Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dcc10d84-ad88-4a65-b1f7-ca80a5d9403e.roa
File: dcc10d84-ad88-4a65-b1f7-ca80a5d9403e.roa (raw, json)
Hash identifier: 2zGBlfZJOFWF+gCuOlq+f0mf8hgHfn19WAjjDXb1JQg=
Subject key identifier: 28:5F:57:FE:61:E1:40:0F:66:4B:BD:C2:59:0C:91:49:F9:4F:D9:29
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 63747BC0158634013B9E3298B2D7E95B95A51CAC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dcc10d84-ad88-4a65-b1f7-ca80a5d9403e.roa
Signing time: Wed 06 Dec 2023 00:00:00 +0000
ROA not before: Wed 06 Dec 2023 00:00:00 +0000
ROA not after: Wed 10 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:74:7b:c0:15:86:34:01:3b:9e:32:98:b2:d7:e9:5b:95:a5:1c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 6 00:00:00 2023 GMT
Not After : Jan 10 23:59:59 2024 GMT
Subject: serialNumber=5cb6707d976e8d8ef9db28ee1a173d7c13ee372bb2b3e3983817c55e41fd41fc, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:c3:b8:6e:79:d4:40:0d:04:a2:5e:a8:cd:
73:61:37:bf:0d:e3:b2:cc:cf:42:f2:f1:42:0c:57:
35:b9:06:2a:ca:f5:e3:74:bf:90:df:2e:13:b2:83:
e3:e0:cd:fb:3b:3a:dc:d4:60:44:7d:5b:86:c0:37:
43:50:cc:1e:3a:30:38:ac:aa:37:5e:97:e7:a5:43:
9a:35:9b:df:71:75:71:7c:e0:40:c0:cb:7c:3f:61:
e2:79:2d:fc:3f:7f:9b:c7:37:13:41:7d:8e:32:43:
c7:49:83:b8:f0:33:2c:15:d9:85:29:b1:9b:1d:d1:
3f:6c:29:1c:2c:c0:d7:ef:85:4c:bb:ec:7a:df:85:
a1:a4:40:56:68:72:86:78:00:b7:5a:5a:ad:9b:5b:
88:72:2c:56:81:47:e9:bf:99:ff:07:44:f8:92:17:
ed:49:3c:29:7c:11:41:53:6d:2b:5d:1b:e1:e3:49:
e9:13:75:a8:4e:1c:8d:a8:0c:1e:44:e1:09:ca:d3:
80:e4:5d:65:a7:65:f2:2c:35:c4:0b:e3:ce:51:7f:
a1:54:f2:96:9e:77:57:4d:19:6a:cc:4e:58:c8:ce:
f8:65:0b:a3:3f:56:9c:6d:01:4c:7d:38:4e:46:2e:
40:a1:23:dd:f2:db:0e:74:00:d0:2f:29:d8:3a:ef:
b6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5F:57:FE:61:E1:40:0F:66:4B:BD:C2:59:0C:91:49:F9:4F:D9:29
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dcc10d84-ad88-4a65-b1f7-ca80a5d9403e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
26:d6:f0:c7:d7:99:08:4f:88:65:c4:d7:6d:6d:97:ce:40:9c:
df:5c:b8:b9:bd:59:d8:2f:28:4f:31:76:6c:88:f7:39:2d:64:
28:14:5a:c6:93:f6:7c:df:97:e3:cb:f4:66:da:72:2f:ab:1d:
9e:60:81:ae:6c:cd:28:54:1f:47:63:2f:58:9a:0e:ef:75:a6:
5b:12:15:c3:ed:b9:9a:4f:76:84:d6:55:9e:07:e8:58:8d:cb:
c2:f0:cb:61:9e:06:51:88:ad:70:a4:60:c7:ef:2f:2d:83:15:
40:f6:84:db:df:58:fd:4f:89:3c:67:93:22:82:b1:28:32:b0:
fc:50:54:45:73:b8:14:0e:2d:77:75:8c:36:99:51:01:e2:38:
cf:f4:48:ee:7b:c4:94:8a:aa:04:fd:97:d6:08:c3:98:d3:53:
7f:f5:69:3f:1c:14:5e:ae:44:ac:52:4e:44:2b:a6:34:6e:1a:
2b:65:0a:46:f3:01:4b:9b:8d:e1:73:92:51:0a:9f:d0:28:07:
d3:92:bf:60:ed:27:3f:f5:96:a3:ce:e5:1d:ff:81:7e:5a:75:
8e:9b:5c:c9:3b:1a:6a:e5:11:b5:47:f9:50:9f:6e:a3:f6:f6:
83:b2:d7:ce:32:ca:28:61:e0:cf:3a:f1:58:22:d5:2a:37:ac:
cc:9c:4e:b7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY3R7wBWGNAE7njKYstfpW5WlHKwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjA2MDAwMDAwWhcNMjQwMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2I2NzA3ZDk3NmU4ZDhlZjlkYjI4ZWUxYTE3M2Q3YzEz
ZWUzNzJiYjJiM2UzOTgzODE3YzU1ZTQxZmQ0MWZjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDc48O4bnnUQA0Eol6ozXNhN78N47LMz0Ly8UIMVzW5BirK
9eN0v5DfLhOyg+Pgzfs7OtzUYER9W4bAN0NQzB46MDisqjdel+elQ5o1m99xdXF8
4EDAy3w/YeJ5Lfw/f5vHNxNBfY4yQ8dJg7jwMywV2YUpsZsd0T9sKRwswNfvhUy7
7HrfhaGkQFZocoZ4ALdaWq2bW4hyLFaBR+m/mf8HRPiSF+1JPCl8EUFTbStdG+Hj
SekTdahOHI2oDB5E4QnK04DkXWWnZfIsNcQL485Rf6FU8paed1dNGWrMTljIzvhl
C6M/VpxtAUx9OE5GLkChI93y2w50ANAvKdg677bdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKF9X/mHhQA9mS73CWQyRSflP2SkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RjYzEwZDg0LWFkODgtNGE2NS1iMWY3LWNhODBhNWQ5NDAzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACbW8MfXmQhPiGXE121tl85AnN9c
uLm9WdgvKE8xdmyI9zktZCgUWsaT9nzfl+PL9Gbaci+rHZ5gga5szShUH0djL1ia
Du91plsSFcPtuZpPdoTWVZ4H6FiNy8Lwy2GeBlGIrXCkYMfvLy2DFUD2hNvfWP1P
iTxnkyKCsSgysPxQVEVzuBQOLXd1jDaZUQHiOM/0SO57xJSKqgT9l9YIw5jTU3/1
aT8cFF6uRKxSTkQrpjRuGitlCkbzAUubjeFzklEKn9AoB9OSv2DtJz/1lqPO5R3/
gX5adY6bXMk7GmrlEbVH+VCfbqP29oOy184yyihh4M868Vgi1So3rMycTrc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:30 2024 by rpki-client on console-ams.rpki-client.org