Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/842847c9-7bfe-489b-98f8-4dc604f13156.roa
File: 842847c9-7bfe-489b-98f8-4dc604f13156.roa (raw, json)
Hash identifier: 5iOl/VFXHQb6I5CeoIqoCP2tTJrxZMTWrPjwjLDwk9c=
Subject key identifier: BA:F6:9A:2A:98:BA:2F:84:C7:43:46:F6:B0:E2:9F:3F:F6:99:8F:E7
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 74BFA4932377E9C740A1AC1EBE94B87D6BE1BDAA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/842847c9-7bfe-489b-98f8-4dc604f13156.roa
Signing time: Tue 10 Oct 2023 00:00:00 +0000
ROA not before: Tue 10 Oct 2023 00:00:00 +0000
ROA not after: Tue 14 Nov 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:bf:a4:93:23:77:e9:c7:40:a1:ac:1e:be:94:b8:7d:6b:e1:bd:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 10 00:00:00 2023 GMT
Not After : Nov 14 23:59:59 2023 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2f:05:d3:4c:bf:9e:db:38:29:43:5d:0f:e7:
48:ef:a0:4b:81:71:90:65:71:86:ae:f7:ea:43:ac:
f7:de:fb:b3:5a:8e:57:99:b5:7b:15:0a:d4:36:ac:
80:43:af:47:9d:b2:28:c2:73:54:25:60:91:7d:2b:
05:c2:0f:e6:a8:2c:9e:e3:18:7e:ac:f4:fc:b4:03:
bf:ff:00:14:db:77:1b:db:bc:04:65:c3:d9:60:7d:
50:c9:d3:f7:4a:ff:1f:e4:97:a4:52:40:4a:ea:9d:
f9:da:8b:4b:88:1b:84:45:fa:5f:23:f7:7e:81:40:
1d:21:8e:9a:55:d8:9a:bb:1c:37:6e:d3:4b:34:8c:
1e:d3:e7:f7:1e:ff:73:08:03:45:50:9e:e8:ca:66:
06:b9:3a:40:5a:07:e9:31:19:73:6a:5f:0c:98:17:
b1:3c:5d:d3:f1:7d:a3:85:a3:05:e0:d3:38:33:3d:
cb:a1:78:11:17:a2:fa:b7:61:04:3b:43:28:b2:9a:
db:e2:ce:d5:2b:6e:d9:93:35:45:90:6d:af:36:78:
d3:ea:bd:a2:fe:97:33:d9:1e:76:af:e8:e4:cd:72:
95:e4:da:44:18:90:27:5f:1e:e7:94:2e:db:66:40:
9c:d5:6e:99:14:44:07:bc:d4:b6:31:b2:bc:0b:c8:
a0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F6:9A:2A:98:BA:2F:84:C7:43:46:F6:B0:E2:9F:3F:F6:99:8F:E7
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/842847c9-7bfe-489b-98f8-4dc604f13156.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
02:7d:c0:aa:32:62:b8:84:03:37:88:1b:04:78:c5:25:76:95:
59:6d:a9:68:4f:0b:e2:9d:d1:2f:97:10:69:09:58:37:13:0f:
3a:c9:56:ce:82:22:22:31:fd:24:9a:93:44:14:b4:5e:cc:83:
a9:91:cf:3d:bf:3f:41:9e:69:e1:1b:42:1e:bf:8b:d9:9f:3e:
46:14:eb:c3:94:cc:21:e7:ad:dd:4e:c4:b2:d0:2b:fc:4d:90:
42:9b:d1:12:c3:3c:ff:35:8e:0a:20:1d:a0:14:42:e2:e3:dd:
b0:8e:ad:1a:20:0b:6f:e3:f7:35:24:2e:66:9d:b3:d5:ec:87:
41:30:d4:0f:e4:e7:f6:a1:e9:81:67:15:46:2c:ce:35:64:64:
1c:0a:ce:55:53:04:f5:13:55:06:82:6a:48:d3:78:1f:a8:b0:
90:6b:db:f4:fb:7b:ed:93:3c:ea:71:c4:44:8b:43:11:72:61:
26:45:26:df:c1:19:21:9a:97:6a:b7:81:c0:f8:1f:36:71:e1:
54:ca:a9:9f:78:55:f6:d9:c4:63:82:c2:8c:36:26:9c:2a:1c:
4b:44:8f:41:cd:4c:51:78:53:72:75:ec:e7:05:83:7f:24:d6:
52:15:24:87:ce:2a:a8:bf:6b:59:22:73:bc:45:65:0a:9a:ab:
c1:50:c2:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdL+kkyN36cdAoawevpS4fWvhvaowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDEwMDAwMDAwWhcNMjMxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyODg2NzgyMTBjOGYwNDNmNGE5YWU3OWFkYTQ5NmJkMmUx
NDk3YmJiMjEyZjAyZjJiODNmNWViYmRkNmJhNmFmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpLwXTTL+e2zgpQ10P50jvoEuBcZBlcYau9+pDrPfe+7Na
jleZtXsVCtQ2rIBDr0edsijCc1QlYJF9KwXCD+aoLJ7jGH6s9Py0A7//ABTbdxvb
vARlw9lgfVDJ0/dK/x/kl6RSQErqnfnai0uIG4RF+l8j936BQB0hjppV2Jq7HDdu
00s0jB7T5/ce/3MIA0VQnujKZga5OkBaB+kxGXNqXwyYF7E8XdPxfaOFowXg0zgz
PcuheBEXovq3YQQ7QyiymtviztUrbtmTNUWQba82eNPqvaL+lzPZHnav6OTNcpXk
2kQYkCdfHueULttmQJzVbpkURAe81LYxsrwLyKABAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuvaaKpi6L4THQ0b2sOKfP/aZj+cwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg0Mjg0N2M5LTdiZmUtNDg5Yi05OGY4LTRkYzYwNGYxMzE1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAJ9wKoyYriEAzeIGwR4xSV2lVlt
qWhPC+Kd0S+XEGkJWDcTDzrJVs6CIiIx/SSak0QUtF7Mg6mRzz2/P0GeaeEbQh6/
i9mfPkYU68OUzCHnrd1OxLLQK/xNkEKb0RLDPP81jgogHaAUQuLj3bCOrRogC2/j
9zUkLmads9Xsh0Ew1A/k5/ah6YFnFUYszjVkZBwKzlVTBPUTVQaCakjTeB+osJBr
2/T7e+2TPOpxxESLQxFyYSZFJt/BGSGal2q3gcD4HzZx4VTKqZ94VfbZxGOCwow2
JpwqHEtEj0HNTFF4U3J17OcFg38k1lIVJIfOKqi/a1kic7xFZQqaq8FQwgI=
-----END CERTIFICATE-----
Generated at Tue Feb 18 06:59:32 2025 by rpki-client