Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a9e4a047-ec74-46cc-89d4-f6062319871e.roa
File: a9e4a047-ec74-46cc-89d4-f6062319871e.roa (raw, json)
Hash identifier: pKhGBXvu1YjzDKRN5QxvMv9skrU0LWwtqC/yFVmRxII=
Subject key identifier: 96:A6:A6:15:86:77:53:FD:32:84:D2:F4:AF:47:CC:83:C6:59:0D:12
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 36E3424994E88B7BDD713A298AE283B6332AC0C6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a9e4a047-ec74-46cc-89d4-f6062319871e.roa
Signing time: Sun 03 Mar 2024 00:00:00 +0000
ROA not before: Sun 03 Mar 2024 00:00:00 +0000
ROA not after: Sun 07 Apr 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:e3:42:49:94:e8:8b:7b:dd:71:3a:29:8a:e2:83:b6:33:2a:c0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 3 00:00:00 2024 GMT
Not After : Apr 7 23:59:59 2024 GMT
Subject: serialNumber=7bc4860a0d758ed4babd952172b5be28bae497a441f35cedd53228f95e9d414b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:99:be:94:31:0d:1e:cb:5b:b5:12:d1:d3:83:
8e:cf:f4:9c:d7:87:56:19:0b:65:50:07:65:09:ff:
09:51:1a:14:2b:89:48:34:bd:7d:80:24:55:a6:71:
3a:61:33:71:cd:73:e7:1d:af:78:d9:14:6b:08:36:
57:b8:57:f5:14:de:ed:80:c9:ea:4e:c0:5b:17:f2:
a8:51:39:8e:df:79:4e:81:24:47:1e:3f:0e:3e:38:
1b:e4:eb:b1:37:cf:c5:e2:33:47:eb:89:f0:1b:33:
c0:35:b9:92:2e:14:65:9f:a1:58:4b:0b:28:4c:c7:
93:7c:42:cb:65:3f:8f:ac:ca:12:2a:39:05:a3:d1:
97:9a:58:db:57:25:8e:76:63:7f:14:ef:0d:0c:81:
f1:e9:5c:44:08:70:5f:9a:62:b4:44:cc:cd:32:47:
12:0d:97:77:40:3e:4a:30:c9:61:a9:f3:c6:70:21:
fd:ad:9d:3a:0d:4e:af:1a:1a:94:9e:78:ef:0d:95:
16:c7:e4:fd:22:5e:11:fd:78:7e:fb:31:cd:2c:7d:
5a:a2:82:8e:45:0e:07:24:99:a4:00:a7:5d:24:35:
0d:cf:5a:76:30:5d:56:82:38:bb:53:c9:45:32:29:
ec:0b:f2:de:e1:f5:45:15:1d:96:1d:b1:6b:8b:cb:
3a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A6:A6:15:86:77:53:FD:32:84:D2:F4:AF:47:CC:83:C6:59:0D:12
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a9e4a047-ec74-46cc-89d4-f6062319871e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2b:f9:9f:80:52:e3:6d:f4:f5:f0:c9:19:8e:cc:d4:1f:02:
64:a0:93:73:9d:12:61:33:46:9b:48:8d:a7:75:cd:7f:2f:19:
1a:dc:fd:97:9c:7a:aa:4c:12:2f:2e:4c:22:df:b2:d9:69:47:
6c:fd:98:61:e8:e8:ea:ef:eb:75:04:c5:8c:60:6b:fe:f6:86:
c8:6f:53:7a:df:57:1b:be:b8:2b:5a:48:2f:cd:22:10:04:5c:
72:1e:6a:2e:b3:d2:92:94:8d:25:05:d1:88:29:11:6b:b3:ab:
e1:ef:4b:6f:13:7e:f5:c1:eb:e0:db:04:33:ae:d1:6f:18:50:
a5:ea:9e:a7:1e:91:a6:73:01:fb:fd:69:f2:48:99:b3:a4:51:
a3:75:c6:ab:ae:90:08:1b:42:c3:99:b0:56:89:f9:72:b5:29:
98:ff:a4:08:63:d4:58:b3:0b:fb:98:40:1a:df:f6:1c:4d:e0:
4c:d1:81:61:a2:12:22:fc:47:4d:fe:9e:93:42:fb:e0:1f:e0:
47:d9:8d:5a:a6:94:e1:e9:ce:92:b7:e5:58:98:0f:e2:d4:97:
64:af:9a:78:fc:79:18:62:c3:61:d4:58:03:81:ea:e0:f9:de:
ec:6c:bf:36:e5:43:94:0f:2c:8c:41:96:75:93:bc:9a:45:65:
6d:50:fb:6b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNuNCSZToi3vdcTopiuKDtjMqwMYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzAzMDAwMDAwWhcNMjQwNDA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YmM0ODYwYTBkNzU4ZWQ0YmFiZDk1MjE3MmI1YmUyOGJh
ZTQ5N2E0NDFmMzVjZWRkNTMyMjhmOTVlOWQ0MTRiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUmb6UMQ0ey1u1EtHTg47P9JzXh1YZC2VQB2UJ/wlRGhQr
iUg0vX2AJFWmcTphM3HNc+cdr3jZFGsINle4V/UU3u2AyepOwFsX8qhROY7feU6B
JEcePw4+OBvk67E3z8XiM0frifAbM8A1uZIuFGWfoVhLCyhMx5N8QstlP4+syhIq
OQWj0ZeaWNtXJY52Y38U7w0MgfHpXEQIcF+aYrREzM0yRxINl3dAPkowyWGp88Zw
If2tnToNTq8aGpSeeO8NlRbH5P0iXhH9eH77Mc0sfVqigo5FDgckmaQAp10kNQ3P
WnYwXVaCOLtTyUUyKewL8t7h9UUVHZYdsWuLyzrlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlqamFYZ3U/0yhNL0r0fMg8ZZDRIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2E5ZTRhMDQ3LWVjNzQtNDZjYy04OWQ0LWY2MDYyMzE5ODcxZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIwr+Z+AUuNt9PXwyRmOzNQfAmSg
k3OdEmEzRptIjad1zX8vGRrc/ZeceqpMEi8uTCLfstlpR2z9mGHo6Orv63UExYxg
a/72hshvU3rfVxu+uCtaSC/NIhAEXHIeai6z0pKUjSUF0YgpEWuzq+HvS28TfvXB
6+DbBDOu0W8YUKXqnqcekaZzAfv9afJImbOkUaN1xquukAgbQsOZsFaJ+XK1KZj/
pAhj1FizC/uYQBrf9hxN4EzRgWGiEiL8R03+npNC++Af4EfZjVqmlOHpzpK35ViY
D+LUl2Svmnj8eRhiw2HUWAOB6uD53uxsvzblQ5QPLIxBlnWTvJpFZW1Q+2s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:06 2024 by rpki-client on console-ams.rpki-client.org