Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d85a51f8-100d-4b95-97c0-9cf45ca2980c.roa
File: d85a51f8-100d-4b95-97c0-9cf45ca2980c.roa (raw, json)
Hash identifier: OH8epCQi/3qrWXSD8C6yDWFws/kzBEHnDB8TKqf3WVA=
Subject key identifier: 80:EE:42:59:CA:F5:F2:92:38:B6:B5:98:D1:9C:E1:DD:2E:91:19:D4
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 43960320639FFB40896C0AF40AD88E2BAF82024E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d85a51f8-100d-4b95-97c0-9cf45ca2980c.roa
Signing time: Mon 25 Sep 2023 00:00:00 +0000
ROA not before: Mon 25 Sep 2023 00:00:00 +0000
ROA not after: Mon 30 Oct 2023 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:96:03:20:63:9f:fb:40:89:6c:0a:f4:0a:d8:8e:2b:af:82:02:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 25 00:00:00 2023 GMT
Not After : Oct 30 23:59:59 2023 GMT
Subject: serialNumber=8820b712f850e988e2f81f7b16f7593f208d7d79f8e943ce104c29a197073091, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:87:2e:48:d2:32:af:a6:16:f1:79:25:9a:fb:
52:5c:7a:f4:3f:8a:e7:6a:bc:92:e9:f7:48:b8:5b:
98:2e:08:49:86:af:86:b7:c0:16:1c:11:ca:62:5b:
81:17:e2:73:b3:79:14:60:7b:74:cb:b3:a5:ea:29:
12:03:16:45:ef:72:96:47:57:ec:ad:81:de:25:a4:
d1:b1:1b:ae:f8:95:3d:94:07:c1:99:f7:f5:ab:82:
6f:74:2a:87:14:4a:60:5d:d9:17:2d:7f:1f:19:76:
ef:15:f6:eb:b5:60:99:ec:49:53:1e:9b:3a:dc:4c:
dd:94:b3:52:f8:03:4a:3a:f9:7f:78:6b:f6:48:a5:
7d:79:f3:bf:2b:f4:fd:09:a6:96:c8:07:ca:1c:82:
89:7f:4d:b9:67:3d:68:6e:ab:9e:7e:17:ed:db:21:
2d:d6:9a:04:20:44:56:88:f7:85:7b:cf:2f:fb:94:
d8:38:86:39:6b:d7:8e:64:a7:f3:be:74:29:cc:7b:
8a:72:30:36:fd:73:2f:29:a5:50:24:13:b9:17:96:
35:a4:a9:f9:59:ab:59:37:eb:77:4c:18:fe:5e:54:
98:eb:63:36:f8:8f:54:d7:f5:80:7f:95:27:3e:49:
08:34:76:27:f6:a3:1c:d6:a8:01:25:7a:85:34:98:
52:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:EE:42:59:CA:F5:F2:92:38:B6:B5:98:D1:9C:E1:DD:2E:91:19:D4
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d85a51f8-100d-4b95-97c0-9cf45ca2980c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
20:7c:fe:fe:f2:fe:6a:2b:05:b0:0f:3e:ad:9b:be:2a:bb:32:
e2:06:75:1f:8a:48:df:b6:d4:9b:55:5d:8b:5e:93:e4:42:dd:
75:ff:13:aa:5f:14:36:2d:7e:7f:d3:db:b5:f2:9b:2b:a9:c6:
58:6e:7a:fd:d4:57:d2:e2:40:ce:e3:1f:bd:02:95:8a:c9:2a:
0e:b2:27:e0:f7:44:cd:ac:e3:24:2b:03:4c:55:34:41:dd:b2:
95:7f:f4:42:73:9f:29:a5:1c:7d:6d:14:71:96:4a:17:0b:b8:
cf:21:9b:5c:ed:0e:1d:22:9d:a6:c7:de:55:f0:1e:c2:cd:36:
d8:ca:b4:3c:64:77:50:45:6e:59:27:92:af:a4:02:90:33:dd:
f8:cb:99:a8:ed:ac:1c:ef:49:f6:2e:ae:c9:8c:0f:a4:44:58:
cd:28:95:bb:4f:df:0c:85:5c:3c:27:b5:7f:32:1c:83:76:98:
0b:01:5c:71:0f:86:c3:81:95:cc:5e:2e:82:3c:d6:d1:07:69:
2a:62:b8:ab:49:a1:fe:f0:a8:84:32:b1:ca:fe:31:33:2d:6a:
3c:99:73:ac:e6:df:60:6b:cc:ac:33:8b:86:4f:d2:a3:e3:a2:
34:a3:40:32:fd:cb:6d:20:86:d1:b0:d3:7a:e6:3e:97:7f:76:
1e:ee:57:d6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQ5YDIGOf+0CJbAr0CtiOK6+CAk4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTI1MDAwMDAwWhcNMjMxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ODIwYjcxMmY4NTBlOTg4ZTJmODFmN2IxNmY3NTkzZjIw
OGQ3ZDc5ZjhlOTQzY2UxMDRjMjlhMTk3MDczMDkxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+hy5I0jKvphbxeSWa+1JcevQ/iudqvJLp90i4W5guCEmG
r4a3wBYcEcpiW4EX4nOzeRRge3TLs6XqKRIDFkXvcpZHV+ytgd4lpNGxG674lT2U
B8GZ9/Wrgm90KocUSmBd2Rctfx8Zdu8V9uu1YJnsSVMemzrcTN2Us1L4A0o6+X94
a/ZIpX15878r9P0JppbIB8ocgol/TblnPWhuq55+F+3bIS3WmgQgRFaI94V7zy/7
lNg4hjlr145kp/O+dCnMe4pyMDb9cy8ppVAkE7kXljWkqflZq1k363dMGP5eVJjr
Yzb4j1TX9YB/lSc+SQg0dif2oxzWqAEleoU0mFIzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgO5CWcr18pI4trWY0Zzh3S6RGdQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q4NWE1MWY4LTEwMGQtNGI5NS05N2MwLTljZjQ1Y2EyOTgwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACB8/v7y/morBbAPPq2bviq7MuIG
dR+KSN+21JtVXYtek+RC3XX/E6pfFDYtfn/T27Xymyupxlhuev3UV9LiQM7jH70C
lYrJKg6yJ+D3RM2s4yQrA0xVNEHdspV/9EJznymlHH1tFHGWShcLuM8hm1ztDh0i
nabH3lXwHsLNNtjKtDxkd1BFblknkq+kApAz3fjLmajtrBzvSfYursmMD6REWM0o
lbtP3wyFXDwntX8yHIN2mAsBXHEPhsOBlcxeLoI81tEHaSpiuKtJof7wqIQyscr+
MTMtajyZc6zm32BrzKwzi4ZP0qPjojSjQDL9y20ghtGw03rmPpd/dh7uV9Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:29 2024 by rpki-client on console-ams.rpki-client.org