Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e65ef63d-81a5-4138-8e88-f97392f90afc.roa
File: e65ef63d-81a5-4138-8e88-f97392f90afc.roa (raw, json)
Hash identifier: SY+pRw0pkU6l7Rrz4796lk2wMBI+fk00zEC9HJQ2gbY=
Subject key identifier: BF:2E:1C:B0:5F:6F:43:91:BD:6D:22:45:D2:3E:C0:70:B1:C6:2A:E2
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 1951F20E67D197F33CD011152D1810C2F33052
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e65ef63d-81a5-4138-8e88-f97392f90afc.roa
Signing time: Tue 10 Sep 2024 00:00:00 +0000
ROA not before: Tue 10 Sep 2024 00:00:00 +0000
ROA not after: Tue 15 Oct 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:51:f2:0e:67:d1:97:f3:3c:d0:11:15:2d:18:10:c2:f3:30:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Sep 10 00:00:00 2024 GMT
Not After : Oct 15 23:59:59 2024 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:24:f5:25:18:b5:47:e3:22:30:b9:f3:ee:
e9:3e:8a:35:ce:e8:3f:16:26:e9:d7:50:71:24:30:
2a:e3:14:2a:79:ae:86:b4:75:c4:3f:42:d2:6a:c3:
00:3c:66:37:26:ff:41:e4:ab:81:fb:56:0f:32:b3:
44:c1:11:89:52:a1:1f:03:86:46:6d:ce:b0:20:cf:
86:90:07:71:7f:19:2a:ea:c2:13:5a:68:ba:e6:b6:
f2:99:cc:a4:89:de:1e:bd:28:2c:29:e2:f8:a1:8a:
b2:ea:f9:26:98:ff:d5:b4:ca:6b:9b:06:5f:ba:c0:
17:6d:d1:27:29:4f:1a:20:7f:fc:46:68:e8:8b:df:
a2:d6:82:ad:22:a5:d6:b6:04:7a:c9:fc:c7:bc:4e:
a8:be:9f:ff:b6:8c:b8:c6:a3:80:c0:35:38:94:33:
87:fa:29:9d:bf:d2:ec:c8:a9:37:32:7f:1a:54:c0:
40:88:6f:ad:7f:9f:df:8f:fc:3a:18:a6:4a:d9:79:
bc:ae:c2:04:5d:7b:92:26:4b:30:14:b3:de:25:ca:
ef:e7:1a:01:41:5f:51:05:2c:b6:4c:5f:59:ad:63:
08:1e:f3:47:82:6c:12:0b:ed:47:75:fe:9a:11:8b:
26:05:06:03:76:09:bc:dd:ba:81:ba:f9:81:77:56:
75:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:2E:1C:B0:5F:6F:43:91:BD:6D:22:45:D2:3E:C0:70:B1:C6:2A:E2
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e65ef63d-81a5-4138-8e88-f97392f90afc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:66:3f:25:26:3d:64:1a:62:ae:a8:cf:5d:be:34:d9:91:6f:
76:70:b6:83:75:b5:f6:3f:ab:ad:34:ac:65:08:82:43:00:3b:
c7:5e:0f:49:f1:1c:b6:30:cc:45:f8:17:2a:21:d6:35:db:ea:
a7:3d:e5:1b:4a:45:34:b1:2f:9b:b3:1e:33:f3:21:15:d9:f9:
de:fa:95:54:1f:34:55:7c:04:47:20:f5:8c:2b:2d:bd:9b:ba:
83:35:f8:68:82:d1:1f:29:8e:72:da:1b:32:01:9f:f5:36:ed:
ca:d5:ac:25:86:7b:ac:23:27:38:f6:e0:74:e2:93:27:0f:0c:
