![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e0b82373-f822-4cda-9f8f-e57573d8e207.roa
File: e0b82373-f822-4cda-9f8f-e57573d8e207.roa (raw, json)
Hash identifier: f6x2sm4vIEDFe4g75f4lsUSFHEwm+B62kBw12puC6iw=
Subject key identifier: C3:54:4E:1E:1C:46:C4:A1:10:51:7F:28:FE:AD:0A:12:30:4C:52:D1
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2A794D9F25B99A0472D111F6997EE520A00980E5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e0b82373-f822-4cda-9f8f-e57573d8e207.roa
Signing time: Fri 26 Jan 2024 00:00:00 +0000
ROA not before: Fri 26 Jan 2024 00:00:00 +0000
ROA not after: Fri 01 Mar 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:79:4d:9f:25:b9:9a:04:72:d1:11:f6:99:7e:e5:20:a0:09:80:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 26 00:00:00 2024 GMT
Not After : Mar 1 23:59:59 2024 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b2:2e:0d:dc:01:c5:31:5a:ad:ea:45:16:42:
51:a6:7c:c1:19:fc:82:8c:58:dc:1a:16:f9:79:ab:
e5:3b:13:00:ec:56:54:e9:3c:4b:05:da:45:e8:27:
bc:2c:c5:a4:e1:ef:ae:ee:20:8f:6a:1c:c8:d3:65:
b7:31:38:9f:cd:d5:52:83:5c:5f:45:98:08:f4:3e:
40:ee:86:7f:a3:f4:55:b2:78:36:d3:0a:7e:a4:0b:
c4:1c:6b:f2:9d:15:35:8f:85:65:53:8e:b5:2e:65:
1d:13:6c:03:26:9f:19:13:17:ff:1e:2e:f1:32:cf:
3a:f9:e1:11:30:f3:05:fa:50:28:9e:87:5c:c1:20:
4b:87:56:d7:fc:38:d6:f4:ee:9d:58:ec:fc:86:5e:
7f:34:65:92:48:ec:8d:ae:61:61:02:9b:24:f3:83:
b1:15:50:c9:cc:0c:23:96:e5:3c:8b:ab:a1:a8:15:
5d:27:1d:c2:51:5b:73:e2:99:16:a5:aa:7b:ed:0b:
c4:c8:be:c6:c1:25:02:16:b5:81:0b:00:c9:00:28:
f4:47:9a:10:e1:8b:51:14:cf:f9:05:ff:9b:8d:d2:
86:37:bf:f2:b1:c0:a6:21:74:56:7c:93:d1:eb:9f:
b6:b6:72:01:56:f1:00:3e:f9:52:ef:d9:df:3c:80:
dc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:54:4E:1E:1C:46:C4:A1:10:51:7F:28:FE:AD:0A:12:30:4C:52:D1
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e0b82373-f822-4cda-9f8f-e57573d8e207.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:de:a4:05:86:5e:2b:e5:32:38:3c:fb:f8:47:4f:24:73:36:
77:f8:ed:fd:b7:db:da:62:df:a5:f9:6c:44:fe:f2:39:b9:1d:
49:12:81:13:00:86:3a:c2:48:00:9b:a5:07:2c:4c:29:c9:8c:
0a:3e:6d:28:6f:c1:3d:55:dc:ad:ca:69:b8:d6:d8:94:a1:a3:
60:a7:16:ba:16:55:7b:1f:e9:95:24:24:c1:f2:8b:d4:a5:b1:
82:e7:e9:66:b0:55:c5:48:71:8a:39:7a:7f:ec:a9:1a:9f:a0:
4f:ec:b0:21:0c:d6:4a:6d:23:2f:4a:4b:db:f6:f8:3f:0a:2a:
54:b6:eb:5d:65:12:cb:eb:8d:a7:96:7e:ab:4d:ed:11:14:3b:
59:b7:7c:ce:0c:f8:e7:68:3f:5a:d2:80:c3:8b:4f:2f:87:9a:
e6:82:dc:eb:f6:46:4d:4e:55:cc:f7:c6:40:dc:3c:27:e3:ac:
c1:ca:ea:a0:54:33:b7:91:b1:bb:57:20:64:ad:61:d1:78:c5:
77:a2:22:e3:3e:07:9d:19:97:73:04:eb:92:8d:0d:07:09:b0:
0c:40:bd:ac:d1:5f:91:91:32:c1:f7:7b:3e:df:fc:d0:6d:6c:
72:24:8c:d6:7c:fd:d8:b9:19:2b:e6:de:0f:c6:7a:41:f5:c8:
15:7c:15:50
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKnlNnyW5mgRy0RH2mX7lIKAJgOUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTI2MDAwMDAwWhcNMjQwMzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTZhNjE4OWY0NzY3MmU2YTVhM2I5NDBiMmJiNmU3NWRm
OTJmZDJjZWY0ZjBjZTlkNTFlZjc5Y2Q0ZTNkNjg2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+si4N3AHFMVqt6kUWQlGmfMEZ/IKMWNwaFvl5q+U7EwDs
VlTpPEsF2kXoJ7wsxaTh767uII9qHMjTZbcxOJ/N1VKDXF9FmAj0PkDuhn+j9FWy
eDbTCn6kC8Qca/KdFTWPhWVTjrUuZR0TbAMmnxkTF/8eLvEyzzr54REw8wX6UCie
h1zBIEuHVtf8ONb07p1Y7PyGXn80ZZJI7I2uYWECmyTzg7EVUMnMDCOW5TyLq6Go
FV0nHcJRW3PimRalqnvtC8TIvsbBJQIWtYELAMkAKPRHmhDhi1EUz/kF/5uN0oY3
v/KxwKYhdFZ8k9Hrn7a2cgFW8QA++VLv2d88gNyRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUw1ROHhxGxKEQUX8o/q0KEjBMUtEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2UwYjgyMzczLWY4MjItNGNkYS05ZjhmLWU1NzU3M2Q4ZTIwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJvepAWGXivlMjg8+/hHTyRzNnf4
7f2329pi36X5bET+8jm5HUkSgRMAhjrCSACbpQcsTCnJjAo+bShvwT1V3K3KabjW
2JSho2CnFroWVXsf6ZUkJMHyi9SlsYLn6WawVcVIcYo5en/sqRqfoE/ssCEM1kpt
Iy9KS9v2+D8KKlS2611lEsvrjaeWfqtN7REUO1m3fM4M+OdoP1rSgMOLTy+HmuaC
3Ov2Rk1OVcz3xkDcPCfjrMHK6qBUM7eRsbtXIGStYdF4xXeiIuM+B50Zl3ME65KN
DQcJsAxAvazRX5GRMsH3ez7f/NBtbHIkjNZ8/di5GSvm3g/GekH1yBV8FVA=
-----END CERTIFICATE-----
Generated at Tue Feb 18 06:59:49 2025 by rpki-client