Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/549df72c-bc84-4cb2-9785-3076a6f63287.roa
File: 549df72c-bc84-4cb2-9785-3076a6f63287.roa (raw, json)
Hash identifier: ap30/pHG7p3LDz3t3AEb7JLQKZJzV1MPC0WEy1tpjCI=
Subject key identifier: 5B:D8:A3:3A:05:34:74:5E:F4:FC:C1:18:89:80:D7:32:30:D2:78:B5
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3CCB0C01D670A15FF0C04B568777B77D6AB630
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/549df72c-bc84-4cb2-9785-3076a6f63287.roa
Signing time: Fri 14 Jul 2023 00:00:00 +0000
ROA not before: Fri 14 Jul 2023 00:00:00 +0000
ROA not after: Fri 18 Aug 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:cb:0c:01:d6:70:a1:5f:f0:c0:4b:56:87:77:b7:7d:6a:b6:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 14 00:00:00 2023 GMT
Not After : Aug 18 23:59:59 2023 GMT
Subject: serialNumber=fc8c86549cb415ada238307f61558dfbfe4b16f1efe6dcdf356d898a5ccf42b8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:be:60:62:3a:43:41:7b:9d:be:50:d7:f5:43:
41:6f:5f:d4:23:7c:b8:01:87:e3:39:ae:11:34:71:
e2:a4:55:de:36:ac:3e:4d:cf:9e:0d:ec:1d:45:0f:
1d:09:da:6b:81:d7:6c:b2:fd:fc:05:b7:d6:de:90:
e2:80:3e:e1:10:12:5c:8e:4a:9d:3a:a0:e1:97:1a:
fd:c4:c8:b1:49:f1:39:82:1a:0a:eb:6a:09:36:24:
5a:f1:5c:d3:58:c9:48:e4:ae:1b:48:05:40:95:fd:
1b:89:11:ee:ad:db:52:9b:54:d9:31:f9:dd:81:36:
36:da:4c:43:14:19:e6:bd:74:2c:e6:34:03:20:fe:
0c:96:4c:ed:21:65:30:ec:96:2b:61:1a:95:e0:ba:
b9:35:84:20:92:e5:b5:78:54:a7:fe:a0:c9:06:80:
13:3f:9e:38:02:2d:69:6f:56:a0:4f:2a:02:0d:e1:
bb:45:f1:0c:8c:df:1d:96:c3:ae:40:39:1a:69:06:
4c:8e:e5:f2:e1:b6:7c:45:9d:08:e2:95:16:c9:35:
1d:3e:d4:c8:b8:c6:ca:30:7b:c4:60:9f:90:7e:07:
02:d5:e7:8c:13:8d:40:47:b4:d2:18:5a:7a:ef:e2:
99:55:fb:ea:70:03:e4:26:c5:0e:ce:74:1f:e4:66:
68:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D8:A3:3A:05:34:74:5E:F4:FC:C1:18:89:80:D7:32:30:D2:78:B5
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/549df72c-bc84-4cb2-9785-3076a6f63287.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:1e:bb:e1:ef:c5:4d:1f:a7:5a:05:e2:2b:5b:7d:e2:1a:38:
51:7e:74:1f:ba:67:2e:23:b8:71:1b:59:ad:ef:f3:8c:08:14:
c6:f0:80:92:e7:6a:87:52:75:58:74:aa:34:b7:33:a9:52:67:
6a:ca:91:7d:84:68:52:17:6c:0d:c6:62:c8:58:e4:99:48:41:
13:e6:d4:1f:31:9c:cb:7c:a1:07:ff:1c:04:d2:1f:92:19:63:
c2:98:1b:e1:00:43:f1:ad:c3:d6:e5:5d:c2:03:77:c3:09:7b:
