Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b8e1385b-0afd-4850-9549-3028e9476b42.roa
File: b8e1385b-0afd-4850-9549-3028e9476b42.roa (raw, json)
Hash identifier: GtjIP1h1CzQEZ+nGZXIzxCkAuRlSqwo9BijSjG4g50k=
Subject key identifier: 3D:1C:46:4C:2D:51:9C:95:D3:A8:67:32:1D:D6:01:20:7E:DB:6C:5B
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 728FFD6F8C19EAABB497F9BD51CB9755B42DBABC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b8e1385b-0afd-4850-9549-3028e9476b42.roa
Signing time: Thu 07 Dec 2023 00:00:00 +0000
ROA not before: Thu 07 Dec 2023 00:00:00 +0000
ROA not after: Thu 11 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:8f:fd:6f:8c:19:ea:ab:b4:97:f9:bd:51:cb:97:55:b4:2d:ba:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 7 00:00:00 2023 GMT
Not After : Jan 11 23:59:59 2024 GMT
Subject: serialNumber=29e5ddbe4d4bf65ad9c9e788114527038e5b9b532158d461535f0a26f48f3159, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:37:8d:e4:5c:65:a1:e5:83:55:a1:c4:8c:
ec:fb:58:8e:a7:eb:6b:db:bf:84:4e:9f:a8:b6:70:
16:74:dd:30:3d:71:53:f2:bc:cb:c0:ef:b5:4c:a2:
a0:34:bd:45:4f:35:6d:c8:c2:0f:cc:aa:3d:6a:fa:
5d:2a:5c:3b:17:09:ce:9c:c0:55:9a:0b:44:f9:13:
a1:f4:05:aa:56:c3:3f:5e:96:12:c3:bd:9b:25:5a:
db:e4:b2:73:b8:24:24:0d:c1:2f:1c:aa:0e:55:16:
b1:a0:73:85:31:35:bc:38:31:00:9a:6b:b5:48:e5:
40:44:78:2b:f1:05:96:18:56:1d:53:a0:6b:6c:ac:
24:26:55:6a:fc:70:ff:04:86:58:51:c8:89:0a:f1:
00:72:7d:a7:46:43:f9:6a:e4:9c:f6:29:1a:91:26:
dd:90:81:e8:ab:f7:4c:e2:ad:e5:b4:b2:b9:33:0e:
63:6c:08:d8:b6:6d:ed:42:08:7e:40:5c:1b:83:99:
77:5e:ee:fd:a2:45:ee:51:04:04:5e:b9:67:04:99:
81:f1:b0:7f:f3:29:1e:bb:93:c4:34:02:cc:74:76:
b2:20:69:e9:03:4d:cf:64:7d:e0:55:6f:0d:51:66:
54:62:f0:fd:ff:0e:b6:a6:de:26:c6:4c:83:99:4d:
3e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1C:46:4C:2D:51:9C:95:D3:A8:67:32:1D:D6:01:20:7E:DB:6C:5B
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b8e1385b-0afd-4850-9549-3028e9476b42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
11:66:7e:5f:7f:72:12:2d:45:1e:de:a9:1d:bc:88:2b:57:a1:
a1:b0:7a:98:cb:f3:2e:6e:b9:c1:a3:0a:f2:4b:d9:0b:85:35:
cf:3c:f9:a8:06:ca:4a:bc:f8:38:4d:50:3d:a3:75:3e:6c:a6:
5a:e1:34:fc:c5:77:fd:7a:1b:29:1e:44:91:c1:88:d6:a7:f5:
fd:c3:78:e8:03:a4:36:ab:8d:2d:fd:e8:29:3e:4b:6c:0a:24:
5e:3a:0a:f7:17:3c:f5:9b:37:f9:85:46:37:45:ea:73:19:80:
02:b1:90:3f:01:d2:42:cc:bf:6e:61:1d:05:75:91:a6:aa:50:
c3:e1:26:69:6e:16:07:12:bc:b7:8d:a7:8b:2e:15:ee:fd:ea:
0c:a9:7e:cd:a7:09:7f:10:9b:eb:96:34:26:eb:de:d9:db:43:
0d:4d:1b:69:4b:18:aa:3d:8f:03:ec:2a:aa:69:ca:ba:eb:83:
ee:e9:65:e6:67:2a:91:ae:a0:96:62:ec:06:c2:7b:3b:b1:45:
9d:71:ad:a1:49:d4:50:a3:df:6a:23:bd:1a:fc:3d:7d:2e:0b:
df:44:22:fa:60:35:7b:8a:73:ae:66:80:4b:aa:45:4f:00:66:
d6:30:58:0e:1a:5c:d5:fb:01:ce:d8:88:f5:f1:b1:0a:f0:04:
80:a6:70:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUco/9b4wZ6qu0l/m9UcuXVbQturwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjA3MDAwMDAwWhcNMjQwMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOWU1ZGRiZTRkNGJmNjVhZDljOWU3ODgxMTQ1MjcwMzhl
NWI5YjUzMjE1OGQ0NjE1MzVmMGEyNmY0OGYzMTU5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWFDeN5FxloeWDVaHEjOz7WI6n62vbv4ROn6i2cBZ03TA9
cVPyvMvA77VMoqA0vUVPNW3Iwg/Mqj1q+l0qXDsXCc6cwFWaC0T5E6H0BapWwz9e
lhLDvZslWtvksnO4JCQNwS8cqg5VFrGgc4UxNbw4MQCaa7VI5UBEeCvxBZYYVh1T
oGtsrCQmVWr8cP8EhlhRyIkK8QByfadGQ/lq5Jz2KRqRJt2Qgeir90zireW0srkz
DmNsCNi2be1CCH5AXBuDmXde7v2iRe5RBAReuWcEmYHxsH/zKR67k8Q0Asx0drIg
aekDTc9kfeBVbw1RZlRi8P3/Dram3ibGTIOZTT5ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPRxGTC1RnJXTqGcyHdYBIH7bbFswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I4ZTEzODViLTBhZmQtNDg1MC05NTQ5LTMwMjhlOTQ3NmI0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABFmfl9/chItRR7eqR28iCtXoaGw
epjL8y5uucGjCvJL2QuFNc88+agGykq8+DhNUD2jdT5splrhNPzFd/16GykeRJHB
iNan9f3DeOgDpDarjS396Ck+S2wKJF46CvcXPPWbN/mFRjdF6nMZgAKxkD8B0kLM
v25hHQV1kaaqUMPhJmluFgcSvLeNp4suFe796gypfs2nCX8Qm+uWNCbr3tnbQw1N
G2lLGKo9jwPsKqppyrrrg+7pZeZnKpGuoJZi7AbCezuxRZ1xraFJ1FCj32ojvRr8
PX0uC99EIvpgNXuKc65mgEuqRU8AZtYwWA4aXNX7Ac7YiPXxsQrwBICmcFk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:41 2024 by rpki-client on console-fra.rpki-client.org