Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0faa5a36-7d22-44a3-aac5-9b86a2e8c1b3.roa
File: 0faa5a36-7d22-44a3-aac5-9b86a2e8c1b3.roa (raw, json)
Hash identifier: 3ccESKf+2jxtEJpE/Qn6m0vtgP1ZdtgzvvNnGyWh3N8=
Subject key identifier: 22:7F:9A:8F:3A:12:48:F1:79:77:25:19:F6:89:EC:50:4D:CF:80:CF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 29013418CD09F94F70208284D369BF498FC6A574
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0faa5a36-7d22-44a3-aac5-9b86a2e8c1b3.roa
Signing time: Sat 04 Jan 2025 00:00:00 +0000
ROA not before: Sat 04 Jan 2025 00:00:00 +0000
ROA not after: Sat 08 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.50.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:01:34:18:cd:09:f9:4f:70:20:82:84:d3:69:bf:49:8f:c6:a5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 4 00:00:00 2025 GMT
Not After : Feb 8 23:59:59 2025 GMT
Subject: serialNumber=387ccf885e98c034aa23e7d22fa9cee253c8400dc81488d13d75aa3ddf3a8558, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ed:fe:fb:2f:63:4b:bf:60:71:77:ce:77:06:
e2:8a:5e:fb:78:3d:99:21:3d:59:ff:85:7d:be:01:
cf:ab:f6:08:ca:3b:f3:e1:1b:b5:56:c9:b5:87:bf:
08:ac:08:38:7e:6e:f4:54:b4:c7:d8:ee:35:33:14:
f4:eb:1e:a0:90:e4:50:1b:30:2a:43:0a:6f:c4:03:
95:80:39:84:77:40:f1:79:78:0b:34:06:a8:a4:37:
e7:4d:2e:bc:24:f1:38:90:ce:59:88:d8:61:74:ad:
ea:3d:80:de:7f:f6:ec:ae:3a:45:b3:63:1d:41:ee:
87:ed:be:25:78:7d:88:6a:61:28:6b:16:fc:3c:47:
bf:58:43:c5:bf:61:d5:13:3a:b8:ad:b6:5a:53:4c:
64:5a:23:ae:ca:d7:50:3a:8f:60:de:83:66:1f:43:
06:2d:a8:60:eb:2d:e3:09:0c:63:a6:41:94:a8:8a:
75:73:8c:2d:fc:64:20:39:67:10:32:2f:ec:2c:1e:
73:2a:89:9a:df:4c:6d:a0:c0:89:6a:a0:53:4c:59:
4f:f2:7c:98:7f:2e:be:fe:1a:7e:96:ea:cc:fc:36:
c0:3d:54:50:5f:fa:66:b3:8d:4a:4c:90:37:01:1a:
af:80:17:a4:90:df:3b:c8:93:69:dd:5e:c3:c8:c6:
be:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7F:9A:8F:3A:12:48:F1:79:77:25:19:F6:89:EC:50:4D:CF:80:CF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0faa5a36-7d22-44a3-aac5-9b86a2e8c1b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.50.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:b6:fc:37:30:94:e7:75:cb:b0:91:e8:ce:31:ba:25:dc:68:
30:7b:10:ec:8f:42:04:ff:04:98:f4:a4:d7:99:a4:f4:c5:e5:
7a:59:db:9a:02:c8:ff:af:bd:62:25:45:6b:af:dd:93:ed:aa:
a7:6f:03:e9:56:13:81:ed:c8:f7:3b:b8:5c:a1:14:fe:0a:64:
84:57:d2:1e:36:da:f7:e6:92:01:27:63:47:14:1e:7a:aa:e2:
0a:03:a7:40:46:f6:ee:2e:3e:5f:d4:3e:5c:62:e6:65:32:b2:
2a:18:ee:40:df:8b:76:73:0d:78:98:a0:a2:99:d8:4f:e9:dd:
c7:24:3c:a3:2b:d8:1a:d6:ab:25:35:96:32:d3:80:07:5b:11:
26:3d:24:6e:7e:f0:5f:d1:53:d6:4a:25:94:f5:ca:7f:56:c1:
8a:15:83:f6:9b:57:88:b1:53:9a:a2:e5:a1:03:29:bd:d0:8b:
e5:b5:37:e4:eb:b9:50:56:f1:0f:76:21:54:8b:69:6a:bd:f9:
77:97:ba:5c:83:58:33:74:ac:63:f1:ae:2a:0d:c1:b3:22:0d:
d7:16:99:7e:9b:ea:eb:5c:c2:35:43:e7:e6:18:27:7b:90:d3:
98:3a:2f:1e:4b:f9:15:df:17:c5:b4:70:09:0e:77:e4:d7:47:
d7:2a:c4:d9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKQE0GM0J+U9wIIKE02m/SY/GpXQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODdjY2Y4ODVlOThjMDM0YWEyM2U3ZDIyZmE5Y2VlMjUz
Yzg0MDBkYzgxNDg4ZDEzZDc1YWEzZGRmM2E4NTU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDf7f77L2NLv2Bxd853BuKKXvt4PZkhPVn/hX2+Ac+r9gjK
O/PhG7VWybWHvwisCDh+bvRUtMfY7jUzFPTrHqCQ5FAbMCpDCm/EA5WAOYR3QPF5
eAs0BqikN+dNLrwk8TiQzlmI2GF0reo9gN5/9uyuOkWzYx1B7oftviV4fYhqYShr
Fvw8R79YQ8W/YdUTOrittlpTTGRaI67K11A6j2Deg2YfQwYtqGDrLeMJDGOmQZSo
inVzjC38ZCA5ZxAyL+wsHnMqiZrfTG2gwIlqoFNMWU/yfJh/Lr7+Gn6W6sz8NsA9
VFBf+mazjUpMkDcBGq+AF6SQ3zvIk2ndXsPIxr4FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIn+ajzoSSPF5dyUZ9onsUE3PgM8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBmYWE1YTM2LTdkMjItNDRhMy1hYWM1LTliODZhMmU4YzFiMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjMsUwDQYJKoZIhvcNAQELBQADggEBAKO2/DcwlOd1y7CR6M4xuiXcaDB7
EOyPQgT/BJj0pNeZpPTF5XpZ25oCyP+vvWIlRWuv3ZPtqqdvA+lWE4HtyPc7uFyh
FP4KZIRX0h422vfmkgEnY0cUHnqq4goDp0BG9u4uPl/UPlxi5mUysioY7kDfi3Zz
DXiYoKKZ2E/p3cckPKMr2BrWqyU1ljLTgAdbESY9JG5+8F/RU9ZKJZT1yn9WwYoV
g/abV4ixU5qi5aEDKb3Qi+W1N+TruVBW8Q92IVSLaWq9+XeXulyDWDN0rGPxrioN
wbMiDdcWmX6b6utcwjVD5+YYJ3uQ05g6Lx5L+RXfF8W0cAkOd+TXR9cqxNk=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:46:55 2025 by rpki-client