Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70b33ba4-aa49-4409-b787-fcbd0dec5b8a.roa
File: 70b33ba4-aa49-4409-b787-fcbd0dec5b8a.roa (raw, json)
Hash identifier: DyW/9pfqF0NHnYFB44LgVL5eWEHQ3snRBszmy4EfUbI=
Subject key identifier: E1:BC:B5:9F:CC:0C:DD:72:56:15:68:45:E4:CD:F7:64:8C:91:E3:FE
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 60891B3F9319BAB4702423CC443C3E539901F3EA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70b33ba4-aa49-4409-b787-fcbd0dec5b8a.roa
Signing time: Mon 18 Sep 2023 00:00:00 +0000
ROA not before: Mon 18 Sep 2023 00:00:00 +0000
ROA not after: Mon 23 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:89:1b:3f:93:19:ba:b4:70:24:23:cc:44:3c:3e:53:99:01:f3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 18 00:00:00 2023 GMT
Not After : Oct 23 23:59:59 2023 GMT
Subject: serialNumber=06414d99a2c8d8478a84b667c64b489fcf405bdfdd2162c26874d8ae8e60987e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:11:25:47:19:0a:38:5e:4a:67:c3:27:fa:d2:
69:57:ac:a0:db:e9:23:37:b8:f6:93:3a:a6:48:3a:
40:1e:67:27:81:0d:e1:32:0d:a8:4e:85:6a:86:b8:
58:86:53:eb:37:a8:82:ff:27:e0:72:6e:54:87:a3:
93:40:c9:07:06:68:98:cf:61:d3:dc:50:d2:04:03:
af:09:eb:8f:e5:8e:d0:c3:ef:1e:11:e5:d5:5a:8e:
f2:2d:f2:87:f5:fd:1d:89:c2:e2:b7:a6:af:69:99:
0e:25:8c:dc:17:d7:08:d0:42:e3:6e:08:fe:95:96:
c5:d9:9b:40:b7:4e:ab:00:f0:18:f1:0a:0c:15:73:
02:dc:04:bf:e5:7e:73:0b:90:d4:88:6f:72:3f:cb:
ca:90:ac:9a:82:36:cf:d7:95:b4:3a:58:c9:e6:52:
e0:1c:b3:a0:21:96:78:11:bc:60:0b:40:79:be:26:
48:d9:65:66:5a:be:8c:22:20:8e:49:66:4a:86:4a:
e3:8e:57:6e:40:7d:27:dd:57:5b:ef:4c:52:13:f2:
a9:b1:76:eb:bc:45:fc:29:da:99:8e:a9:61:21:fa:
e2:24:48:61:6c:4f:27:1a:76:4a:c1:fc:a8:e0:2b:
82:f2:43:24:87:99:76:e1:93:d3:21:f6:d5:54:fa:
64:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BC:B5:9F:CC:0C:DD:72:56:15:68:45:E4:CD:F7:64:8C:91:E3:FE
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/70b33ba4-aa49-4409-b787-fcbd0dec5b8a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:e2:1e:7c:35:48:21:08:a9:f2:8e:63:61:f1:8d:b8:2d:ab:
da:69:c7:69:e7:67:fd:73:bd:c4:fa:8c:07:81:18:d2:52:10:
2f:d0:02:85:d9:11:68:ea:67:14:82:d9:33:a8:b3:11:c3:61:
cc:eb:68:8f:3c:34:3b:eb:04:ff:d8:40:1f:e0:10:2b:2b:01:
90:a7:cd:4c:98:95:a6:1e:64:4b:8b:60:ad:66:72:5c:a3:af:
0b:15:a3:71:71:85:cd:8e:d4:3c:a1:fb:6b:8c:90:4e:af:c7:
07:35:31:e1:ff:e3:7a:82:58:1f:94:54:22:14:19:b3:4d:0a:
63:10:8e:eb:fc:b9:f0:ef:fe:91:e7:af:d5:97:f3:ac:c9:02:
9c:3e:b1:b6:0d:4b:17:de:45:6a:5c:86:0c:38:1f:fb:9f:13:
53:eb:ce:c1:42:7f:bf:83:33:fc:34:49:66:07:d9:2d:3f:35:
72:d7:d4:5f:5e:7f:4c:a8:7c:e4:16:76:16:ef:c1:8f:09:fb:
71:4b:51:4c:07:e4:53:f2:32:5d:8e:c3:35:1f:52:5e:44:ac:
74:8f:59:26:ce:40:25:86:92:3c:d4:0d:69:67:8e:28:ea:f2:
dd:1a:93:ec:07:f1:2e:64:ad:12:fa:70:27:61:c4:a9:ae:3d:
99:fd:53:01
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYIkbP5MZurRwJCPMRDw+U5kB8+owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTE4MDAwMDAwWhcNMjMxMDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNjQxNGQ5OWEyYzhkODQ3OGE4NGI2NjdjNjRiNDg5ZmNm
NDA1YmRmZGQyMTYyYzI2ODc0ZDhhZThlNjA5ODdlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWESVHGQo4Xkpnwyf60mlXrKDb6SM3uPaTOqZIOkAeZyeB
DeEyDahOhWqGuFiGU+s3qIL/J+ByblSHo5NAyQcGaJjPYdPcUNIEA68J64/ljtDD
7x4R5dVajvIt8of1/R2JwuK3pq9pmQ4ljNwX1wjQQuNuCP6VlsXZm0C3TqsA8Bjx
CgwVcwLcBL/lfnMLkNSIb3I/y8qQrJqCNs/XlbQ6WMnmUuAcs6AhlngRvGALQHm+
JkjZZWZavowiII5JZkqGSuOOV25AfSfdV1vvTFIT8qmxduu8Rfwp2pmOqWEh+uIk
SGFsTycadkrB/KjgK4LyQySHmXbhk9Mh9tVU+mTDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4by1n8wM3XJWFWhF5M33ZIyR4/4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcwYjMzYmE0LWFhNDktNDQwOS1iNzg3LWZjYmQwZGVjNWI4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAG/iHnw1SCEIqfKOY2Hxjbgtq9pp
x2nnZ/1zvcT6jAeBGNJSEC/QAoXZEWjqZxSC2TOosxHDYczraI88NDvrBP/YQB/g
ECsrAZCnzUyYlaYeZEuLYK1mclyjrwsVo3Fxhc2O1Dyh+2uMkE6vxwc1MeH/43qC
WB+UVCIUGbNNCmMQjuv8ufDv/pHnr9WX86zJApw+sbYNSxfeRWpchgw4H/ufE1Pr
zsFCf7+DM/w0SWYH2S0/NXLX1F9ef0yofOQWdhbvwY8J+3FLUUwH5FPyMl2OwzUf
Ul5ErHSPWSbOQCWGkjzUDWlnjijq8t0ak+wH8S5krRL6cCdhxKmuPZn9UwE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-ams.rpki-client.org