Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d74bba8-1f15-41f0-8cac-9ac9d104ac5c.roa
File: 0d74bba8-1f15-41f0-8cac-9ac9d104ac5c.roa (raw, json)
Hash identifier: KBqh6Pc+n04tC7o4osyls94GllwuabpJpDkRxLzb1y4=
Subject key identifier: 6E:87:F6:BC:29:A7:E8:71:38:65:7D:A6:6E:63:ED:96:FB:A2:C5:50
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2E12D2E08E65E2D9F6E2847824A47D0083DAF4EA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d74bba8-1f15-41f0-8cac-9ac9d104ac5c.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.214.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:12:d2:e0:8e:65:e2:d9:f6:e2:84:78:24:a4:7d:00:83:da:f4:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=b18927b2a819689e4897362259be0307e44d5ebbc55da59bb2e222757f229974, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:66:79:e2:ff:b1:28:66:45:75:0c:1c:5d:1a:
fa:25:6b:4d:06:75:7f:a9:f7:0b:b8:42:52:73:7b:
30:ce:f0:d2:0d:12:3a:21:7f:6d:1a:7a:ac:30:29:
ba:6f:2b:04:a9:48:c9:98:51:d0:61:5d:3e:a6:dc:
a9:7b:69:96:8c:82:64:12:92:01:2a:b0:ba:07:36:
bd:6b:1b:b4:fc:c3:3a:ab:e1:a9:03:6b:26:00:53:
99:a9:e1:13:bc:f8:0d:72:42:df:2a:e0:cb:52:01:
bc:97:4e:2f:85:67:63:f7:e3:31:0a:84:5d:66:59:
1a:e7:72:07:ba:1b:1f:a5:54:29:eb:81:e3:5d:79:
fa:73:c1:4f:7b:f3:7a:30:75:ef:21:6b:c3:03:a5:
d1:1f:2b:c0:56:96:e5:13:1a:cb:d8:c4:5c:52:a5:
6c:0e:cb:6e:0d:26:15:18:0f:85:eb:2d:dc:c6:4a:
3a:54:9c:b5:6d:3f:0f:a2:bd:a7:53:3e:18:1e:73:
ac:d4:86:d7:c6:61:f7:09:38:3f:64:31:fa:95:0d:
1c:5a:18:43:3a:16:82:bd:63:92:82:db:e5:1f:a6:
6c:9f:9d:e2:30:52:e1:d0:a6:9e:5a:04:61:40:67:
5e:1b:85:dd:80:35:1d:03:10:a9:09:ed:21:d0:65:
e3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:87:F6:BC:29:A7:E8:71:38:65:7D:A6:6E:63:ED:96:FB:A2:C5:50
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d74bba8-1f15-41f0-8cac-9ac9d104ac5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.214.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:27:45:5c:d2:11:b1:7a:f2:96:64:e4:2a:26:34:72:ba:f5:
80:f4:71:bb:6f:1d:fc:40:f5:41:d1:6a:d6:8b:df:27:2c:6f:
48:d2:08:7c:3e:9a:78:4f:54:6c:f3:5a:b6:8c:ad:78:8e:7f:
78:2a:ae:4a:23:04:29:f4:9a:d7:7e:3e:90:9c:e6:1f:4d:1f:
49:fe:d1:09:76:1d:dc:39:b2:0a:fd:eb:99:fe:6b:6d:87:de:
f0:64:ba:9c:e9:01:d0:2d:c5:c4:26:da:83:3d:bc:02:85:e9:
db:0e:3d:2c:1e:a8:01:e6:b1:74:3a:d4:8a:8f:42:01:da:b4:
57:e5:25:78:f5:d4:c9:4a:c7:20:bf:df:d1:d2:12:ce:dc:19:
93:70:3c:29:36:69:f2:8d:0e:77:cd:88:4f:e1:a6:82:0b:5b:
81:b6:59:52:0d:0f:23:3b:83:91:1b:7d:eb:05:52:ce:48:a9:
96:43:a6:8a:ee:49:61:87:b2:ac:83:1c:68:33:9a:4c:8c:e9:
f2:ae:92:21:69:b7:2e:db:42:8f:55:01:c5:81:9e:28:b4:8d:
d5:9e:a2:df:5d:33:79:09:f5:97:aa:8c:5e:8f:93:53:66:30:
4f:d6:93:11:c4:19:ea:ae:0f:86:33:83:9e:14:59:8b:25:0f:
f3:b3:19:76
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULhLS4I5l4tn24oR4JKR9AIPa9OowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMTg5MjdiMmE4MTk2ODllNDg5NzM2MjI1OWJlMDMwN2U0
NGQ1ZWJiYzU1ZGE1OWJiMmUyMjI3NTdmMjI5OTc0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwZnni/7EoZkV1DBxdGvola00GdX+p9wu4QlJzezDO8NIN
Ejohf20aeqwwKbpvKwSpSMmYUdBhXT6m3Kl7aZaMgmQSkgEqsLoHNr1rG7T8wzqr
4akDayYAU5mp4RO8+A1yQt8q4MtSAbyXTi+FZ2P34zEKhF1mWRrncge6Gx+lVCnr
geNdefpzwU9783owde8ha8MDpdEfK8BWluUTGsvYxFxSpWwOy24NJhUYD4XrLdzG
SjpUnLVtPw+ivadTPhgec6zUhtfGYfcJOD9kMfqVDRxaGEM6FoK9Y5KC2+Ufpmyf
neIwUuHQpp5aBGFAZ14bhd2ANR0DEKkJ7SHQZeNPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbof2vCmn6HE4ZX2mbmPtlvuixVAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBkNzRiYmE4LTFmMTUtNDFmMC04Y2FjLTlhYzlkMTA0YWM1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQ1jANBgkqhkiG9w0BAQsFAAOCAQEASSdFXNIRsXrylmTkKiY0crr1gPRx
u28d/ED1QdFq1ovfJyxvSNIIfD6aeE9UbPNatoyteI5/eCquSiMEKfSa134+kJzm
H00fSf7RCXYd3DmyCv3rmf5rbYfe8GS6nOkB0C3FxCbagz28AoXp2w49LB6oAeax
dDrUio9CAdq0V+UlePXUyUrHIL/f0dISztwZk3A8KTZp8o0Od82IT+GmggtbgbZZ
Ug0PIzuDkRt96wVSzkiplkOmiu5JYYeyrIMcaDOaTIzp8q6SIWm3LttCj1UBxYGe
KLSN1Z6i310zeQn1l6qMXo+TU2YwT9aTEcQZ6q4PhjODnhRZiyUP87MZdg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:40:55 2025 by rpki-client