Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5404fb4a-7b92-4960-a277-9eca996337d3.roa
File: 5404fb4a-7b92-4960-a277-9eca996337d3.roa (raw, json)
Hash identifier: /TmyWEZkFV8AmodYdGOEZcQbv+VU1rvNgsUg3L20YFo=
Subject key identifier: 05:15:8E:94:63:AD:73:9C:73:6E:1D:95:9F:13:0B:1B:7C:ED:C6:E4
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0DB70D3E6373F3885D7300850AF4E7073DC84F9C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5404fb4a-7b92-4960-a277-9eca996337d3.roa
Signing time: Sat 09 Dec 2023 00:00:00 +0000
ROA not before: Sat 09 Dec 2023 00:00:00 +0000
ROA not after: Sat 13 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b7:0d:3e:63:73:f3:88:5d:73:00:85:0a:f4:e7:07:3d:c8:4f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 9 00:00:00 2023 GMT
Not After : Jan 13 23:59:59 2024 GMT
Subject: serialNumber=228d3dcea2df626d6eb375d145f5b4a81d31116450a3cf3583d2a96e11bac9be, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:34:f9:dd:60:e0:c5:fa:c1:cb:c5:27:2b:78:
ff:e7:4b:ba:af:b2:5e:ba:16:76:94:fb:1a:6b:b0:
75:52:e6:29:ee:4c:7b:a6:6f:e2:5e:6b:79:d0:74:
dd:ab:aa:75:37:6d:1d:53:fe:b9:f4:4c:a9:19:7b:
3d:05:af:bf:d6:9f:87:b7:41:14:84:90:4d:7a:5c:
33:80:af:d8:68:40:f8:aa:83:13:ec:3d:03:86:72:
21:73:86:c2:ed:d5:35:16:88:2b:4a:5a:2c:d8:90:
d8:8d:a4:07:c8:d4:7d:90:b5:b2:b6:ba:34:65:84:
69:b1:26:24:0b:90:e1:79:36:32:6c:2b:9c:08:30:
fa:e5:78:7b:7f:77:c4:9c:90:8e:38:b9:99:a9:e4:
0f:18:02:af:51:0f:eb:08:84:2a:cb:1f:2c:6e:0c:
24:7b:47:17:67:ee:b6:6e:ff:3d:44:9b:bc:14:0d:
a2:e5:da:13:98:22:55:c8:a7:31:47:9a:de:e7:bc:
68:9f:6e:71:63:aa:a3:74:47:74:b1:8f:cc:b5:1b:
e5:57:c2:6c:d1:a9:ba:8b:06:54:72:dd:1b:d0:ae:
ed:e9:7e:ff:fc:1e:91:c6:15:fb:06:c9:a5:ec:57:
5a:8e:3f:f7:9e:7c:ca:ea:d3:0c:c4:8a:5e:ee:ac:
57:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:15:8E:94:63:AD:73:9C:73:6E:1D:95:9F:13:0B:1B:7C:ED:C6:E4
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5404fb4a-7b92-4960-a277-9eca996337d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:28:75:20:c1:7c:1b:6b:97:a0:b2:28:17:bf:ca:49:20:8d:
6d:0a:1a:4d:67:8f:5f:a8:63:34:d7:c2:e2:64:7d:e2:46:90:
54:de:d2:2f:52:d5:a8:37:8d:dc:16:05:99:53:22:0a:71:ae:
d8:7f:db:67:ed:81:4d:9c:ef:16:98:28:6c:ef:d8:11:94:3e:
e5:c3:17:e6:44:ba:ba:54:75:61:92:8a:32:08:ce:60:fb:aa:
83:3f:aa:cb:c4:0c:8f:cb:51:c6:9e:2f:ae:08:b0:da:22:a4:
00:d3:4e:b4:e6:cc:9b:3a:26:9b:98:3d:76:83:52:a7:e3:b9:
16:59:37:4e:4b:96:6c:08:41:83:6c:c9:c3:85:fe:cd:24:12:
bc:8b:18:95:63:bd:d5:5e:45:06:77:4c:00:37:be:8e:94:5f:
95:11:74:17:47:69:22:03:50:22:b3:94:f7:eb:9b:86:5f:f8:
ef:b2:01:70:b6:5b:5c:a2:31:a8:71:4f:4e:99:ff:3c:41:d8:
09:27:98:02:6b:d3:1f:ad:7b:60:43:03:52:7b:59:91:7a:8e:
35:a2:92:a4:87:20:29:65:20:70:da:ee:4b:9f:80:31:81:8a:
72:a2:23:c2:e4:a7:af:4f:50:72:de:4e:ad:87:e8:9c:e1:e1:
92:8b:c4:b2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDbcNPmNz84hdcwCFCvTnBz3IT5wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjA5MDAwMDAwWhcNMjQwMTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMjhkM2RjZWEyZGY2MjZkNmViMzc1ZDE0NWY1YjRhODFk
MzExMTY0NTBhM2NmMzU4M2QyYTk2ZTExYmFjOWJlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1NPndYODF+sHLxScreP/nS7qvsl66FnaU+xprsHVS5inu
THumb+Jea3nQdN2rqnU3bR1T/rn0TKkZez0Fr7/Wn4e3QRSEkE16XDOAr9hoQPiq
gxPsPQOGciFzhsLt1TUWiCtKWizYkNiNpAfI1H2QtbK2ujRlhGmxJiQLkOF5NjJs
K5wIMPrleHt/d8SckI44uZmp5A8YAq9RD+sIhCrLHyxuDCR7Rxdn7rZu/z1Em7wU
DaLl2hOYIlXIpzFHmt7nvGifbnFjqqN0R3Sxj8y1G+VXwmzRqbqLBlRy3RvQru3p
fv/8HpHGFfsGyaXsV1qOP/eefMrq0wzEil7urFfbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBRWOlGOtc5xzbh2VnxMLG3ztxuQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzU0MDRmYjRhLTdiOTItNDk2MC1hMjc3LTllY2E5OTYzMzdkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA0odSDBfBtrl6CyKBe/ykkgjW0K
Gk1nj1+oYzTXwuJkfeJGkFTe0i9S1ag3jdwWBZlTIgpxrth/22ftgU2c7xaYKGzv
2BGUPuXDF+ZEurpUdWGSijIIzmD7qoM/qsvEDI/LUcaeL64IsNoipADTTrTmzJs6
JpuYPXaDUqfjuRZZN05LlmwIQYNsycOF/s0kEryLGJVjvdVeRQZ3TAA3vo6UX5UR
dBdHaSIDUCKzlPfrm4Zf+O+yAXC2W1yiMahxT06Z/zxB2AknmAJr0x+te2BDA1J7
WZF6jjWikqSHICllIHDa7kufgDGBinKiI8Lkp69PUHLeTq2H6Jzh4ZKLxLI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:27 2024 by rpki-client on console-fra.rpki-client.org