Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f41ce733-77fd-41cd-9280-3a65233e6d3e.roa
File: f41ce733-77fd-41cd-9280-3a65233e6d3e.roa (raw, json)
Hash identifier: T/CrfWnCD+vk4nWBIFr5ws7gop2lgjUNKypsR2/04B8=
Subject key identifier: 53:A5:40:A7:AC:4F:5B:17:3D:52:3C:F7:4A:8B:55:F3:B9:CD:9E:C6
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4681638FA59C9B775A87E74C48B906E09478C268
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f41ce733-77fd-41cd-9280-3a65233e6d3e.roa
Signing time: Sat 27 Apr 2024 00:00:00 +0000
ROA not before: Sat 27 Apr 2024 00:00:00 +0000
ROA not after: Sat 01 Jun 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:81:63:8f:a5:9c:9b:77:5a:87:e7:4c:48:b9:06:e0:94:78:c2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 27 00:00:00 2024 GMT
Not After : Jun 1 23:59:59 2024 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:87:5e:ba:26:be:9f:15:a7:73:3d:85:eb:f4:
f4:7b:8a:62:5f:59:d3:55:98:23:83:75:41:c4:d3:
5b:6d:94:35:b5:79:95:e0:2d:61:2d:98:dd:cb:3b:
a8:1e:c3:17:ce:ba:cd:6a:93:c5:33:d5:96:e8:5a:
b6:8c:ec:4d:ba:b1:0c:ab:57:18:87:92:07:ac:8e:
1f:23:94:70:45:e9:3c:11:56:f2:f1:62:51:26:10:
71:cd:67:bc:00:46:42:79:97:8a:c2:d7:93:b6:98:
a7:3a:c7:b9:b0:cf:c7:12:b5:30:b1:11:66:74:5f:
dc:42:e1:73:0c:42:02:a6:5e:f9:a3:cf:79:2e:57:
6e:ed:aa:f3:ea:18:50:7d:94:fe:3e:d4:ab:38:49:
88:bc:ab:22:d9:2e:94:df:a3:a6:b1:9b:09:12:1b:
46:6e:07:57:cc:41:4d:03:3a:6c:0a:b3:83:ca:76:
58:84:2e:c9:d4:f0:70:4f:cf:d9:f4:bc:8d:63:81:
d2:fa:28:01:36:77:1a:e5:7d:ca:12:3f:9a:2f:25:
d1:63:11:81:57:da:76:5e:25:b2:69:ec:e1:7e:30:
00:25:5b:e7:3c:ab:31:85:c7:5e:79:40:e0:97:99:
23:f1:4d:bb:d3:92:59:44:95:64:31:a0:d3:14:40:
3b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A5:40:A7:AC:4F:5B:17:3D:52:3C:F7:4A:8B:55:F3:B9:CD:9E:C6
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f41ce733-77fd-41cd-9280-3a65233e6d3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
79:3b:0d:a3:07:f6:53:79:4e:b1:e3:89:00:76:b2:36:45:29:
72:15:66:36:27:9a:71:8e:07:9d:1d:ea:2f:28:ad:c7:61:02:
e3:d8:1e:75:fb:6c:85:e7:a4:fe:27:27:72:00:6a:96:c1:87:
0a:41:26:a1:86:85:03:c2:9e:3b:59:28:1e:af:1b:26:84:79:
ee:60:99:c2:d9:d1:24:e1:03:4e:31:e9:1b:14:7b:24:a3:d7:
80:ed:0c:a9:79:21:19:3c:5e:e9:29:34:b4:4a:16:0b:06:b2:
ca:80:93:58:73:8e:56:48:5c:12:04:68:65:ae:18:82:7f:cb:
b3:45:70:6b:8f:6f:b7:c9:b8:8f:e8:17:b4:ba:a1:a9:4a:33:
51:87:a2:a9:04:10:b3:b3:9b:ec:10:89:66:6b:bf:f3:28:f2:
7d:ca:2a:5f:94:ad:ce:6d:50:6f:80:26:f5:a3:bd:af:e8:3f:
84:b7:4b:9f:cc:fb:0e:2f:70:cf:d2:17:93:fd:bb:7d:c8:de:
5b:c3:3b:70:29:f7:3f:44:36:74:4a:3b:bb:0a:68:02:9b:27:
b6:bb:0e:ef:c9:cc:4b:1d:75:09:1c:10:e7:fb:a5:64:b3:72:
e0:f6:0e:ee:17:00:6f:13:20:8f:e1:fb:a6:92:af:c5:3e:26:
ab:11:5d:85
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURoFjj6Wcm3dah+dMSLkG4JR4wmgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNDI3MDAwMDAwWhcNMjQwNjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMjY3ZjkzYzE5OGU2MmIxYzZjM2IxMDkwMDYzOTIwZTI1
Y2ZmM2U1YmQxMmRhNmUyNWE5ZGM5NjhjZTdhYWM5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCah166Jr6fFadzPYXr9PR7imJfWdNVmCODdUHE01ttlDW1
eZXgLWEtmN3LO6gewxfOus1qk8Uz1ZboWraM7E26sQyrVxiHkgesjh8jlHBF6TwR
VvLxYlEmEHHNZ7wARkJ5l4rC15O2mKc6x7mwz8cStTCxEWZ0X9xC4XMMQgKmXvmj
z3kuV27tqvPqGFB9lP4+1Ks4SYi8qyLZLpTfo6axmwkSG0ZuB1fMQU0DOmwKs4PK
dliELsnU8HBPz9n0vI1jgdL6KAE2dxrlfcoSP5ovJdFjEYFX2nZeJbJp7OF+MAAl
W+c8qzGFx155QOCXmSPxTbvTkllElWQxoNMUQDu/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUU6VAp6xPWxc9Ujz3SotV87nNnsYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Y0MWNlNzMzLTc3ZmQtNDFjZC05MjgwLTNhNjUyMzNlNmQzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHk7DaMH9lN5TrHjiQB2sjZFKXIV
ZjYnmnGOB50d6i8orcdhAuPYHnX7bIXnpP4nJ3IAapbBhwpBJqGGhQPCnjtZKB6v
GyaEee5gmcLZ0SThA04x6RsUeySj14DtDKl5IRk8XukpNLRKFgsGssqAk1hzjlZI
XBIEaGWuGIJ/y7NFcGuPb7fJuI/oF7S6oalKM1GHoqkEELOzm+wQiWZrv/Mo8n3K
Kl+Urc5tUG+AJvWjva/oP4S3S5/M+w4vcM/SF5P9u33I3lvDO3Ap9z9ENnRKO7sK
aAKbJ7a7Du/JzEsddQkcEOf7pWSzcuD2Du4XAG8TII/h+6aSr8U+JqsRXYU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:14 2025 by rpki-client