Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/742a81d2-523e-48c9-9b17-59e8197de92d.roa
File: 742a81d2-523e-48c9-9b17-59e8197de92d.roa (raw, json)
Hash identifier: MiIM/2DNVPN032damVGrfbRCPUEI01TWWEIbrhpfdlc=
Subject key identifier: AE:D3:5F:74:2E:84:65:87:E8:9A:06:AA:DD:CF:5E:40:66:C9:68:B9
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 68E42B2E77F6684FBB33F544F7B7F69B6AA90DF7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/742a81d2-523e-48c9-9b17-59e8197de92d.roa
Signing time: Mon 15 Apr 2024 00:00:00 +0000
ROA not before: Mon 15 Apr 2024 00:00:00 +0000
ROA not after: Mon 20 May 2024 23:59:59 +0000
asID: 7393
IP address blocks: 64.73.192.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e4:2b:2e:77:f6:68:4f:bb:33:f5:44:f7:b7:f6:9b:6a:a9:0d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Apr 15 00:00:00 2024 GMT
Not After : May 20 23:59:59 2024 GMT
Subject: serialNumber=b86193c276d797d243a3aa0d1dbdd676faecc2fc02754cf17125752cf87dc592, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:23:32:57:2f:10:50:fc:7f:8c:0f:86:74:3c:
dd:6a:81:bc:34:5f:39:05:24:b5:5f:bb:23:0f:79:
c9:75:c2:6d:e7:e2:f9:f3:71:07:65:97:a9:5e:1c:
67:d0:48:f0:76:ef:18:39:2d:50:f4:21:38:56:53:
c7:c5:e7:1f:55:0e:2e:9c:6f:b4:6e:8d:8b:47:69:
48:87:26:0a:b6:07:01:1f:55:5b:86:eb:20:25:0f:
9e:1a:97:1c:10:70:62:27:f3:ea:79:b8:ae:15:ad:
13:f3:ef:e9:ea:ff:d5:43:1d:ce:66:cf:99:2a:22:
7a:bf:71:e6:73:49:02:b9:8a:ad:1c:4d:28:6e:5d:
92:e5:8b:9c:20:5e:81:23:73:b4:74:05:3d:fb:3d:
ce:8e:5a:9b:d9:b6:4e:fb:ac:b3:7d:a6:af:22:e7:
b4:00:53:ad:a0:e9:7f:80:28:8a:06:9d:b2:e7:9a:
88:6f:6a:98:3f:e7:7f:6b:af:1a:44:bd:9e:3a:59:
0f:7f:50:96:fd:ae:0b:73:e7:df:21:6d:2d:f6:0e:
aa:78:10:1f:70:5c:98:e9:b7:35:dd:37:c1:90:57:
0a:6c:c7:70:1a:24:37:38:1b:97:a8:9c:7a:a6:30:
69:3e:a0:6e:bb:ef:a8:8b:ff:ab:47:a4:d1:2b:20:
4b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D3:5F:74:2E:84:65:87:E8:9A:06:AA:DD:CF:5E:40:66:C9:68:B9
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/742a81d2-523e-48c9-9b17-59e8197de92d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.73.192.0/19
Signature Algorithm: sha256WithRSAEncryption
09:70:7d:56:94:17:2f:3d:81:b7:eb:6a:84:3a:d4:5d:26:e6:
a6:76:36:2e:a0:5e:2d:4f:aa:05:c7:12:a0:a2:d2:18:65:e0:
e4:2d:9d:28:62:5b:b8:be:73:60:18:91:d2:8f:7d:db:af:fb:
6f:5f:71:50:51:ef:11:32:ea:2d:0b:e1:45:1d:26:46:94:b5:
59:7e:4b:4e:82:c8:3e:d3:9d:aa:be:27:e2:4c:84:53:05:f6:
76:cb:4b:c6:57:bb:75:24:5c:16:7c:c3:8b:4a:47:7a:45:7b:
f1:06:5c:f5:3b:71:c9:03:4f:ca:9e:be:4f:4b:85:06:05:91:
7d:4c:49:d3:43:af:c0:62:a8:7e:3a:05:f2:2c:51:a6:83:33:
1c:24:91:ee:e4:e0:6d:29:8b:df:64:6b:af:30:16:d1:f0:51:
6b:4c:d1:e1:a2:1d:dc:96:3b:c7:20:36:e7:7a:1e:81:4c:9f:
72:ba:6c:af:6f:04:f4:63:d5:85:51:e2:83:43:1d:5d:b0:6b:
48:26:57:18:00:02:60:4e:0a:b2:53:a3:2a:fa:ab:d7:7c:3a:
10:68:77:53:e5:ce:2d:23:8c:b9:fd:96:46:9c:cb:e2:a8:0a:
48:54:3d:dc:3d:d0:2d:7b:82:fe:a2:cd:14:bf:ac:99:8c:12:
24:cf:12:85
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaOQrLnf2aE+7M/VE97f2m2qpDfcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNDE1MDAwMDAwWhcNMjQwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiODYxOTNjMjc2ZDc5N2QyNDNhM2FhMGQxZGJkZDY3NmZh
ZWNjMmZjMDI3NTRjZjE3MTI1NzUyY2Y4N2RjNTkyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPIzJXLxBQ/H+MD4Z0PN1qgbw0XzkFJLVfuyMPecl1wm3n
4vnzcQdll6leHGfQSPB27xg5LVD0IThWU8fF5x9VDi6cb7RujYtHaUiHJgq2BwEf
VVuG6yAlD54alxwQcGIn8+p5uK4VrRPz7+nq/9VDHc5mz5kqInq/ceZzSQK5iq0c
TShuXZLli5wgXoEjc7R0BT37Pc6OWpvZtk77rLN9pq8i57QAU62g6X+AKIoGnbLn
mohvapg/539rrxpEvZ46WQ9/UJb9rgtz598hbS32Dqp4EB9wXJjptzXdN8GQVwps
x3AaJDc4G5eonHqmMGk+oG6776iL/6tHpNErIEtzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrtNfdC6EZYfomgaq3c9eQGbJaLkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc0MmE4MWQyLTUyM2UtNDhjOS05YjE3LTU5ZTgxOTdkZTkyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVAScAwDQYJKoZIhvcNAQELBQADggEBAAlwfVaUFy89gbfraoQ61F0m5qZ2
Ni6gXi1PqgXHEqCi0hhl4OQtnShiW7i+c2AYkdKPfduv+29fcVBR7xEy6i0L4UUd
JkaUtVl+S06CyD7Tnaq+J+JMhFMF9nbLS8ZXu3UkXBZ8w4tKR3pFe/EGXPU7cckD
T8qevk9LhQYFkX1MSdNDr8BiqH46BfIsUaaDMxwkke7k4G0pi99ka68wFtHwUWtM
0eGiHdyWO8cgNud6HoFMn3K6bK9vBPRj1YVR4oNDHV2wa0gmVxgAAmBOCrJToyr6
q9d8OhBod1Plzi0jjLn9lkacy+KoCkhUPdw90C17gv6izRS/rJmMEiTPEoU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:52 2024 by rpki-client on console-fra.rpki-client.org