Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/554eae93-f2e6-4e77-85f4-700a649571a6.roa
File: 554eae93-f2e6-4e77-85f4-700a649571a6.roa (raw, json)
Hash identifier: AnBfmN/L6wB6yuXJg6YsIGdzRIyJvH4evN27BlGJSE8=
Subject key identifier: 04:38:83:39:6C:61:D9:22:65:62:AC:08:0D:2C:BD:8F:29:6C:0F:C1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3D83E57C6E9A5DA443138C1FEC8D1F82C844EF4F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/554eae93-f2e6-4e77-85f4-700a649571a6.roa
Signing time: Mon 27 Nov 2023 00:00:00 +0000
ROA not before: Mon 27 Nov 2023 00:00:00 +0000
ROA not after: Mon 01 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:83:e5:7c:6e:9a:5d:a4:43:13:8c:1f:ec:8d:1f:82:c8:44:ef:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 27 00:00:00 2023 GMT
Not After : Jan 1 23:59:59 2024 GMT
Subject: serialNumber=da23b385edbeb55a700d177b49c51c8cd1058ef38e7d17e5b7fc554537ffd18b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:11:94:d0:eb:ad:8b:3b:fe:22:cb:9b:2d:eb:
03:12:ac:6f:52:07:13:74:9a:10:4c:a7:76:dc:7d:
24:2c:11:ca:a7:ce:17:5d:69:4e:fb:5a:f3:b2:16:
ec:4c:ed:b1:26:25:e6:95:a5:4b:cd:57:17:90:bf:
fc:2c:bb:4e:ee:fd:a3:84:45:4d:1e:ed:b4:96:69:
e0:73:47:93:72:e8:1d:08:65:c3:4e:c3:55:03:3a:
23:6e:9a:9f:1e:e1:34:75:fd:86:2b:62:0c:ae:4b:
00:be:ff:2a:b8:a5:7a:f2:d6:cd:88:40:c5:5b:99:
2b:ad:bf:16:86:dc:5b:00:1e:5a:ac:c0:2d:a5:80:
ab:0f:a3:eb:0f:d4:5e:b8:f7:af:ab:9d:0f:aa:31:
0b:09:f8:a5:5b:e0:8c:86:29:17:71:45:42:b2:2b:
8a:75:a4:be:c8:a3:af:35:d1:d3:bd:48:3b:e2:76:
01:bc:64:81:5b:8b:76:3a:a8:4a:81:ea:f8:41:f5:
c2:d5:3d:07:38:99:9a:75:03:e3:aa:bb:62:42:22:
5b:55:90:f3:f4:ed:82:63:09:52:a3:37:b7:51:5b:
82:fc:b6:97:44:5b:4c:dd:bd:2c:40:92:a3:61:a4:
66:b1:7d:4a:8b:4c:0f:17:fd:7c:99:95:9f:cd:37:
b0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:38:83:39:6C:61:D9:22:65:62:AC:08:0D:2C:BD:8F:29:6C:0F:C1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/554eae93-f2e6-4e77-85f4-700a649571a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
69:29:1d:0a:d9:91:31:08:c1:e6:6d:1c:57:63:b4:8c:41:de:
79:16:f8:a5:4d:66:97:a0:7d:dc:78:d6:79:b6:55:e7:e3:22:
44:b5:20:5a:83:c3:f3:ec:d3:1a:b2:b2:0f:b6:a4:e0:58:cd:
5e:79:89:88:22:1c:a5:7a:7a:1e:4f:a9:3d:67:52:94:15:18:
42:c2:1d:b3:4e:3b:7b:fc:cc:ce:9c:aa:93:ef:62:c2:9d:b7:
a2:82:00:a4:ed:da:82:c9:25:35:1a:89:74:00:c5:25:b2:46:
a3:4c:34:8c:46:8d:c3:8c:62:ab:68:54:aa:6b:0f:77:73:40:
09:cf:04:90:a2:0a:42:43:c9:e4:f7:4c:a3:42:de:1e:05:2f:
7d:78:22:c3:31:91:1f:74:34:86:17:b3:3a:80:fe:27:42:de:
23:3c:c9:e5:ea:c8:11:7c:a7:5e:93:2c:bb:69:fb:a2:7c:c8:
0d:7e:3e:fd:7d:8e:ea:a9:60:52:31:1a:c0:70:7f:21:ad:f3:
c4:ea:70:b1:aa:a9:31:a9:3b:7f:e2:78:a2:f3:2c:0b:df:3e:
92:1d:23:fa:6a:ee:dd:29:79:68:84:6f:32:81:0a:e8:f5:57:
28:48:a6:63:65:98:60:70:9d:9f:90:a4:dc:b0:52:29:3b:49:
d2:ca:d5:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPYPlfG6aXaRDE4wf7I0fgshE708wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTI3MDAwMDAwWhcNMjQwMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTIzYjM4NWVkYmViNTVhNzAwZDE3N2I0OWM1MWM4Y2Qx
MDU4ZWYzOGU3ZDE3ZTViN2ZjNTU0NTM3ZmZkMThiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfEZTQ662LO/4iy5st6wMSrG9SBxN0mhBMp3bcfSQsEcqn
zhddaU77WvOyFuxM7bEmJeaVpUvNVxeQv/wsu07u/aOERU0e7bSWaeBzR5Ny6B0I
ZcNOw1UDOiNump8e4TR1/YYrYgyuSwC+/yq4pXry1s2IQMVbmSutvxaG3FsAHlqs
wC2lgKsPo+sP1F6496+rnQ+qMQsJ+KVb4IyGKRdxRUKyK4p1pL7Io6810dO9SDvi
dgG8ZIFbi3Y6qEqB6vhB9cLVPQc4mZp1A+Oqu2JCIltVkPP07YJjCVKjN7dRW4L8
tpdEW0zdvSxAkqNhpGaxfUqLTA8X/XyZlZ/NN7B1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBDiDOWxh2SJlYqwIDSy9jylsD8EwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzU1NGVhZTkzLWYyZTYtNGU3Ny04NWY0LTcwMGE2NDk1NzFhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGkpHQrZkTEIweZtHFdjtIxB3nkW
+KVNZpegfdx41nm2VefjIkS1IFqDw/Ps0xqysg+2pOBYzV55iYgiHKV6eh5PqT1n
UpQVGELCHbNOO3v8zM6cqpPvYsKdt6KCAKTt2oLJJTUaiXQAxSWyRqNMNIxGjcOM
YqtoVKprD3dzQAnPBJCiCkJDyeT3TKNC3h4FL314IsMxkR90NIYXszqA/idC3iM8
yeXqyBF8p16TLLtp+6J8yA1+Pv19juqpYFIxGsBwfyGt88TqcLGqqTGpO3/ieKLz
LAvfPpIdI/pq7t0peWiEbzKBCuj1VyhIpmNlmGBwnZ+QpNywUik7SdLK1Sw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:46 2024 by rpki-client on console-ams.rpki-client.org