5b:cb:59:b3:b4:d3:4f:30:b5:57:37:07:63:e5:32:f2:a4:db:
bf:1c:43:fa:c8:04:d9:44:0d:eb:72:37:3d:b7:b6:dd:81:e9:
7e:7b:ca:dc:33:c3:69:ae:99:8b:5a:29:03:ae:26:47:0f:ca:
40:c9:f1:b5:72:2e:db:05:5d:b0:2d:55:51:ee:1f:12:bb:44:
57:32:eb:c7:52:6b:94:85:cc:54:c3:aa:8a:61:86:b1:89:64:
d8:1e:ef:c9:ac:0a:bb:2e:6a:f6:49:09:c4:31:bc:0f:6e:ee:
3d:d4:8f:c7:f5:b5:b3:2d:20:f1:92:7f:55:01:a5:f9:52:6b:
e9:4c:ab:7e:fa:54:c8:ba:ec:21:c1:49:f1:eb:0d:26:e9:3a:
fd:a2:09:14
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITPMsMAdZwoV/wwEtWh3e3fWq2MDANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjY2MmNlMTRlOTA1ZTE4ZWJjYjc1MjJm
OTJiMzY4NGJjNDg2NWI0ZDAeFw0yMzA3MTQwMDAwMDBaFw0yMzA4MTgyMzU5NTla
MHoxSTBHBgNVBAUTQGZjOGM4NjU0OWNiNDE1YWRhMjM4MzA3ZjYxNTU4ZGZiZmU0
YjE2ZjFlZmU2ZGNkZjM1NmQ4OThhNWNjZjQyYjgxLTArBgNVBAMTJGMwY2UyM2Vh
LTQzZmMtNGJlNC1iZWVlLWMwMTQ3ODEyMmEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMq+YGI6Q0F7nb5Q1/VDQW9f1CN8uAGH4zmuETRx4qRV3jas
Pk3Png3sHUUPHQnaa4HXbLL9/AW31t6Q4oA+4RASXI5KnTqg4Zca/cTIsUnxOYIa
CutqCTYkWvFc01jJSOSuG0gFQJX9G4kR7q3bUptU2TH53YE2NtpMQxQZ5r10LOY0
AyD+DJZM7SFlMOyWK2EaleC6uTWEIJLltXhUp/6gyQaAEz+eOAItaW9WoE8qAg3h
u0XxDIzfHZbDrkA5GmkGTI7l8uG2fEWdCOKVFsk1HT7UyLjGyjB7xGCfkH4HAtXn
jBONQEe00hhaeu/imVX76nAD5CbFDs50H+RmaA8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBRb2KM6BTR0XvT8wRiJgNcyMNJ4tTAfBgNVHSMEGDAWgBRVqN1F2UQT+dGS
9Sxjzoz7xhSWuDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzE0MzNlYmZmLWRm
ZDYtNGM1Yy1iN2ZmLTk5Yzg1MTM5ZDRhOC8yNzhhYWI4NzhmMjY2MmNlMTRlOTA1
ZTE4ZWJjYjc1MjJmOTJiMzY4NGJjNDg2NWI0ZC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8xNmYxZmZlZS03NDYxLTQ2NzQtYmIwNS1mZGRl
ZmE5YTAyYzYvNTQ5ZGY3MmMtYmM4NC00Y2IyLTk3ODUtMzA3NmE2ZjYzMjg3LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUt
ZmRkZWZhOWEwMmM2L0ptTE9GT2tGNFk2OHQxSXZrck5vUzhTR1cwMC5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAth674e/FTR+nWgXiK1t94ho4UX50
H7pnLiO4cRtZre/zjAgUxvCAkudqh1J1WHSqNLczqVJnasqRfYRoUhdsDcZiyFjk
mUhBE+bUHzGcy3yhB/8cBNIfkhljwpgb4QBD8a3D1uVdwgN3wwl7W8tZs7TTTzC1
VzcHY+Uy8qTbvxxD+sgE2UQN63I3Pbe23YHpfnvK3DPDaa6Zi1opA64mRw/KQMnx
tXIu2wVdsC1VUe4fErtEVzLrx1JrlIXMVMOqimGGsYlk2B7vyawKuy5q9kkJxDG8
D27uPdSPx/W1sy0g8ZJ/VQGl+VJr6UyrfvpUyLrsIcFJ8esNJuk6/aIJFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:27 2024 by rpki-client on console-fra.rpki-client.org