Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bc0f34fa-b853-4b4e-8d01-58350c1c7fce.roa
File: bc0f34fa-b853-4b4e-8d01-58350c1c7fce.roa (raw, json)
Hash identifier: 9uOEs6yK4CT/ZoGis3NFwOHmwcKGsdXOKH0gOhpdeNI=
Subject key identifier: 69:71:D0:FF:23:C5:08:84:69:DB:0D:C7:31:F9:36:B3:87:2D:E5:1E
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3FE04C4352E62D9ADE1CACB1D9AF6C76A58805E6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bc0f34fa-b853-4b4e-8d01-58350c1c7fce.roa
Signing time: Thu 04 Jan 2024 00:00:00 +0000
ROA not before: Thu 04 Jan 2024 00:00:00 +0000
ROA not after: Thu 08 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:e0:4c:43:52:e6:2d:9a:de:1c:ac:b1:d9:af:6c:76:a5:88:05:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 4 00:00:00 2024 GMT
Not After : Feb 8 23:59:59 2024 GMT
Subject: serialNumber=d46700d68528e9fb8b775d76ebc7ef795d61a916346a1db62c617b2a0aeb0504, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5d:96:39:bf:63:35:f7:85:bf:f3:30:ec:72:
8b:c5:86:00:6d:1f:cf:9e:a5:89:43:47:1e:a4:a5:
55:f6:a6:ad:35:a1:e2:3d:bc:31:71:65:e1:43:dc:
00:9d:40:ae:50:e6:9c:dc:2a:5c:17:fe:f8:99:7f:
f8:cc:ac:58:7f:20:d7:6a:3a:5d:fa:4c:f8:0e:e4:
7b:12:09:c1:6b:20:b9:a7:53:02:1a:e8:17:a9:4c:
7d:16:58:e2:65:55:3a:f8:b4:3b:29:d5:30:f5:fb:
8e:a4:c0:49:0f:b3:a9:f1:6f:ad:3d:fa:66:e1:93:
30:3f:da:c3:9e:f3:28:1c:65:94:68:75:47:30:aa:
ed:16:80:b7:15:f1:34:c7:97:e2:41:56:21:26:e1:
38:5e:9e:72:5f:9d:31:c9:57:e2:e0:b0:1f:8d:85:
fa:02:29:24:38:73:03:85:07:2e:69:fb:14:4c:9f:
de:53:64:b3:fd:ce:89:55:94:22:27:9e:56:04:67:
63:4e:53:c6:82:bd:b1:d8:f8:0a:f7:59:5a:ff:ff:
fc:02:21:ac:e3:98:f8:85:96:16:12:1f:3f:5c:6e:
eb:6f:b0:4d:fc:7d:c0:59:13:83:df:b0:b1:64:d7:
ac:8f:03:a0:4b:7f:f5:d4:f0:78:e2:e0:85:0d:21:
c8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:71:D0:FF:23:C5:08:84:69:DB:0D:C7:31:F9:36:B3:87:2D:E5:1E
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bc0f34fa-b853-4b4e-8d01-58350c1c7fce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:db:61:6b:89:bd:bd:a9:2e:c3:91:bd:34:ec:4d:2e:ed:5c:
fd:49:fc:97:2e:bd:40:b7:58:b3:ae:ff:58:50:ab:a2:ce:5b:
9c:05:4e:44:e9:f6:04:ac:23:4d:96:f4:c1:c0:93:42:4d:9f:
ec:de:94:ad:47:89:4f:78:33:03:9c:7b:ba:e2:0b:8f:09:8c:
70:07:0d:28:2c:a0:a4:55:6d:05:d7:d9:a7:2a:bc:a8:2b:71:
3f:e0:46:b5:7a:d1:de:53:7f:7a:c4:92:22:f8:1f:a7:f9:2a:
f6:d4:50:85:74:e8:2e:65:f8:46:7d:9e:ad:77:5e:74:e5:da:
ad:f3:26:e7:07:af:21:7f:9a:e0:c6:a3:4a:41:94:a1:83:e5:
39:06:6d:af:43:e4:6e:1b:fb:da:2c:50:49:7e:86:d9:c9:71:
1a:e7:cf:b7:c0:cc:24:52:a9:ea:59:60:db:dd:bc:45:37:7d:
c2:f8:a0:22:0f:0c:f9:f8:03:6e:22:0a:d7:b7:3e:6f:9f:20:
37:c8:1a:0b:a2:ae:41:2d:63:a0:fa:ee:a9:b2:93:fa:bb:f3:
33:bb:b8:b2:0c:1c:2f:59:de:bd:2c:38:ad:5f:ad:dc:1d:4d:
d1:69:ec:39:30:4d:76:31:7c:1c:44:71:e5:b9:4a:3a:08:bc:
c9:7b:28:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUP+BMQ1LmLZreHKyx2a9sdqWIBeYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTA0MDAwMDAwWhcNMjQwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNDY3MDBkNjg1MjhlOWZiOGI3NzVkNzZlYmM3ZWY3OTVk
NjFhOTE2MzQ2YTFkYjYyYzYxN2IyYTBhZWIwNTA0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKXZY5v2M194W/8zDscovFhgBtH8+epYlDRx6kpVX2pq01
oeI9vDFxZeFD3ACdQK5Q5pzcKlwX/viZf/jMrFh/INdqOl36TPgO5HsSCcFrILmn
UwIa6BepTH0WWOJlVTr4tDsp1TD1+46kwEkPs6nxb609+mbhkzA/2sOe8ygcZZRo
dUcwqu0WgLcV8TTHl+JBViEm4ThennJfnTHJV+LgsB+NhfoCKSQ4cwOFBy5p+xRM
n95TZLP9zolVlCInnlYEZ2NOU8aCvbHY+Ar3WVr///wCIazjmPiFlhYSHz9cbutv
sE38fcBZE4PfsLFk16yPA6BLf/XU8Hji4IUNIcjxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaXHQ/yPFCIRp2w3HMfk2s4ct5R4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2JjMGYzNGZhLWI4NTMtNGI0ZS04ZDAxLTU4MzUwYzFjN2ZjZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAK3bYWuJvb2pLsORvTTsTS7tXP1J
/JcuvUC3WLOu/1hQq6LOW5wFTkTp9gSsI02W9MHAk0JNn+zelK1HiU94MwOce7ri
C48JjHAHDSgsoKRVbQXX2acqvKgrcT/gRrV60d5Tf3rEkiL4H6f5KvbUUIV06C5l
+EZ9nq13XnTl2q3zJucHryF/muDGo0pBlKGD5TkGba9D5G4b+9osUEl+htnJcRrn
z7fAzCRSqepZYNvdvEU3fcL4oCIPDPn4A24iCte3Pm+fIDfIGguirkEtY6D67qmy
k/q78zO7uLIMHC9Z3r0sOK1frdwdTdFp7DkwTXYxfBxEceW5SjoIvMl7KH8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-ams.rpki-client.org