Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4afbe4cd-c33e-4f99-a290-14a81bf68184.roa
File: 4afbe4cd-c33e-4f99-a290-14a81bf68184.roa (raw, json)
Hash identifier: oBHzQzkj6pdvI9kVxJygx3t9b4qgYK2cg+nNdYStG2c=
Subject key identifier: 62:56:04:3C:61:09:DF:91:47:B3:43:EE:34:24:E2:B4:75:A8:9C:94
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: A5C8B7FA7DDCD679E311F5D378282A01A766F9
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4afbe4cd-c33e-4f99-a290-14a81bf68184.roa
Signing time: Sun 30 Jul 2023 00:00:00 +0000
ROA not before: Sun 30 Jul 2023 00:00:00 +0000
ROA not after: Sun 03 Sep 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a5:c8:b7:fa:7d:dc:d6:79:e3:11:f5:d3:78:28:2a:01:a7:66:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 30 00:00:00 2023 GMT
Not After : Sep 3 23:59:59 2023 GMT
Subject: serialNumber=984d1d2258551b992ecc477eb7635263099340bc1f86f259deb7bbb761322fdc, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cd:19:7f:a2:3a:fc:d6:03:d5:88:0d:2e:a6:
eb:08:bf:c4:03:e5:42:fd:7b:af:79:79:c0:90:67:
84:27:b5:be:51:56:e8:b4:3e:fb:45:4d:70:ca:0b:
1b:7b:ef:e4:65:1e:ac:31:f3:9a:10:a5:e7:8e:f9:
e0:3c:a0:d0:e5:2c:ac:6a:a1:4a:90:5d:fd:a6:06:
e7:db:4c:20:8e:fa:06:16:da:86:51:7b:cd:af:f2:
cd:54:70:1f:5a:64:de:16:fc:b6:1e:81:06:0f:b4:
fe:7f:04:10:be:3e:88:f5:5b:01:41:28:80:61:30:
4a:fc:23:6d:8a:7a:e0:f8:a3:c6:8c:eb:da:b0:8e:
a5:78:1f:fe:e3:20:e3:6a:0c:ff:75:24:df:4c:3b:
72:36:75:a3:56:e4:a8:47:87:26:6f:2d:40:57:29:
08:bd:43:cc:13:62:bf:52:f5:6c:d6:10:02:eb:85:
3a:e9:3b:78:9a:88:e7:79:85:7b:f4:9e:3b:cc:73:
17:d0:09:c8:7d:b1:3d:73:a7:58:64:17:0a:f0:62:
ad:e2:fe:6e:da:d1:a8:5c:4d:56:a8:df:65:27:6e:
c5:f4:6a:39:bc:4d:ee:cb:49:05:19:7f:82:1c:1f:
2f:b5:18:65:76:91:fd:7a:95:10:26:a0:2a:42:e4:
79:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:56:04:3C:61:09:DF:91:47:B3:43:EE:34:24:E2:B4:75:A8:9C:94
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4afbe4cd-c33e-4f99-a290-14a81bf68184.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:37:ee:61:b8:8b:2d:73:6b:4e:b9:a4:29:45:c3:3d:4e:db:
af:2e:2c:bb:5e:8c:be:83:31:6d:2e:8b:a1:a8:e5:69:b8:16:
f9:c0:19:e8:fb:d6:3c:05:cf:15:8d:bb:e7:d7:66:2e:d5:2e:
65:6f:52:ca:2f:e7:b9:fd:31:fa:dc:d9:d0:19:f5:ec:e4:69:
09:fb:bd:3d:a9:b5:37:d4:24:9a:61:a9:06:42:35:8a:00:69:
15:ea:d6:68:7d:41:6f:85:45:7f:8a:d2:55:1c:97:3f:0d:b9:
6b:55:02:1e:86:99:d1:3b:70:c0:92:1f:b9:95:c6:14:2f:29:
40:64:b8:39:a9:c5:5f:0c:cd:1f:ce:99:d9:95:25:9e:19:28:
ef:bf:ac:3a:da:01:f1:4b:4b:2e:d4:c5:e6:61:66:b1:27:92:
5d:c7:80:71:d9:47:d7:78:6b:da:44:63:f9:fd:3a:10:b2:9b:
61:ec:cd:e2:a5:58:6b:e6:0b:01:4b:7f:b3:59:95:dc:ac:51:
48:0c:3c:37:d3:d8:f3:99:cd:33:85:89:70:0b:a9:c3:34:a4:
7e:1c:88:e2:10:ff:c4:61:b7:a4:b2:61:26:17:56:8b:19:62:
dc:00:a5:f3:65:97:2d:98:18:6d:6f:cc:be:69:21:8f:c4:77:
b6:fc:ce:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAKXIt/p93NZ54xH103goKgGnZvkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzMwMDAwMDAwWhcNMjMwOTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODRkMWQyMjU4NTUxYjk5MmVjYzQ3N2ViNzYzNTI2MzA5
OTM0MGJjMWY4NmYyNTlkZWI3YmJiNzYxMzIyZmRjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBzRl/ojr81gPViA0upusIv8QD5UL9e695ecCQZ4Qntb5R
Vui0PvtFTXDKCxt77+RlHqwx85oQpeeO+eA8oNDlLKxqoUqQXf2mBufbTCCO+gYW
2oZRe82v8s1UcB9aZN4W/LYegQYPtP5/BBC+Poj1WwFBKIBhMEr8I22KeuD4o8aM
69qwjqV4H/7jIONqDP91JN9MO3I2daNW5KhHhyZvLUBXKQi9Q8wTYr9S9WzWEALr
hTrpO3iaiOd5hXv0njvMcxfQCch9sT1zp1hkFwrwYq3i/m7a0ahcTVao32UnbsX0
ajm8Te7LSQUZf4IcHy+1GGV2kf16lRAmoCpC5HmfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYlYEPGEJ35FHs0PuNCTitHWonJQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzRhZmJlNGNkLWMzM2UtNGY5OS1hMjkwLTE0YTgxYmY2ODE4NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJ437mG4iy1za065pClFwz1O268u
LLtejL6DMW0ui6Go5Wm4FvnAGej71jwFzxWNu+fXZi7VLmVvUsov57n9Mfrc2dAZ
9ezkaQn7vT2ptTfUJJphqQZCNYoAaRXq1mh9QW+FRX+K0lUclz8NuWtVAh6GmdE7
cMCSH7mVxhQvKUBkuDmpxV8MzR/OmdmVJZ4ZKO+/rDraAfFLSy7UxeZhZrEnkl3H
gHHZR9d4a9pEY/n9OhCym2HszeKlWGvmCwFLf7NZldysUUgMPDfT2POZzTOFiXAL
qcM0pH4ciOIQ/8Rht6SyYSYXVosZYtwApfNlly2YGG1vzL5pIY/Ed7b8zuE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:09 2024 by rpki-client on console-ams.rpki-client.org