Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5520ec08-ae94-4abe-8296-c3a54eb20c79.roa
File: 5520ec08-ae94-4abe-8296-c3a54eb20c79.roa (raw, json)
Hash identifier: JGcgUoCrIpoJxM5wO/OLYJn3nOqLgO07Bh+hYCQ3ZYw=
Subject key identifier: CF:BC:D1:E3:6E:54:8E:7E:A3:22:D4:F0:8B:33:59:90:4A:31:60:F6
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5CF043E7FEECD9539982B1D8426D84AD66E6EE07
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5520ec08-ae94-4abe-8296-c3a54eb20c79.roa
Signing time: Sat 09 Dec 2023 00:00:00 +0000
ROA not before: Sat 09 Dec 2023 00:00:00 +0000
ROA not after: Sat 13 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:f0:43:e7:fe:ec:d9:53:99:82:b1:d8:42:6d:84:ad:66:e6:ee:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 9 00:00:00 2023 GMT
Not After : Jan 13 23:59:59 2024 GMT
Subject: serialNumber=99f6a954e0cd5c51db0da2bff74636431f1bf5cc3f93ec05753af4ff0714d8ff, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:ed:80:37:ee:1f:94:cd:6d:cb:3f:55:2c:
2b:92:d5:61:55:50:a6:d1:8d:b3:cf:ac:44:13:b3:
70:25:d5:43:e9:10:2c:01:79:38:a1:c2:3b:05:42:
e6:03:30:cf:a1:22:4e:e5:32:d9:8e:62:9d:45:a5:
45:e4:f9:a7:3b:b7:b6:10:d5:02:d0:e7:42:10:10:
94:5e:a3:5e:02:a7:1a:b3:31:a2:a1:84:e9:1d:41:
62:a4:50:e3:88:c8:9a:aa:2e:1a:49:e1:23:9d:b2:
65:6a:c0:13:50:2c:3c:5e:d7:ef:c9:54:af:63:32:
7c:59:78:47:17:c5:19:ff:dc:14:10:b6:3d:06:d9:
3f:eb:3b:d1:0e:9f:69:f0:95:c1:f4:82:ee:30:86:
68:85:90:c1:e5:f4:81:dd:8b:6a:38:4a:83:f4:ea:
5b:8b:59:48:79:12:15:69:e6:e1:85:51:75:36:6d:
3a:fa:e4:69:14:6b:7a:d6:dc:2f:e7:4f:c7:75:36:
ee:30:a4:87:cb:f7:b2:cc:d6:e6:70:0d:3c:23:fc:
13:6e:bf:46:cf:bc:9c:d2:98:f7:ed:52:57:3d:49:
e0:0d:46:87:f4:52:1f:02:2c:9f:f6:51:89:f6:9e:
f8:e6:cd:78:93:8c:76:29:a7:e6:0e:92:2b:37:b9:
8b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BC:D1:E3:6E:54:8E:7E:A3:22:D4:F0:8B:33:59:90:4A:31:60:F6
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5520ec08-ae94-4abe-8296-c3a54eb20c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
40:be:58:ee:d2:8d:df:bf:13:11:9c:fb:8e:f0:4e:f9:27:e0:
27:68:0c:67:76:c6:3f:b6:39:0c:94:2d:b5:d9:ac:56:c7:2f:
fe:fe:cf:bb:16:e3:a1:23:bb:41:46:b9:88:15:6c:46:cb:35:
0b:f5:74:16:4f:8e:4a:c5:32:85:f7:b0:36:01:91:be:e7:d8:
53:1a:58:7c:3f:99:e6:6e:12:bc:0c:87:37:8e:44:45:44:b6:
69:9f:aa:4f:e2:96:a2:b0:25:c0:3f:d3:ae:8c:99:64:27:94:
24:c8:30:62:86:89:fd:0c:7d:3b:9f:74:4a:8b:f9:3d:6b:47:
dc:49:53:96:d6:da:58:f1:ae:e5:22:c7:4a:1b:75:39:35:cf:
6e:a0:cd:68:a7:12:c1:c9:ff:ae:0d:04:aa:9d:d7:b7:8b:39:
33:cc:a8:48:e0:95:8c:74:b1:6e:b8:24:89:29:d9:f7:f5:17:
fd:ba:17:23:d4:42:54:3b:a7:ee:e7:53:3e:d0:0b:8d:58:7f:
f7:c2:4c:09:f1:3d:29:c0:79:4b:ce:42:38:53:d6:bc:3a:9e:
39:9b:2f:bf:66:e8:35:02:02:6f:9f:8c:fa:44:52:85:6e:d3:
42:84:9f:4f:52:38:35:4b:d8:dd:b6:af:61:62:1b:a0:cc:12:
19:1f:d5:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXPBD5/7s2VOZgrHYQm2ErWbm7gcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjA5MDAwMDAwWhcNMjQwMTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5OWY2YTk1NGUwY2Q1YzUxZGIwZGEyYmZmNzQ2MzY0MzFm
MWJmNWNjM2Y5M2VjMDU3NTNhZjRmZjA3MTRkOGZmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxtO2AN+4flM1tyz9VLCuS1WFVUKbRjbPPrEQTs3Al1UPp
ECwBeTihwjsFQuYDMM+hIk7lMtmOYp1FpUXk+ac7t7YQ1QLQ50IQEJReo14Cpxqz
MaKhhOkdQWKkUOOIyJqqLhpJ4SOdsmVqwBNQLDxe1+/JVK9jMnxZeEcXxRn/3BQQ
tj0G2T/rO9EOn2nwlcH0gu4whmiFkMHl9IHdi2o4SoP06luLWUh5EhVp5uGFUXU2
bTr65GkUa3rW3C/nT8d1Nu4wpIfL97LM1uZwDTwj/BNuv0bPvJzSmPftUlc9SeAN
Rof0Uh8CLJ/2UYn2nvjmzXiTjHYpp+YOkis3uYuNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUz7zR425Ujn6jItTwizNZkEoxYPYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzU1MjBlYzA4LWFlOTQtNGFiZS04Mjk2LWMzYTU0ZWIyMGM3OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEC+WO7Sjd+/ExGc+47wTvkn4Cdo
DGd2xj+2OQyULbXZrFbHL/7+z7sW46Eju0FGuYgVbEbLNQv1dBZPjkrFMoX3sDYB
kb7n2FMaWHw/meZuErwMhzeOREVEtmmfqk/ilqKwJcA/066MmWQnlCTIMGKGif0M
fTufdEqL+T1rR9xJU5bW2ljxruUix0obdTk1z26gzWinEsHJ/64NBKqd17eLOTPM
qEjglYx0sW64JIkp2ff1F/26FyPUQlQ7p+7nUz7QC41Yf/fCTAnxPSnAeUvOQjhT
1rw6njmbL79m6DUCAm+fjPpEUoVu00KEn09SODVL2N22r2FiG6DMEhkf1Wo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:27 2024 by rpki-client on console-fra.rpki-client.org