6:e8:8f:1f:71:da:
98:2e:6e:da:90:bc:cb:07:24:cf:02:68:cb:7a:b4:c9:e0:f4:
a9:35:50:58:1f:e2:7e:e9:e8:28:c1:0e:0f:5a:ed:e8:c3:f6:
39:8d:07:11
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI8kXx9KNDedXEkfwQax72yWcMTswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzAyMDAwMDAwWhcNMjQwNDA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNmYxNTMwZGMyMWI1ZjFhYjM3OGRiNzVmN2FiNGY5NmQ1
YjNlM2YwNGRmNmE5YTc2OTRlZjRjZjIyMGZiNjg1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmPhKAjVNmii95ZJAeuUIV3vHY/jrkCbOlv8HUYzW655eu
KFDbGMD4YEE6y6yIjokm5vOX8Slm985mYUbENyPiq42NjoC+2q1Xv/klk2Ih4bSo
I1ztJKNxNSchdft5a6gdqpLgrpC/3TmEys6Sq9JGi1svH5PNF3d79QSiG6pRpO2Z
2gWYlOp973Kdv0/TOLZusVKg1+xTyLXaXoz5f6M7JLTq9SoxsdyAMy78jgp+CMQo
VJkKxgPzsF6riEioITEgpGAGCFvoRNc/w5fgD5GxLzmrNEcB5rF2/VX1o1ZBz8rz
VryHMzv1UCtX92iknnuv+0XZ8ZdOHm9GzPeeX/YhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVQnBi7JwkyQyDUJCzD8Qc52DWKQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNlNjAwNTJlLTIwZmQtNDQ2NC04Nzk1LWQyMmMwMzM1MWY0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGGZvG3+f3EYfUyAO4nSTGBltwbk
pQRt+twjmeg93/Pl8nJ/uF9bG6qPaXzyF42B6CPtlcuJx8RYBzb45ck5MIJUj0lH
HGmnncLgRKiJA9hH3WAVSmq6XRQNsM2OMOsemTtsw90WOpX1LJmZsk2XuU7Fr1um
/Yui6JZedSHXLBqj0eKdulmdm2tp9WEZkCapU0n1Ew/bw1wHLlFTyo+EoBufzJna
5g1Qm51QJIkvTids49il83/wZyeIGysKl1K3ZaGYAuLSFcX6/0Igm+s8h2bxSubo
jx9x2pgubtqQvMsHJM8CaMt6tMng9Kk1UFgf4n7p6CjBDg9a7ejD9jmNBxE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:18 2024 by rpki-client on console-fra.rpki-client.org