Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/afee6b3d-7a7f-43b3-9cd2-9d7fc7485857.roa
File: afee6b3d-7a7f-43b3-9cd2-9d7fc7485857.roa (raw, json)
Hash identifier: PVgdJpSwH14onTHZSoutBWNn0Uvuf4oBE6TZrL+zYq4=
Subject key identifier: 89:A2:2C:67:01:96:8F:9B:17:C2:8C:2F:51:92:7E:24:FF:14:29:2B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3D8446A8619292CD68C64EEAF19949BBE30B0333
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/afee6b3d-7a7f-43b3-9cd2-9d7fc7485857.roa
Signing time: Tue 31 Oct 2023 00:00:00 +0000
ROA not before: Tue 31 Oct 2023 00:00:00 +0000
ROA not after: Tue 05 Dec 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:84:46:a8:61:92:92:cd:68:c6:4e:ea:f1:99:49:bb:e3:0b:03:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Oct 31 00:00:00 2023 GMT
Not After : Dec 5 23:59:59 2023 GMT
Subject: serialNumber=fa73b896ca13b85edea0fc910b2aa63f6518008985e3197eb74da8ec53d2e8b1, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:39:5f:f9:b4:23:da:99:1e:f1:a7:8d:4f:30:
fd:b4:b9:b0:c4:39:b7:70:76:25:0b:c8:b6:da:b8:
d4:a9:5e:46:7b:06:5e:d5:6f:60:3b:d3:24:b4:a3:
68:f2:eb:3c:a4:5a:93:a6:e9:63:93:28:85:fd:43:
46:5b:36:a5:1f:1e:e7:a4:f1:60:71:3c:39:8f:40:
24:03:be:79:3f:43:00:58:ba:8f:10:a3:73:79:5c:
5c:b1:74:57:bf:ae:7f:f5:db:8f:7b:91:b6:91:7c:
1d:92:0e:c5:e3:42:28:97:b1:da:6a:35:ec:2c:04:
e1:82:2a:da:25:79:d2:7a:14:76:b9:16:7b:6d:01:
32:5e:28:cd:9c:26:93:12:01:98:36:16:3c:2c:81:
6b:c8:37:9d:c6:f8:d6:fe:6c:cb:91:93:99:ec:40:
a5:78:d9:f5:43:6a:fe:d3:de:79:79:19:e4:f3:a8:
48:f5:1a:da:98:72:a0:49:86:57:35:99:e5:7a:6a:
f8:b8:c4:c0:7b:db:87:df:59:0b:96:21:67:28:df:
18:e6:52:b2:7f:4b:a0:e6:df:42:c2:ed:0e:ff:da:
68:f8:b5:a4:52:ea:89:e7:3c:5a:f9:d7:dd:96:b9:
9f:60:13:1a:70:19:6a:51:78:6d:f7:a3:da:05:50:
e2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A2:2C:67:01:96:8F:9B:17:C2:8C:2F:51:92:7E:24:FF:14:29:2B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/afee6b3d-7a7f-43b3-9cd2-9d7fc7485857.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ac:c1:7a:35:38:b1:9d:2f:6f:e5:bc:82:49:53:4a:aa:58:
de:91:95:03:c8:dd:48:fb:26:55:9b:e9:92:c4:6a:62:d7:b1:
36:b7:ed:9c:68:af:47:fc:9f:df:2c:91:68:5c:70:4d:ee:09:
19:40:9d:f6:9d:90:dc:eb:32:a9:52:06:96:02:96:57:57:b4:
44:41:46:99:0f:20:b5:fc:3d:40:57:c0:98:39:33:10:5b:a0:
6a:1e:cf:da:c4:41:c1:f2:59:0a:11:72:a8:32:82:7a:72:06:
cb:6f:38:80:3f:a6:92:de:47:56:9e:26:52:1b:42:1a:a4:e3:
fd:bd:bc:b5:68:ab:9b:c5:a2:64:57:94:c9:fc:ad:f2:32:f9:
25:46:f3:9f:a5:c7:56:e3:45:cb:80:f3:20:17:90:82:67:a6:
41:1f:b7:de:77:b4:b1:07:01:62:05:35:1b:52:bb:df:67:b4:
ad:59:fc:0b:ac:e0:32:94:fd:95:a6:70:c9:ec:16:cd:7f:59:
09:26:db:bb:25:8b:9e:4b:cc:4f:5b:41:68:43:69:e0:f8:9b:
39:5e:55:98:a6:50:5c:c3:10:85:12:af:a8:47:1a:5b:c7:70:
74:38:f4:a5:cc:5c:22:0b:18:5d:9e:1a:17:96:98:df:14:8d:
83:67:86:4e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPYRGqGGSks1oxk7q8ZlJu+MLAzMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDMxMDAwMDAwWhcNMjMxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTczYjg5NmNhMTNiODVlZGVhMGZjOTEwYjJhYTYzZjY1
MTgwMDg5ODVlMzE5N2ViNzRkYThlYzUzZDJlOGIxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkOV/5tCPamR7xp41PMP20ubDEObdwdiULyLbauNSpXkZ7
Bl7Vb2A70yS0o2jy6zykWpOm6WOTKIX9Q0ZbNqUfHuek8WBxPDmPQCQDvnk/QwBY
uo8Qo3N5XFyxdFe/rn/12497kbaRfB2SDsXjQiiXsdpqNewsBOGCKtoledJ6FHa5
FnttATJeKM2cJpMSAZg2FjwsgWvIN53G+Nb+bMuRk5nsQKV42fVDav7T3nl5GeTz
qEj1GtqYcqBJhlc1meV6avi4xMB724ffWQuWIWco3xjmUrJ/S6Dm30LC7Q7/2mj4
taRS6onnPFr5192WuZ9gExpwGWpReG33o9oFUOJ9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiaIsZwGWj5sXwowvUZJ+JP8UKSswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FmZWU2YjNkLTdhN2YtNDNiMy05Y2QyLTlkN2ZjNzQ4NTg1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABOswXo1OLGdL2/lvIJJU0qqWN6R
lQPI3Uj7JlWb6ZLEamLXsTa37Zxor0f8n98skWhccE3uCRlAnfadkNzrMqlSBpYC
lldXtERBRpkPILX8PUBXwJg5MxBboGoez9rEQcHyWQoRcqgygnpyBstvOIA/ppLe
R1aeJlIbQhqk4/29vLVoq5vFomRXlMn8rfIy+SVG85+lx1bjRcuA8yAXkIJnpkEf
t953tLEHAWIFNRtSu99ntK1Z/Aus4DKU/ZWmcMnsFs1/WQkm27sli55LzE9bQWhD
aeD4mzleVZimUFzDEIUSr6hHGlvHcHQ49KXMXCILGF2eGheWmN8UjYNnhk4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:08 2024 by rpki-client on console-ams.rpki-client.org