Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b97912d2-90a0-44ba-8fa9-1cf0760c8b94.roa
File: b97912d2-90a0-44ba-8fa9-1cf0760c8b94.roa (raw, json)
Hash identifier: 3kXEOazI3VSv7vinNN+WrC7HDwYPQ0Ff3SH5W1XK5DU=
Subject key identifier: B5:B9:DA:71:87:E4:93:AB:75:EB:69:22:AD:1C:9C:74:96:DD:DB:53
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0B86BF08AE297004E97F0A9C97C5333563F61703
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b97912d2-90a0-44ba-8fa9-1cf0760c8b94.roa
Signing time: Wed 13 Dec 2023 00:00:00 +0000
ROA not before: Wed 13 Dec 2023 00:00:00 +0000
ROA not after: Wed 17 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:86:bf:08:ae:29:70:04:e9:7f:0a:9c:97:c5:33:35:63:f6:17:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 13 00:00:00 2023 GMT
Not After : Jan 17 23:59:59 2024 GMT
Subject: serialNumber=2aab97df3ccf2ff78fffd72030a5a4a81beaf0e3c7148be3e5f9c21d5b9229c3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:88:ce:d5:7b:30:3b:bc:8a:6e:21:76:87:66:
ce:1c:c8:3e:44:55:6a:3e:00:27:56:4e:ef:48:b3:
38:61:45:ef:b8:6f:68:62:4f:7a:bd:0e:bb:02:f5:
3b:77:2c:69:a4:be:8a:5e:6c:52:72:02:36:80:a0:
c9:36:29:8d:14:b2:f4:ea:b7:e7:a4:4a:72:96:b6:
05:24:4b:18:f7:8a:81:12:e4:91:e8:d3:01:c8:f0:
d3:8f:89:0b:91:78:36:ab:95:d4:5c:7a:2b:5f:6f:
aa:92:98:64:84:1b:d9:af:13:58:11:ce:dc:d3:fa:
05:e9:4b:79:95:f8:c1:a7:72:89:97:b2:73:23:e8:
19:35:bc:ae:33:c9:ce:b0:a7:ee:03:7a:e5:60:72:
25:a1:5f:06:08:ee:83:0a:ca:7d:8a:28:2c:8c:17:
ad:f1:50:87:2b:ba:31:95:67:d3:5b:d2:46:4f:eb:
5e:12:fb:97:01:a0:d3:fa:04:47:15:9c:9f:56:c0:
f2:d9:16:7f:64:59:a0:0d:48:ed:74:09:a3:ae:43:
04:cc:5f:f7:cd:06:b3:48:da:7d:8b:7d:d2:c3:c2:
a2:5e:3a:0f:50:48:43:f1:2b:45:6f:09:e4:24:97:
1a:63:b6:d7:e6:72:46:6b:b0:70:5d:cb:49:cd:cd:
98:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B9:DA:71:87:E4:93:AB:75:EB:69:22:AD:1C:9C:74:96:DD:DB:53
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b97912d2-90a0-44ba-8fa9-1cf0760c8b94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:8c:a6:01:c7:f8:fe:a5:5a:4e:33:11:43:eb:cc:6b:f2:66:
0b:24:bb:92:14:97:af:2a:ca:af:02:35:48:63:5c:b0:eb:fd:
67:45:82:0d:45:37:17:d7:e9:aa:a8:97:07:7c:9b:05:c5:80:
5d:8b:ab:0f:9b:bd:78:6a:07:08:b0:72:d8:69:6d:3b:dd:f7:
3c:8a:7d:e6:06:dd:a3:22:98:02:56:fa:7c:93:7e:52:9b:06:
71:cd:80:8e:df:a6:c0:09:aa:35:cb:f9:a1:e3:85:17:64:ee:
d4:de:d5:10:a6:f5:4e:80:0e:e5:15:78:4f:14:f7:b4:fa:9d:
32:b0:59:80:61:c7:48:6d:2d:f9:f8:45:de:f9:48:93:ac:56:
bd:68:18:32:7d:b0:d6:2f:f4:3f:8d:f5:b7:52:22:1e:c7:79:
a3:29:1f:16:5d:5f:18:0f:ff:cd:0f:b8:f0:4d:2a:f8:76:e4:
7a:6b:60:78:3c:15:60:e2:82:a4:5d:58:31:e1:ae:de:0b:98:
c7:8f:3f:ba:5f:7b:fc:8a:68:52:85:ba:e9:8a:04:f1:ae:52:
0f:1c:fc:a6:dd:e8:ca:85:fc:dd:62:e5:e5:f1:3d:bd:b8:0e:
bb:61:47:b1:3a:09:ea:9c:e9:76:98:2a:de:79:be:40:76:6c:
ad:08:ff:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC4a/CK4pcATpfwqcl8UzNWP2FwMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjEzMDAwMDAwWhcNMjQwMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYWFiOTdkZjNjY2YyZmY3OGZmZmQ3MjAzMGE1YTRhODFi
ZWFmMGUzYzcxNDhiZTNlNWY5YzIxZDViOTIyOWMzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHiM7VezA7vIpuIXaHZs4cyD5EVWo+ACdWTu9IszhhRe+4
b2hiT3q9DrsC9Tt3LGmkvopebFJyAjaAoMk2KY0UsvTqt+ekSnKWtgUkSxj3ioES
5JHo0wHI8NOPiQuReDarldRceitfb6qSmGSEG9mvE1gRztzT+gXpS3mV+MGncomX
snMj6Bk1vK4zyc6wp+4DeuVgciWhXwYI7oMKyn2KKCyMF63xUIcrujGVZ9Nb0kZP
614S+5cBoNP6BEcVnJ9WwPLZFn9kWaANSO10CaOuQwTMX/fNBrNI2n2LfdLDwqJe
Og9QSEPxK0VvCeQklxpjttfmckZrsHBdy0nNzZgRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtbnacYfkk6t162kirRycdJbd21MwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I5NzkxMmQyLTkwYTAtNDRiYS04ZmE5LTFjZjA3NjBjOGI5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHuMpgHH+P6lWk4zEUPrzGvyZgsk
u5IUl68qyq8CNUhjXLDr/WdFgg1FNxfX6aqolwd8mwXFgF2Lqw+bvXhqBwiwcthp
bTvd9zyKfeYG3aMimAJW+nyTflKbBnHNgI7fpsAJqjXL+aHjhRdk7tTe1RCm9U6A
DuUVeE8U97T6nTKwWYBhx0htLfn4Rd75SJOsVr1oGDJ9sNYv9D+N9bdSIh7HeaMp
HxZdXxgP/80PuPBNKvh25HprYHg8FWDigqRdWDHhrt4LmMePP7pfe/yKaFKFuumK
BPGuUg8c/Kbd6MqF/N1i5eXxPb24DrthR7E6Ceqc6XaYKt55vkB2bK0I/1M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:16 2024 by rpki-client on console-ams.rpki-client.org