Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ce653c4-6c50-46ad-b7c0-e5e6473f4258.roa
File: 7ce653c4-6c50-46ad-b7c0-e5e6473f4258.roa (raw, json)
Hash identifier: i0a3KyGeW+t8PKOindXQEHFR8cuualocUXKy98AmgjM=
Subject key identifier: FA:E4:0B:AA:DF:B8:EA:63:2D:59:23:61:5F:23:28:C5:7A:79:6E:C5
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 24B77DC31FC81228B46725A04DD05BD177ECE35D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ce653c4-6c50-46ad-b7c0-e5e6473f4258.roa
Signing time: Thu 29 Feb 2024 00:00:00 +0000
ROA not before: Thu 29 Feb 2024 00:00:00 +0000
ROA not after: Thu 04 Apr 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:b7:7d:c3:1f:c8:12:28:b4:67:25:a0:4d:d0:5b:d1:77:ec:e3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Feb 29 00:00:00 2024 GMT
Not After : Apr 4 23:59:59 2024 GMT
Subject: serialNumber=f8cd2716bcb6791dab1e522b9776280c2d1583efb11da0fc9a9ec03596dd8a13, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c9:52:a9:e4:2b:74:df:ba:f2:7e:20:59:59:
72:8f:48:95:81:61:a2:88:12:07:2b:43:58:aa:ef:
8e:7f:39:46:c5:05:76:46:d0:62:34:d0:90:7f:c8:
f4:43:d4:c6:25:63:8c:c1:83:12:bb:61:9f:fb:70:
d8:f1:34:35:89:57:89:9d:99:1d:01:70:b1:2e:1f:
84:cd:3e:4a:f9:7c:c6:5e:9e:f5:97:87:01:b7:da:
32:73:e0:af:03:b5:fc:08:e6:72:e1:70:b3:ac:30:
67:2d:8d:ef:67:43:aa:55:b7:38:79:7a:7a:e9:55:
6b:3e:3a:bc:89:1f:fa:6f:e8:50:32:ac:24:c4:a1:
b5:81:0e:3d:81:7d:11:15:38:97:73:cd:9f:b7:14:
0c:80:90:60:93:30:e9:8e:33:4e:21:ec:ae:e4:65:
43:da:57:e5:0c:e1:ca:fe:dd:7d:3e:c2:73:34:95:
28:ae:ee:31:d9:19:05:93:65:77:f0:61:44:5b:14:
36:cb:7d:e4:fe:c0:73:27:52:e5:d6:2e:5b:45:ae:
27:35:51:20:ce:65:c4:6e:cf:ae:ae:36:74:68:f2:
89:21:76:0c:2b:1e:14:fb:20:57:52:00:5a:09:a6:
7e:67:d6:25:37:f6:1f:6d:67:0a:0e:82:47:87:e8:
44:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E4:0B:AA:DF:B8:EA:63:2D:59:23:61:5F:23:28:C5:7A:79:6E:C5
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7ce653c4-6c50-46ad-b7c0-e5e6473f4258.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
01:24:f6:60:db:e3:6b:10:b1:8c:38:f4:5f:9b:ae:8b:94:92:
ce:ac:f2:d7:f6:38:39:c4:99:d8:eb:aa:7c:13:e3:1c:b0:71:
2d:18:0e:25:43:fc:bd:92:2b:37:32:74:5f:83:ee:a4:df:7b:
3a:42:c9:e5:e4:fa:c7:58:32:31:a1:88:d5:f4:50:36:d7:4e:
86:f9:73:ef:e4:09:8b:2d:f8:b4:3b:59:ab:56:2b:97:74:d1:
dd:de:d0:f7:4f:e6:15:bf:b8:5f:94:d9:50:fc:87:59:9f:72:
86:5e:fa:25:fa:75:e0:ea:cb:91:45:eb:c6:48:b9:00:8e:f4:
f6:7e:b2:74:d3:02:58:cc:4c:8d:dd:85:9d:29:d0:a0:97:5f:
55:31:77:a1:57:b7:c6:f0:91:b9:4e:ad:14:a7:fb:6e:13:7a:
40:65:da:2e:f3:8c:be:4a:95:a9:d0:6c:a6:f1:d1:da:fc:55:
b2:2e:9c:16:60:2c:e2:b3:87:60:71:d2:e7:87:01:37:a2:88:
19:e6:65:95:cd:ca:fc:54:5a:74:5f:c8:fd:dc:f2:c3:39:62:
b6:5e:11:9c:51:ed:62:f0:02:73:c3:38:d9:c4:c8:3d:3f:06:
33:b3:80:78:21:96:8a:ce:56:26:04:e2:c6:87:eb:50:bb:d4:
8c:1c:42:d5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJLd9wx/IEii0ZyWgTdBb0Xfs410wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMjI5MDAwMDAwWhcNMjQwNDA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmOGNkMjcxNmJjYjY3OTFkYWIxZTUyMmI5Nzc2MjgwYzJk
MTU4M2VmYjExZGEwZmM5YTllYzAzNTk2ZGQ4YTEzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDqyVKp5Ct037ryfiBZWXKPSJWBYaKIEgcrQ1iq745/OUbF
BXZG0GI00JB/yPRD1MYlY4zBgxK7YZ/7cNjxNDWJV4mdmR0BcLEuH4TNPkr5fMZe
nvWXhwG32jJz4K8DtfwI5nLhcLOsMGctje9nQ6pVtzh5enrpVWs+OryJH/pv6FAy
rCTEobWBDj2BfREVOJdzzZ+3FAyAkGCTMOmOM04h7K7kZUPaV+UM4cr+3X0+wnM0
lSiu7jHZGQWTZXfwYURbFDbLfeT+wHMnUuXWLltFric1USDOZcRuz66uNnRo8okh
dgwrHhT7IFdSAFoJpn5n1iU39h9tZwoOgkeH6ERNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+uQLqt+46mMtWSNhXyMoxXp5bsUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdjZTY1M2M0LTZjNTAtNDZhZC1iN2MwLWU1ZTY0NzNmNDI1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAEk9mDb42sQsYw49F+brouUks6s
8tf2ODnEmdjrqnwT4xywcS0YDiVD/L2SKzcydF+D7qTfezpCyeXk+sdYMjGhiNX0
UDbXTob5c+/kCYst+LQ7WatWK5d00d3e0PdP5hW/uF+U2VD8h1mfcoZe+iX6deDq
y5FF68ZIuQCO9PZ+snTTAljMTI3dhZ0p0KCXX1Uxd6FXt8bwkblOrRSn+24TekBl
2i7zjL5KlanQbKbx0dr8VbIunBZgLOKzh2Bx0ueHATeiiBnmZZXNyvxUWnRfyP3c
8sM5YrZeEZxR7WLwAnPDONnEyD0/BjOzgHghlorOViYE4saH61C71IwcQtU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:33 2024 by rpki-client on console-fra.rpki-client.org