Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6cd908cb-8333-4dcd-af05-1ab07530bc43.roa
File: 6cd908cb-8333-4dcd-af05-1ab07530bc43.roa (raw, json)
Hash identifier: NeFdGLjwn9w9x5p4m+J5coKva++oHsYHxZK+EgIJe/Q=
Subject key identifier: 7E:D7:BB:FB:F6:0B:87:DB:B4:05:EF:C6:E9:FE:93:67:B3:5F:EE:C1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3B4FB0A1E6BDBEEE074FC2D2F1077AA3C4BD0EDF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6cd908cb-8333-4dcd-af05-1ab07530bc43.roa
Signing time: Mon 06 Nov 2023 00:00:00 +0000
ROA not before: Mon 06 Nov 2023 00:00:00 +0000
ROA not after: Mon 11 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:4f:b0:a1:e6:bd:be:ee:07:4f:c2:d2:f1:07:7a:a3:c4:bd:0e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Nov 6 00:00:00 2023 GMT
Not After : Dec 11 23:59:59 2023 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:13:af:1f:f4:6b:96:3c:fe:f1:de:c2:48:b5:
86:53:27:8d:a0:61:2b:b4:01:2d:b9:3a:15:31:12:
66:16:23:3b:4d:0a:93:30:ce:bb:fb:8b:8d:d5:53:
8c:dd:34:19:50:d3:f1:ae:c4:d4:cd:e0:cc:c0:b7:
15:53:68:a9:4e:5d:0b:0d:eb:0d:30:79:c3:b1:d8:
11:d9:cb:7d:9c:94:33:99:df:43:a0:17:f1:5c:05:
55:45:f5:09:2c:42:42:27:24:a9:60:e6:20:cf:fd:
1f:ee:68:1d:e8:95:06:43:09:00:49:70:e6:7d:d9:
e9:1a:04:1b:38:6f:ac:45:76:38:a3:25:05:b9:15:
3a:c1:0d:87:4a:d3:08:f1:69:b2:d0:25:3a:d2:de:
04:a7:e6:36:02:e6:ca:68:0b:6a:00:90:b6:d3:09:
d3:24:ab:3f:4b:c0:52:3f:a9:3f:23:60:3a:dc:8b:
ae:ac:e8:db:8f:f2:25:18:3c:57:eb:f6:29:48:98:
2e:8d:3f:03:6a:17:fa:a9:93:8d:90:d3:2c:00:60:
96:c8:55:9d:78:12:51:0e:41:bd:44:3e:4a:3f:e6:
62:a9:9c:14:89:40:12:13:3c:ce:7f:5f:0a:6d:af:
c1:ba:e7:b9:73:38:2a:dd:e5:df:4e:9e:08:aa:e0:
d4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D7:BB:FB:F6:0B:87:DB:B4:05:EF:C6:E9:FE:93:67:B3:5F:EE:C1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6cd908cb-8333-4dcd-af05-1ab07530bc43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:30:47:8c:42:ec:2c:29:ec:5e:5f:66:5c:a2:28:79:20:9e:
fe:2f:6d:2c:7f:32:65:a0:97:e0:a3:b6:53:66:f3:4b:5f:48:
8c:f7:88:5d:dd:20:d5:ac:6c:20:7b:b7:50:07:ba:fb:b6:f0:
86:cb:e0:92:41:ad:22:fb:d4:78:1e:cc:ce:d8:05:6f:7b:5e:
85:cf:18:4b:3c:a7:85:c7:37:d9:85:b5:a8:10:9e:c7:5c:76:
b6:56:38:56:18:28:c3:08:87:52:15:10:fb:0a:39:9f:47:3a:
ec:b2:3a:a7:a3:0b:a7:ec:33:ad:8b:e1:09:d6:db:fc:69:e2:
bf:05:8a:ea:9f:7d:d4:1f:b6:6e:89:a1:d3:1f:24:c0:7a:bf:
99:3a:d2:74:35:fd:9a:bd:f6:b2:d0:aa:ce:1b:4a:ec:ba:6e:
82:83:bd:9d:f6:6a:24:58:34:9e:85:0a:b3:38:46:a7:6d:a6:
2f:a8:90:ff:36:f4:cd:78:c7:34:8b:d4:fe:92:8e:c0:e8:c6:
3c:11:a4:f0:c5:d8:38:fc:06:14:71:d9:ec:6e:d6:67:f4:30:
19:b3:be:21:3a:3f:b5:21:f2:02:5b:ca:6f:08:45:78:c0:36:
b9:1d:9b:28:57:56:0c:42:4a:73:a6:01:8f:94:be:49:d3:fb:
f5:f2:01:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO0+woea9vu4HT8LS8Qd6o8S9Dt8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTA2MDAwMDAwWhcNMjMxMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OGFkMDBhMWQwMDJiMzk4YzM0Nzc3NTNjNDk0NDMyYjll
YzdmMzcwNDQzODI5NDU0M2ZiMTU2MmVkMmI3MWQ4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuE68f9GuWPP7x3sJItYZTJ42gYSu0AS25OhUxEmYWIztN
CpMwzrv7i43VU4zdNBlQ0/GuxNTN4MzAtxVTaKlOXQsN6w0wecOx2BHZy32clDOZ
30OgF/FcBVVF9QksQkInJKlg5iDP/R/uaB3olQZDCQBJcOZ92ekaBBs4b6xFdjij
JQW5FTrBDYdK0wjxabLQJTrS3gSn5jYC5spoC2oAkLbTCdMkqz9LwFI/qT8jYDrc
i66s6NuP8iUYPFfr9ilImC6NPwNqF/qpk42Q0ywAYJbIVZ14ElEOQb1EPko/5mKp
nBSJQBITPM5/Xwptr8G657lzOCrd5d9Ongiq4NRrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfte7+/YLh9u0Be/G6f6TZ7Nf7sEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzZjZDkwOGNiLTgzMzMtNGRjZC1hZjA1LTFhYjA3NTMwYmM0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJswR4xC7Cwp7F5fZlyiKHkgnv4v
bSx/MmWgl+CjtlNm80tfSIz3iF3dINWsbCB7t1AHuvu28IbL4JJBrSL71HgezM7Y
BW97XoXPGEs8p4XHN9mFtagQnsdcdrZWOFYYKMMIh1IVEPsKOZ9HOuyyOqejC6fs
M62L4QnW2/xp4r8FiuqffdQftm6JodMfJMB6v5k60nQ1/Zq99rLQqs4bSuy6boKD
vZ32aiRYNJ6FCrM4Rqdtpi+okP829M14xzSL1P6SjsDoxjwRpPDF2Dj8BhRx2exu
1mf0MBmzviE6P7Uh8gJbym8IRXjANrkdmyhXVgxCSnOmAY+UvknT+/XyAUo=
-----END CERTIFICATE-----
Generated at Tue Feb 18 06:59:31 2025 by rpki-client