Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c43fd0e-591a-4eb0-8524-73ecc5cd6f9a.roa
File: 3c43fd0e-591a-4eb0-8524-73ecc5cd6f9a.roa (raw, json)
Hash identifier: f0VTtmo3HI6If2H2JuwRhkzpbIqyuBCsA4pwRLmeOEo=
Subject key identifier: F4:20:69:94:50:2C:81:07:64:18:08:32:E6:36:9B:93:18:28:BC:4F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 438C22F26CAF882242DFB2649A4FB3A6CE31AD37
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c43fd0e-591a-4eb0-8524-73ecc5cd6f9a.roa
Signing time: Mon 15 Apr 2024 00:00:00 +0000
ROA not before: Mon 15 Apr 2024 00:00:00 +0000
ROA not after: Mon 20 May 2024 23:59:59 +0000
asID: 7393
IP address blocks: 72.29.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:8c:22:f2:6c:af:88:22:42:df:b2:64:9a:4f:b3:a6:ce:31:ad:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Apr 15 00:00:00 2024 GMT
Not After : May 20 23:59:59 2024 GMT
Subject: serialNumber=bbf1e423ab916b110bd4f1b8ac33496ca82f9c2862f0bd3f052fb98e907f637b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1d:85:8c:b3:1f:65:ea:60:1f:0d:28:20:4b:
b1:b8:aa:45:44:0d:f4:86:54:ec:2b:a0:6f:1f:36:
3d:8e:d1:20:91:21:05:9b:54:a3:91:02:e8:6e:b2:
0c:e3:af:a0:e4:14:d0:9c:2b:f6:b7:78:f0:2c:df:
48:d9:87:86:cf:e3:c6:7a:7e:a0:a7:ba:0b:09:06:
b0:e6:d0:a1:8d:62:a5:d2:b4:2f:a0:c4:02:96:68:
52:53:6b:45:5a:8c:4b:be:4d:9a:46:1b:31:3d:98:
ce:e1:22:d0:1a:bb:8d:f8:67:17:df:19:7c:0a:63:
80:26:96:a3:da:9f:f3:79:04:a8:76:83:a2:f8:75:
92:f7:be:34:34:08:64:02:5b:23:f6:83:e0:0d:d0:
97:6e:63:c7:30:88:d3:3e:4c:37:bb:90:55:73:56:
95:08:ab:71:d3:b3:20:d0:11:f5:b6:1e:65:43:9e:
6d:67:cb:d1:22:cf:96:5c:7b:b3:b0:c9:00:e8:e0:
e5:ee:55:d4:a8:c1:66:f9:30:d5:a6:1c:e3:38:ca:
1a:cc:bd:b6:7b:f6:03:f5:5a:cc:7c:6a:14:33:e1:
f4:99:be:90:4b:2c:5a:8d:73:fd:20:ed:4b:78:f3:
ea:d4:a3:ac:2f:c1:da:19:09:1b:6a:f1:d1:a8:e3:
ad:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:20:69:94:50:2C:81:07:64:18:08:32:E6:36:9B:93:18:28:BC:4F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c43fd0e-591a-4eb0-8524-73ecc5cd6f9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.29.0.0/19
Signature Algorithm: sha256WithRSAEncryption
96:60:7d:b3:6f:b4:5a:f9:4a:e9:81:c2:bf:ca:9c:b5:d4:1e:
72:85:e3:84:14:4f:d1:94:61:d1:34:d9:d1:a9:4e:8f:6a:a5:
a9:bf:df:b9:d6:2c:08:31:dc:f2:27:7f:67:77:44:3d:31:ba:
c7:35:8d:37:2c:39:34:25:d3:dd:5f:10:00:27:e8:92:02:9b:
79:ed:d7:02:03:6f:b8:ef:93:70:8f:e3:57:ae:2a:dd:01:02:
ce:2e:35:77:d5:c3:8e:4e:9d:28:54:ee:f2:4c:0c:fa:c9:1e:
b6:7d:04:0e:46:24:29:66:7e:32:a7:b4:47:90:66:02:e4:fb:
76:28:1d:6c:6b:cd:7b:d1:e6:64:b2:b1:ec:72:45:6c:53:cd:
b4:a6:dc:cb:b2:34:0e:f7:1b:b6:a4:b3:54:92:e9:0c:35:39:
fc:18:8b:8b:1a:06:9b:d0:c9:39:9b:0b:a3:b4:e8:f3:d2:57:
5d:43:67:73:8b:f1:06:20:00:6c:a4:02:f0:7a:9a:cc:3d:12:
dc:a7:c4:fd:a2:b5:53:73:8d:d9:2f:f9:5f:3d:17:5a:1d:63:
c7:8e:9c:13:6c:da:d2:f5:09:3a:47:0e:94:9a:e0:f9:90:d2:
99:69:ae:6d:08:6c:cb:29:85:f0:e7:45:06:7b:02:8d:f6:29:
de:aa:95:39
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQ4wi8myviCJC37Jkmk+zps4xrTcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNDE1MDAwMDAwWhcNMjQwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYmYxZTQyM2FiOTE2YjExMGJkNGYxYjhhYzMzNDk2Y2E4
MmY5YzI4NjJmMGJkM2YwNTJmYjk4ZTkwN2Y2MzdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiHYWMsx9l6mAfDSggS7G4qkVEDfSGVOwroG8fNj2O0SCR
IQWbVKORAuhusgzjr6DkFNCcK/a3ePAs30jZh4bP48Z6fqCnugsJBrDm0KGNYqXS
tC+gxAKWaFJTa0VajEu+TZpGGzE9mM7hItAau434ZxffGXwKY4AmlqPan/N5BKh2
g6L4dZL3vjQ0CGQCWyP2g+AN0JduY8cwiNM+TDe7kFVzVpUIq3HTsyDQEfW2HmVD
nm1ny9Eiz5Zce7OwyQDo4OXuVdSowWb5MNWmHOM4yhrMvbZ79gP1Wsx8ahQz4fSZ
vpBLLFqNc/0g7Ut48+rUo6wvwdoZCRtq8dGo461xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9CBplFAsgQdkGAgy5jabkxgovE8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjNDNmZDBlLTU5MWEtNGViMC04NTI0LTczZWNjNWNkNmY5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVIHQAwDQYJKoZIhvcNAQELBQADggEBAJZgfbNvtFr5SumBwr/KnLXUHnKF
44QUT9GUYdE02dGpTo9qpam/37nWLAgx3PInf2d3RD0xusc1jTcsOTQl091fEAAn
6JICm3nt1wIDb7jvk3CP41euKt0BAs4uNXfVw45OnShU7vJMDPrJHrZ9BA5GJClm
fjKntEeQZgLk+3YoHWxrzXvR5mSysexyRWxTzbSm3MuyNA73G7aks1SS6Qw1OfwY
i4saBpvQyTmbC6O06PPSV11DZ3OL8QYgAGykAvB6msw9EtynxP2itVNzjdkv+V89
F1odY8eOnBNs2tL1CTpHDpSa4PmQ0plprm0IbMsphfDnRQZ7Ao32Kd6qlTk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:43 2024 by rpki-client on console-ams.rpki-client.org