Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07f58bfc-fbdd-45c3-a585-760fa80fd005.roa
File: 07f58bfc-fbdd-45c3-a585-760fa80fd005.roa (raw, json)
Hash identifier: 0TlXAinsv6/6zgXAAHjyrMzekBzWmcCz261ifxBPvMo=
Subject key identifier: 3E:2C:85:DC:94:5D:BB:1B:0D:2A:3F:9E:9A:42:FA:40:E6:71:FA:97
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4B70E79AFE96C511FF2BD35424FC0722151D62EF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07f58bfc-fbdd-45c3-a585-760fa80fd005.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.130.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:70:e7:9a:fe:96:c5:11:ff:2b:d3:54:24:fc:07:22:15:1d:62:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=8b5f09978eba3e023b69a775db1d8e54dfc21f946b0f63ef661e6345f7b4edfc, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:04:bb:47:21:a0:6d:0e:41:91:77:1e:92:60:
ea:4c:50:1c:a2:02:3b:86:85:d4:85:d8:8e:c2:0c:
0c:ce:03:8e:4f:9a:8b:f1:5f:c5:87:82:16:6b:61:
20:7a:01:3d:02:63:e4:38:2e:5c:47:5f:cc:7a:05:
d4:92:d0:36:98:09:b2:38:ed:cb:05:40:28:89:42:
52:f1:1e:52:0e:c5:b9:28:a5:a5:32:e4:47:8a:1c:
f8:68:de:17:a9:f6:f0:07:56:71:ef:17:07:07:d3:
04:4f:45:16:b6:cc:bb:59:78:7a:d3:18:a6:da:cc:
02:59:15:6c:61:7f:a5:a3:74:c5:46:e4:f8:af:33:
15:d9:76:04:34:ca:78:1f:5f:5c:28:3b:01:a9:76:
89:d2:d6:d1:ac:5f:41:26:61:1c:91:ae:2a:0f:b4:
e8:bd:13:f1:83:7c:ab:8b:08:b6:7b:c2:36:65:f9:
67:d8:fa:d7:8e:98:2d:c8:be:8b:ba:79:dd:3c:06:
09:ff:31:fb:33:9b:b1:61:f8:aa:a0:f9:4f:ab:97:
69:79:07:50:9e:e9:ed:a6:97:e3:db:6b:07:aa:f1:
66:55:e6:d4:fb:9b:84:ba:01:61:d1:87:e8:51:87:
bf:89:78:68:36:55:5f:2a:e9:88:84:68:22:da:3e:
db:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2C:85:DC:94:5D:BB:1B:0D:2A:3F:9E:9A:42:FA:40:E6:71:FA:97
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07f58bfc-fbdd-45c3-a585-760fa80fd005.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:6b:7f:06:33:02:84:bd:ec:2a:0f:10:2f:f6:3d:12:b1:b6:
15:27:e3:06:1d:51:74:3b:75:89:d1:c4:69:1a:8c:81:07:18:
f6:26:e1:85:09:cb:f0:1b:cd:f9:57:5b:b6:73:ec:f8:aa:ea:
5f:57:6a:1e:a7:d9:96:79:83:12:f3:1b:84:68:03:7d:59:bf:
94:fc:32:0f:12:e7:68:3e:6b:25:5b:ce:e5:3a:24:f9:b6:3d:
80:ef:c6:63:2a:14:6d:b1:e9:61:3d:51:ac:94:ac:ba:37:7a:
c2:57:67:6f:16:62:b4:cb:13:51:79:7c:d6:28:70:a6:d1:8d:
78:82:d0:89:d2:9c:32:95:13:16:71:19:26:e9:7f:c0:83:7d:
f0:81:1a:fa:ba:c9:d2:85:60:2d:19:05:d9:75:fe:1c:c2:4c:
06:e1:d9:3d:47:8a:a2:03:98:ab:82:49:88:56:a5:fe:86:16:
31:96:b1:dd:dc:be:a6:03:89:55:90:95:08:2f:e6:d3:70:5c:
89:71:0c:cb:be:a7:86:f5:f7:40:2f:df:54:70:5f:c5:42:63:
08:3a:ae:f2:0f:ed:15:98:03:34:b5:b9:e0:80:07:a0:f1:e6:
25:63:4d:22:d8:c0:27:d1:2b:74:44:c4:62:52:51:ec:d8:89:
ef:43:48:cb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUS3Dnmv6WxRH/K9NUJPwHIhUdYu8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YjVmMDk5NzhlYmEzZTAyM2I2OWE3NzVkYjFkOGU1NGRm
YzIxZjk0NmIwZjYzZWY2NjFlNjM0NWY3YjRlZGZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrBLtHIaBtDkGRdx6SYOpMUByiAjuGhdSF2I7CDAzOA45P
movxX8WHghZrYSB6AT0CY+Q4LlxHX8x6BdSS0DaYCbI47csFQCiJQlLxHlIOxbko
paUy5EeKHPho3hep9vAHVnHvFwcH0wRPRRa2zLtZeHrTGKbazAJZFWxhf6WjdMVG
5PivMxXZdgQ0yngfX1woOwGpdonS1tGsX0EmYRyRrioPtOi9E/GDfKuLCLZ7wjZl
+WfY+teOmC3Ivou6ed08Bgn/Mfszm7Fh+Kqg+U+rl2l5B1Ce6e2ml+Pbaweq8WZV
5tT7m4S6AWHRh+hRh7+JeGg2VV8q6YiEaCLaPttFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUPiyF3JRduxsNKj+emkL6QOZx+pcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA3ZjU4YmZjLWZiZGQtNDVjMy1hNTg1LTc2MGZhODBmZDAwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQgjANBgkqhkiG9w0BAQsFAAOCAQEAFWt/BjMChL3sKg8QL/Y9ErG2FSfj
Bh1RdDt1idHEaRqMgQcY9ibhhQnL8BvN+VdbtnPs+KrqX1dqHqfZlnmDEvMbhGgD
fVm/lPwyDxLnaD5rJVvO5Tok+bY9gO/GYyoUbbHpYT1RrJSsujd6wldnbxZitMsT
UXl81ihwptGNeILQidKcMpUTFnEZJul/wIN98IEa+rrJ0oVgLRkF2XX+HMJMBuHZ
PUeKogOYq4JJiFal/oYWMZax3dy+pgOJVZCVCC/m03BciXEMy76nhvX3QC/fVHBf
xUJjCDqu8g/tFZgDNLW54IAHoPHmJWNNItjAJ9ErdETEYlJR7NiJ70NIyw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:23 2025 by rpki-client