Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5195a33a-b061-40d0-9684-afc9a3f2804b.roa
File: 5195a33a-b061-40d0-9684-afc9a3f2804b.roa (raw, json)
Hash identifier: n/MIbOFGlkaqgfONLP1Zu6dIUjMRray8lriLzb7zsWE=
Subject key identifier: E0:F7:B7:BA:1F:4B:31:7C:44:2A:B2:87:D3:2A:35:05:A7:B4:2A:1A
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2DC8E880AF08AE973033FFD96FCF66648EBEC554
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5195a33a-b061-40d0-9684-afc9a3f2804b.roa
Signing time: Sun 20 Aug 2023 00:00:00 +0000
ROA not before: Sun 20 Aug 2023 00:00:00 +0000
ROA not after: Sun 24 Sep 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:c8:e8:80:af:08:ae:97:30:33:ff:d9:6f:cf:66:64:8e:be:c5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Aug 20 00:00:00 2023 GMT
Not After : Sep 24 23:59:59 2023 GMT
Subject: serialNumber=48ba15c2dc0a81b4414e02cd42b37ccaacac694d1b0d1325de417e86ec926162, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9d:36:4e:bb:6e:f3:06:ea:ef:98:e0:ba:8a:
55:4f:0f:28:24:ba:39:2f:a0:62:45:31:63:0a:e5:
5d:64:cc:b4:e1:d3:53:7c:db:1b:20:4b:42:fb:ab:
6b:e4:eb:dc:40:2e:21:d4:c2:14:3c:0b:4e:11:ed:
9f:55:b6:8e:1b:4f:4e:fa:75:78:26:48:34:4c:bc:
f7:97:0b:b1:56:16:c3:e2:49:58:e5:64:e1:b8:21:
73:8c:6f:d0:ff:7f:5b:3c:6b:12:9b:48:07:1d:a2:
5b:b2:9c:28:ea:56:6d:d6:04:80:68:ba:d7:29:ea:
15:01:bd:ee:a1:0c:25:d5:e4:af:72:60:29:19:01:
4c:bd:41:fd:98:86:cf:5a:4e:f8:a2:fc:08:97:4e:
ea:2c:8f:ef:94:f9:da:31:d9:02:99:db:64:d4:da:
50:ff:de:31:f5:58:13:ea:da:ba:0d:87:79:12:b3:
86:87:74:c5:f5:66:f5:bc:ff:82:7c:95:9a:6c:fe:
59:e7:c0:d2:4f:05:e7:5a:65:ea:81:72:68:36:54:
c7:3b:f5:34:7b:69:fe:e0:15:0f:b9:b5:ef:30:50:
39:aa:c7:95:6b:d4:64:40:3c:9a:47:e7:87:78:19:
e8:6a:1c:d9:06:32:3b:50:f5:e2:4b:df:6c:0a:5f:
ce:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F7:B7:BA:1F:4B:31:7C:44:2A:B2:87:D3:2A:35:05:A7:B4:2A:1A
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5195a33a-b061-40d0-9684-afc9a3f2804b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:ad:24:3b:87:66:69:f5:78:f0:41:06:80:f3:55:a5:0c:c4:
09:c2:9d:ba:b9:8c:e9:f8:68:11:c5:c7:91:b0:38:97:ea:19:
3f:3d:80:25:97:57:e1:e3:76:c3:11:ce:36:64:73:d4:ba:7b:
a9:33:10:b7:6a:80:be:59:d6:5c:a3:18:38:af:62:ab:09:5c:
9e:3a:22:8b:7a:44:cc:69:46:dc:f6:3f:07:c4:c7:c3:bf:6b:
93:b0:2b:72:34:ee:cc:8b:fc:8d:ef:2c:d0:46:f1:80:93:45:
7f:95:22:c4:eb:40:62:fd:53:2c:96:29:fb:61:d9:ba:36:8f:
5f:4f:2c:6f:d8:34:21:97:ab:65:00:c8:ea:74:9a:b6:a3:fc:
9b:3f:9d:ef:fd:45:29:41:f8:f7:cd:59:db:94:65:87:85:fb:
9c:79:00:68:e0:38:98:9d:e3:c6:3b:3f:54:14:47:70:77:2a:
01:83:33:a6:f6:49:5a:f5:73:31:fd:7e:c5:48:dd:b8:ee:89:
96:30:9f:83:b4:24:8f:3c:32:43:d8:98:c1:78:2e:cf:1c:8c:
e7:bb:75:a4:6a:d3:b7:1f:74:01:ee:6f:9d:f7:a0:bd:71:36:
8d:05:f6:e6:22:d7:93:44:e4:f0:58:85:ee:93:f9:56:28:35:
c7:ef:87:09
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULcjogK8IrpcwM//Zb89mZI6+xVQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODIwMDAwMDAwWhcNMjMwOTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGJhMTVjMmRjMGE4MWI0NDE0ZTAyY2Q0MmIzN2NjYWFj
YWM2OTRkMWIwZDEzMjVkZTQxN2U4NmVjOTI2MTYyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsnTZOu27zBurvmOC6ilVPDygkujkvoGJFMWMK5V1kzLTh
01N82xsgS0L7q2vk69xALiHUwhQ8C04R7Z9Vto4bT076dXgmSDRMvPeXC7FWFsPi
SVjlZOG4IXOMb9D/f1s8axKbSAcdoluynCjqVm3WBIBoutcp6hUBve6hDCXV5K9y
YCkZAUy9Qf2Yhs9aTvii/AiXTuosj++U+dox2QKZ22TU2lD/3jH1WBPq2roNh3kS
s4aHdMX1ZvW8/4J8lZps/lnnwNJPBedaZeqBcmg2VMc79TR7af7gFQ+5te8wUDmq
x5Vr1GRAPJpH54d4GehqHNkGMjtQ9eJL32wKX85JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4Pe3uh9LMXxEKrKH0yo1Bae0KhowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzUxOTVhMzNhLWIwNjEtNDBkMC05Njg0LWFmYzlhM2YyODA0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAH+tJDuHZmn1ePBBBoDzVaUMxAnC
nbq5jOn4aBHFx5GwOJfqGT89gCWXV+HjdsMRzjZkc9S6e6kzELdqgL5Z1lyjGDiv
YqsJXJ46Iot6RMxpRtz2PwfEx8O/a5OwK3I07syL/I3vLNBG8YCTRX+VIsTrQGL9
UyyWKfth2bo2j19PLG/YNCGXq2UAyOp0mraj/Js/ne/9RSlB+PfNWduUZYeF+5x5
AGjgOJid48Y7P1QUR3B3KgGDM6b2SVr1czH9fsVI3bjuiZYwn4O0JI88MkPYmMF4
Ls8cjOe7daRq07cfdAHub533oL1xNo0F9uYi15NE5PBYhe6T+VYoNcfvhwk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:45 2024 by rpki-client on console-ams.rpki-client.org