aa:0f:a8:69:32:7e:c5:21:e6:ce:6c:a3:d8:6f:68:32:3f:a8:
86:48:c1:48:c9:c0:52:55:0d:eb:34:c2:fd:86:7a:2d:78:dc:
42:fd:9f:18:5a:54:b7:f2:b3:02:33:c6:15:f5:31:b0:a4:81:
a2:8e:52:c1:2d:76:ca:6c:37:b4:e9:9d:54:18:a2:75:f9:e7:
92:33:6e:5b:7f:20:50:6d:0c:4c:09:76:66:66:a0:ea:3c:c4:
35:b8:8b:ec:40:95:ee:9f:7b:be:0b:f2:ed:d9:2a:15:3c:fc:
c5:e6:38:11:8c:78:78:cf:48:1f:59:76:50:13:26:de:9f:fa:
01:09:93:43
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITGVHyDmfRl/M80BEVLRgQwvMwUjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjY2MmNlMTRlOTA1ZTE4ZWJjYjc1MjJm
OTJiMzY4NGJjNDg2NWI0ZDAeFw0yNDA5MTAwMDAwMDBaFw0yNDEwMTUyMzU5NTla
MHoxSTBHBgNVBAUTQDA3Mzk4NmYwMjBhYzgxMjIwZTg1YjFlMjM5NmNhYTVlN2Jj
OWE1MmIzMGM5NmMxOWI4YjNiNDY3MTk5ZDc3NzkxLTArBgNVBAMTJGMwY2UyM2Vh
LTQzZmMtNGJlNC1iZWVlLWMwMTQ3ODEyMmEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJPJPUlGLVH4yIwufPu6T6KNc7oPxYm6ddQcSQwKuMUKnmu
hrR1xD9C0mrDADxmNyb/QeSrgftWDzKzRMERiVKhHwOGRm3OsCDPhpAHcX8ZKurC
E1pouua28pnMpIneHr0oLCni+KGKsur5Jpj/1bTKa5sGX7rAF23RJylPGiB//EZo
6IvfotaCrSKl1rYEesn8x7xOqL6f/7aMuMajgMA1OJQzh/opnb/S7MipNzJ/GlTA
QIhvrX+f34/8OhimStl5vK7CBF17kiZLMBSz3iXK7+caAUFfUQUstkxfWa1jCB7z
R4JsEgvtR3X+mhGLJgUGA3YJvN26gbr5gXdWdSUCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBS/LhywX29Dkb1tIkXSPsBwscYq4jAfBgNVHSMEGDAWgBRVqN1F2UQT+dGS
9Sxjzoz7xhSWuDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzE0MzNlYmZmLWRm
ZDYtNGM1Yy1iN2ZmLTk5Yzg1MTM5ZDRhOC8yNzhhYWI4NzhmMjY2MmNlMTRlOTA1
ZTE4ZWJjYjc1MjJmOTJiMzY4NGJjNDg2NWI0ZC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8xNmYxZmZlZS03NDYxLTQ2NzQtYmIwNS1mZGRl
ZmE5YTAyYzYvZTY1ZWY2M2QtODFhNS00MTM4LThlODgtZjk3MzkyZjkwYWZjLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUt
ZmRkZWZhOWEwMmM2L0ptTE9GT2tGNFk2OHQxSXZrck5vUzhTR1cwMC5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEACmY/JSY9ZBpirqjPXb402ZFvdnC2
g3W19j+rrTSsZQiCQwA7x14PSfEctjDMRfgXKiHWNdvqpz3lG0pFNLEvm7MeM/Mh
Fdn53vqVVB80VXwERyD1jCstvZu6gzX4aILRHymOctobMgGf9TbtytWsJYZ7rCMn
OPbgdOKTJw8Mqg+oaTJ+xSHmzmyj2G9oMj+ohkjBSMnAUlUN6zTC/YZ6LXjcQv2f
GFpUt/KzAjPGFfUxsKSBoo5SwS12ymw3tOmdVBiidfnnkjNuW38gUG0MTAl2Zmag
6jzENbiL7ECV7p97vgvy7dkqFTz8xeY4EYx4eM9IH1l2UBMm3p/6AQmTQw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:04 2025 by rpki-client