Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa
File: 6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa (raw, json)
Hash identifier: FchB6mtwECO3rR/TcZ8sgbh6irZnEnHtd7FS25t89oA=
Subject key identifier: 4E:0F:73:C9:6A:65:83:FE:74:7E:54:D3:71:20:16:3F:2C:A6:4E:21
Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial: 692A460741F02620EEEC91138F3E2DC618A6E7C8
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa
Signing time: Tue 20 May 2025 17:50:20 +0000
ROA not before: Tue 20 May 2025 17:50:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.96.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:2a:46:07:41:f0:26:20:ee:ec:91:13:8f:3e:2d:c6:18:a6:e7:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Validity
Not Before: May 20 17:50:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c213e390a759479dad3456d44e08cc3554a53eb32f38390186a5c3a5891b8f64, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:96:cb:94:7d:70:05:02:dd:4e:6b:73:81:ed:
c1:cb:85:a1:8d:0f:3a:53:b1:a3:1e:dd:8c:2b:32:
71:f8:6b:f1:19:82:bd:6a:cf:03:83:ae:4d:42:b8:
94:e7:68:32:d1:ab:66:e6:b1:43:a1:6a:a1:f6:32:
ff:6b:78:37:16:16:fc:01:89:f3:eb:bb:88:a2:ca:
59:25:4c:e2:e4:1e:58:de:b4:aa:fe:bc:b8:e0:f7:
e8:3c:d9:11:f6:f8:36:b7:18:4c:47:d0:e9:ab:23:
0f:0d:6e:17:ea:5c:88:19:42:09:d0:6a:ba:5d:f2:
c8:ca:71:3c:95:10:7c:96:cf:36:53:df:9c:a2:29:
87:c8:0c:09:5c:42:f8:ea:55:73:d0:40:8d:3b:ec:
bc:ec:bd:ab:a2:a5:7c:7a:5d:c3:1b:32:23:d2:7b:
5c:fc:5b:2f:95:83:d5:7a:65:ed:51:60:65:f5:09:
59:2e:13:b0:7c:a0:60:ec:bb:15:20:42:40:0f:69:
b6:20:da:ff:cc:77:83:04:ca:e4:25:8a:a7:f0:64:
51:af:dd:20:ae:66:79:91:ad:5c:b9:fc:1c:8b:86:
4b:8d:09:d1:10:19:da:97:00:ef:cf:8d:95:44:6b:
a8:cf:18:f7:c8:28:98:bd:eb:99:8d:c0:43:13:51:
a1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0F:73:C9:6A:65:83:FE:74:7E:54:D3:71:20:16:3F:2C:A6:4E:21
X509v3 Authority Key Identifier:
keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b5bf93b-0a86-4e25-a20a-4c9828e1f847.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.96.144.0/22
Signature Algorithm: sha256WithRSAEncryption
92:3e:0d:3e:7d:15:f0:1c:6d:2c:e2:5f:4f:01:8a:85:b2:68:
48:f1:7c:63:8a:37:59:c1:78:84:2f:25:29:44:8b:79:2c:e7:
b8:d2:e7:96:ae:63:ac:45:7f:d1:c3:94:95:e0:5b:db:36:34:
06:cd:54:f8:d3:3b:00:08:c7:9c:88:d2:02:ef:f6:45:6f:6c:
b7:39:c5:22:f8:a7:58:a9:6b:e1:94:5c:d9:a6:9a:8a:07:93:
f2:8d:46:67:41:40:40:67:b9:26:e1:ea:03:69:a8:a8:5a:d6:
f3:71:7f:ef:51:f0:ad:2d:f3:31:d1:71:ef:9c:40:fe:4b:f1:
7b:7e:3c:8a:11:c7:ec:72:73:eb:7e:87:19:ae:b1:ab:d0:64:
2e:28:00:dd:00:8b:f3:92:aa:59:ef:3b:be:4c:34:69:a9:ae:
9f:28:48:c2:1a:bb:c3:66:75:0d:49:e4:42:44:3e:aa:eb:d4:
1a:58:06:9a:9a:05:b2:e0:3d:1e:45:0c:1e:59:d7:41:92:7c:
64:ad:91:95:b5:d2:67:17:02:b7:2c:ae:8a:8e:34:5a:50:14:
c5:f2:38:c8:ea:cb:83:7c:6d:3c:cb:99:30:ef:78:d0:fe:2e:
98:c0:26:2d:37:37:54:cb:bf:a7:f7:cd:5e:bc:5c:87:bf:d2:
dc:8c:da:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaSpGB0HwJiDu7JETjz4txhim58gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNTIwMTc1MDIwWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMjEzZTM5MGE3NTk0NzlkYWQzNDU2ZDQ0ZTA4Y2MzNTU0
YTUzZWIzMmYzODM5MDE4NmE1YzNhNTg5MWI4ZjY0MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvlsuUfXAFAt1Oa3OB7cHLhaGNDzpTsaMe3YwrMnH4a/EZ
gr1qzwODrk1CuJTnaDLRq2bmsUOhaqH2Mv9reDcWFvwBifPru4iiylklTOLkHlje
tKr+vLjg9+g82RH2+Da3GExH0OmrIw8NbhfqXIgZQgnQarpd8sjKcTyVEHyWzzZT
35yiKYfIDAlcQvjqVXPQQI077LzsvauipXx6XcMbMiPSe1z8Wy+Vg9V6Ze1RYGX1
CVkuE7B8oGDsuxUgQkAPabYg2v/Md4MEyuQliqfwZFGv3SCuZnmRrVy5/ByLhkuN
CdEQGdqXAO/PjZVEa6jPGPfIKJi965mNwEMTUaHDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTg9zyWplg/50flTTcSAWPyymTiEwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzZiNWJmOTNiLTBhODYtNGUyNS1hMjBhLTRjOTgyOGUxZjg0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIjYJAwDQYJKoZIhvcNAQELBQADggEBAJI+DT59FfAcbSziX08BioWyaEjx
fGOKN1nBeIQvJSlEi3ks57jS55auY6xFf9HDlJXgW9s2NAbNVPjTOwAIx5yI0gLv
9kVvbLc5xSL4p1ipa+GUXNmmmooHk/KNRmdBQEBnuSbh6gNpqKha1vNxf+9R8K0t
8zHRce+cQP5L8Xt+PIoRx+xyc+t+hxmusavQZC4oAN0Ai/OSqlnvO75MNGmprp8o
SMIau8NmdQ1J5EJEPqrr1BpYBpqaBbLgPR5FDB5Z10GSfGStkZW10mcXArcsroqO
NFpQFMXyOMjqy4N8bTzLmTDveND+LpjAJi03N1TLv6f3zV68XIe/0tyM2oo=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:24:08 2025 by rpki-client