Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/025150e4-3554-46e0-b154-31e95b8e3530.roa
File: 025150e4-3554-46e0-b154-31e95b8e3530.roa (raw, json)
Hash identifier: WTROUXCcNH0DeHAievTigIvkiipXTgyJSh3Bt7W+5mU=
Subject key identifier: E7:FB:93:D1:13:F2:D1:9B:B1:94:03:64:3C:BB:35:64:8A:87:60:EA
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 16C064AD4F51A71C22B62A002CC1F7EC7051577B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/025150e4-3554-46e0-b154-31e95b8e3530.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 40.181.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:c0:64:ad:4f:51:a7:1c:22:b6:2a:00:2c:c1:f7:ec:70:51:57:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=019502ffa3a07be48cbc0bef13b4db30228f0c3dcb48ec62503f887fb3b078fe, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bd:36:1d:25:97:13:49:7d:7f:5f:7a:92:72:
3a:ea:30:aa:ed:11:47:9a:e9:7f:6b:21:77:b0:7c:
3d:03:e1:c4:90:07:e4:ee:ab:42:7f:c6:b6:e4:69:
9b:e0:6c:7c:32:4a:b4:69:e6:b9:e5:81:e9:8e:49:
08:f8:af:ab:b1:b4:ee:b6:9a:da:fc:ba:28:50:97:
d8:ae:fc:89:ba:ad:da:0c:7f:7f:b2:c4:0e:fe:69:
a6:28:a0:78:fe:b4:7c:2a:c9:40:34:fe:04:7a:db:
60:60:19:05:b8:4d:65:be:d1:f7:53:e6:1b:33:b3:
41:0a:69:dd:e1:6f:03:7e:0f:2a:1b:15:23:4f:ae:
f9:2b:52:96:58:21:4d:bc:9c:0c:9f:06:8f:74:c8:
d3:7e:0a:09:af:a2:71:89:a1:98:60:a2:f5:55:94:
02:82:8d:e0:e4:8c:36:c2:63:d0:87:f3:23:f9:ad:
b8:54:09:00:56:4b:62:49:38:14:c0:f7:92:85:53:
c4:cb:67:f9:35:66:15:4c:2a:79:5d:26:d2:4f:33:
e9:77:41:6b:24:fa:44:fa:b0:44:87:53:1c:1d:cf:
04:79:d5:96:da:c9:45:d2:3d:cd:92:b3:d9:f4:da:
54:09:60:60:e6:ec:3d:d4:ea:8c:e4:a3:f4:55:91:
c8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FB:93:D1:13:F2:D1:9B:B1:94:03:64:3C:BB:35:64:8A:87:60:EA
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/025150e4-3554-46e0-b154-31e95b8e3530.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.181.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:96:bd:d8:8c:b7:3f:45:fd:16:cd:a4:7f:4e:d3:7d:68:3a:
cf:91:a5:ee:2b:e6:64:eb:e9:7f:ba:da:6c:44:9f:7b:23:e6:
85:ee:7d:db:da:9d:ba:7e:eb:4d:68:6f:f5:e4:3d:23:37:61:
73:0c:1c:de:be:5d:32:d6:fd:4d:b6:5b:15:d3:16:0b:26:52:
4d:96:ea:2e:89:c3:50:5c:26:f4:f8:19:a0:30:7c:84:97:b3:
21:76:87:8b:a6:74:2d:00:a6:03:1c:37:83:9e:65:25:f8:0e:
8a:4a:f9:53:10:f8:ea:b5:62:0c:8e:04:3c:64:83:d3:ce:35:
cc:bd:13:b9:29:7a:90:c2:e8:08:5d:64:ee:be:d4:09:6f:ff:
91:58:ad:ea:9a:a5:1c:eb:be:1c:71:a0:5d:21:ca:02:7b:88:
bd:47:04:6e:81:d6:d6:bb:8c:a7:fb:28:dc:88:1e:9d:cf:ed:
dd:2c:c6:05:fe:ee:15:84:cd:12:3d:a6:ba:80:ae:1c:a6:72:
50:a6:38:b4:e6:b5:52:0a:75:17:f5:5b:80:ea:2f:1a:3c:4b:
11:87:f5:5d:67:81:2d:06:12:5a:e9:83:b5:34:49:76:62:bb:
7e:b3:4f:f2:c6:73:75:62:7e:26:7d:fb:a9:36:fe:6c:97:d4:
13:84:b9:66
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFsBkrU9RpxwitioALMH37HBRV3swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTk1MDJmZmEzYTA3YmU0OGNiYzBiZWYxM2I0ZGIzMDIy
OGYwYzNkY2I0OGVjNjI1MDNmODg3ZmIzYjA3OGZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXvTYdJZcTSX1/X3qScjrqMKrtEUea6X9rIXewfD0D4cSQ
B+Tuq0J/xrbkaZvgbHwySrRp5rnlgemOSQj4r6uxtO62mtr8uihQl9iu/Im6rdoM
f3+yxA7+aaYooHj+tHwqyUA0/gR622BgGQW4TWW+0fdT5hszs0EKad3hbwN+Dyob
FSNPrvkrUpZYIU28nAyfBo90yNN+CgmvonGJoZhgovVVlAKCjeDkjDbCY9CH8yP5
rbhUCQBWS2JJOBTA95KFU8TLZ/k1ZhVMKnldJtJPM+l3QWsk+kT6sESHUxwdzwR5
1ZbayUXSPc2Ss9n02lQJYGDm7D3U6ozko/RVkcgfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5/uT0RPy0ZuxlANkPLs1ZIqHYOowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAyNTE1MGU0LTM1NTQtNDZlMC1iMTU0LTMxZTk1YjhlMzUzMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAotTANBgkqhkiG9w0BAQsFAAOCAQEAlJa92Iy3P0X9Fs2kf07TfWg6z5Gl
7ivmZOvpf7rabESfeyPmhe5929qdun7rTWhv9eQ9Izdhcwwc3r5dMtb9TbZbFdMW
CyZSTZbqLonDUFwm9PgZoDB8hJezIXaHi6Z0LQCmAxw3g55lJfgOikr5UxD46rVi
DI4EPGSD0841zL0TuSl6kMLoCF1k7r7UCW//kVit6pqlHOu+HHGgXSHKAnuIvUcE
boHW1ruMp/so3Igenc/t3SzGBf7uFYTNEj2muoCuHKZyUKY4tOa1Ugp1F/VbgOov
GjxLEYf1XWeBLQYSWumDtTRJdmK7frNP8sZzdWJ+Jn37qTb+bJfUE4S5Zg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:19:16 2025 by rpki-client