Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ea939e96-09a0-46e3-b817-21d1f2488d15.roa
File: ea939e96-09a0-46e3-b817-21d1f2488d15.roa (raw, json)
Hash identifier: yaPhWHIS9bDMTBaKU32NCo2LsJzh2VEsP/J4efYvqhI=
Subject key identifier: F0:79:6B:C4:82:5C:25:01:50:03:A1:EF:28:0E:05:6F:56:22:82:F0
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4F98952FA5BE29E6ABC0F92DC3CD8C1A1901B8A0
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ea939e96-09a0-46e3-b817-21d1f2488d15.roa
Signing time: Fri 05 Jan 2024 00:00:00 +0000
ROA not before: Fri 05 Jan 2024 00:00:00 +0000
ROA not after: Fri 09 Feb 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:98:95:2f:a5:be:29:e6:ab:c0:f9:2d:c3:cd:8c:1a:19:01:b8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jan 5 00:00:00 2024 GMT
Not After : Feb 9 23:59:59 2024 GMT
Subject: serialNumber=730dbcad85ffe9369cbacb56f48bfaa895c838447519a912ec3924e7f16a0206, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a3:c8:24:ee:99:35:6a:4d:d6:53:fc:49:77:
f4:21:14:10:3a:94:10:c3:8f:11:1e:a7:12:06:8b:
b8:e8:7a:0f:c9:60:42:a8:7b:e7:11:cf:0b:62:af:
4d:47:b3:90:08:61:d9:d2:4a:3c:de:8b:1a:94:dd:
4b:8e:74:de:88:5c:a6:79:29:84:c1:f4:a5:37:80:
09:4c:3e:06:49:df:28:bc:1f:47:d4:cf:11:94:27:
12:7b:16:5b:7f:44:d7:e6:f3:5f:42:3e:d5:70:be:
59:2f:98:28:05:59:7e:6c:ea:8d:35:a7:6d:24:e9:
bc:dd:a1:c5:68:6b:a3:06:86:96:c8:e7:99:90:26:
09:91:5e:10:e5:4a:57:39:8e:cf:5a:8d:f9:5e:c4:
d0:09:00:39:16:94:19:04:b0:06:95:9c:69:46:83:
dd:a8:5c:f1:d9:f7:1c:87:76:c2:e2:e2:aa:30:fd:
c2:dd:a6:6f:bd:5b:cf:71:e6:3a:b8:34:3f:18:29:
a3:53:fb:ce:25:5d:39:99:f7:1d:a5:29:0d:18:eb:
c2:61:e5:79:51:fd:02:78:db:dc:2e:19:64:6d:08:
bc:48:da:f2:8f:8e:2b:9a:bd:79:ab:97:96:0c:91:
4a:92:26:a5:90:37:77:9b:ad:67:6d:3b:29:41:df:
fd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:79:6B:C4:82:5C:25:01:50:03:A1:EF:28:0E:05:6F:56:22:82:F0
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ea939e96-09a0-46e3-b817-21d1f2488d15.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ef:1a:ae:d1:62:7c:92:a7:3a:09:29:b4:72:d4:00:a1:c9:
4f:58:4d:53:a2:92:ff:cb:b4:a0:e6:9d:7a:d3:6d:e6:b5:a8:
44:71:ad:7e:49:bf:ab:3e:2a:26:50:f8:a4:c3:55:ac:78:95:
8b:6a:2b:ce:8d:f1:4f:ae:1c:f0:c4:55:e7:bc:d0:48:5d:c0:
e2:8b:8b:9c:da:fd:1b:cc:ec:4f:8e:58:7a:0e:58:04:47:29:
47:b5:d8:5f:c9:58:04:ab:e4:d0:68:29:ce:13:cc:51:e2:69:
fc:ea:12:49:d6:51:32:e1:83:e8:28:ca:e0:48:f7:8e:c4:7f:
99:9c:ae:65:97:e7:68:c8:52:c2:5d:c0:b4:92:6b:51:01:6f:
7f:88:eb:a2:0f:c9:36:a2:03:f3:bd:e1:38:d4:c2:92:e1:5e:
81:d3:72:92:64:4c:cd:30:e8:b6:22:b2:55:60:b4:53:a4:7f:
e3:e0:2d:ac:78:41:64:5a:be:ef:16:0d:02:1d:b2:a6:f2:7d:
ff:33:7e:fe:61:1d:07:0b:07:ff:3c:a2:3d:a7:27:39:e5:b9:
a1:c4:22:f3:0e:a2:85:a6:80:d2:60:3c:0e:15:36:cc:7f:39:
d7:e0:ec:b5:8d:65:95:6f:77:ba:50:fc:cf:8a:9a:81:3d:01:
04:10:82:01
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT5iVL6W+KearwPktw82MGhkBuKAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTA1MDAwMDAwWhcNMjQwMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MzBkYmNhZDg1ZmZlOTM2OWNiYWNiNTZmNDhiZmFhODk1
YzgzODQ0NzUxOWE5MTJlYzM5MjRlN2YxNmEwMjA2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCno8gk7pk1ak3WU/xJd/QhFBA6lBDDjxEepxIGi7joeg/J
YEKoe+cRzwtir01Hs5AIYdnSSjzeixqU3UuOdN6IXKZ5KYTB9KU3gAlMPgZJ3yi8
H0fUzxGUJxJ7Flt/RNfm819CPtVwvlkvmCgFWX5s6o01p20k6bzdocVoa6MGhpbI
55mQJgmRXhDlSlc5js9ajflexNAJADkWlBkEsAaVnGlGg92oXPHZ9xyHdsLi4qow
/cLdpm+9W89x5jq4ND8YKaNT+84lXTmZ9x2lKQ0Y68Jh5XlR/QJ429wuGWRtCLxI
2vKPjiuavXmrl5YMkUqSJqWQN3ebrWdtOylB3/0ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8HlrxIJcJQFQA6HvKA4Fb1YigvAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VhOTM5ZTk2LTA5YTAtNDZlMy1iODE3LTIxZDFmMjQ4OGQxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHTvGq7RYnySpzoJKbRy1AChyU9Y
TVOikv/LtKDmnXrTbea1qERxrX5Jv6s+KiZQ+KTDVax4lYtqK86N8U+uHPDEVee8
0EhdwOKLi5za/RvM7E+OWHoOWARHKUe12F/JWASr5NBoKc4TzFHiafzqEknWUTLh
g+goyuBI947Ef5mcrmWX52jIUsJdwLSSa1EBb3+I66IPyTaiA/O94TjUwpLhXoHT
cpJkTM0w6LYislVgtFOkf+PgLax4QWRavu8WDQIdsqbyff8zfv5hHQcLB/88oj2n
JznluaHEIvMOooWmgNJgPA4VNsx/Odfg7LWNZZVvd7pQ/M+KmoE9AQQQggE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:32 2024 by rpki-client on console-ams.rpki-client.org