Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12f474cf-017f-4052-a30e-b1b12c41f660.roa
File: 12f474cf-017f-4052-a30e-b1b12c41f660.roa (raw, json)
Hash identifier: wM0JjvxrBVmqRaogDXokVQmWMcC+L2hpJUPu6OByysw=
Subject key identifier: 33:D4:69:AC:7A:32:32:5B:12:B8:AF:45:BA:CD:CF:78:A0:5B:47:C0
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5C1E171FF81F1DD41E7B5F00572D1039B553A214
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12f474cf-017f-4052-a30e-b1b12c41f660.roa
Signing time: Sat 04 Jan 2025 00:00:00 +0000
ROA not before: Sat 04 Jan 2025 00:00:00 +0000
ROA not after: Sat 08 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 173.83.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:1e:17:1f:f8:1f:1d:d4:1e:7b:5f:00:57:2d:10:39:b5:53:a2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 4 00:00:00 2025 GMT
Not After : Feb 8 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:dc:66:86:14:21:cc:dc:a7:8b:ce:6a:f6:b9:
50:20:d1:b9:ef:1a:e5:e3:c0:9b:9f:4b:f0:35:f7:
f0:a6:a6:e0:eb:5f:d6:ef:68:1f:9c:07:d0:40:96:
1b:2f:bb:b6:81:05:4d:4b:45:1a:3a:3b:29:2b:24:
fa:7c:d4:4f:80:af:19:ec:80:c5:c4:02:de:35:40:
df:74:95:09:d9:4b:f4:30:c2:01:26:11:d6:7e:9c:
4b:3c:19:88:39:6a:ec:ca:fa:21:93:a0:6f:ed:eb:
cf:42:5f:76:52:9f:60:62:35:a2:59:e9:ec:be:d6:
4e:2d:b2:c4:2a:48:d1:9b:57:09:6d:24:33:1a:4f:
f4:91:82:a8:1f:70:32:0c:cb:5b:26:9c:76:e8:83:
db:a0:ad:6c:a0:51:8f:c4:b7:a3:6d:11:bd:42:5d:
37:a5:43:cf:e2:aa:17:e9:5d:b8:e4:0a:be:a9:cc:
6e:af:46:31:c4:80:33:b3:64:4b:07:9b:de:05:92:
0b:43:97:2f:26:9a:d7:74:47:f6:e7:ad:fb:c0:1d:
71:aa:e3:9b:b8:a4:1d:39:91:c6:16:e1:c4:a8:07:
4e:c9:b8:5f:09:c9:93:28:85:a7:76:dd:bd:ad:fb:
85:94:5e:68:40:14:8f:18:26:da:99:4a:e1:10:fb:
c2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D4:69:AC:7A:32:32:5B:12:B8:AF:45:BA:CD:CF:78:A0:5B:47:C0
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12f474cf-017f-4052-a30e-b1b12c41f660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.83.212.0/24
Signature Algorithm: sha256WithRSAEncryption
23:f9:95:e1:47:07:43:f9:9a:71:60:4c:8f:50:a5:db:b3:ef:
62:c8:6b:58:5d:85:4e:3b:3c:03:bb:23:04:be:d9:ac:3a:c7:
31:78:d6:38:64:30:95:bc:05:e7:7d:84:e9:c4:c5:8a:b3:84:
18:d8:58:ad:5b:4c:bc:03:c0:ed:a4:f8:4b:38:d6:1d:58:cc:
5f:0a:06:31:28:c9:ce:9a:4a:63:81:e7:52:bd:26:b8:ec:3d:
08:65:27:7e:c9:56:59:8c:43:cf:51:ee:50:5f:6e:ea:6d:69:
d9:24:31:d6:37:29:0e:29:e1:cb:9e:ec:bd:48:9b:ab:6f:8f:
a2:2a:8c:db:8c:e4:70:77:75:d9:7e:76:43:13:00:52:2b:c8:
70:a5:b5:96:2d:e4:50:fe:0c:b2:1c:b9:f3:39:aa:3d:dd:0e:
46:a0:0f:a9:cc:29:5c:6a:82:1d:cb:1a:7f:99:e7:bd:a5:4b:
15:04:a3:13:35:41:76:4f:36:7d:3b:57:ca:9a:23:c6:03:10:
3a:9d:ff:73:e2:27:43:29:53:2c:07:92:31:05:3b:b9:53:b1:
4c:89:e9:0e:1f:77:ff:a3:37:fa:8d:1b:40:d8:89:d9:ad:95:
75:f8:d0:3c:49:3c:01:3c:b9:67:af:00:f2:b0:05:a5:23:13:
42:95:69:44
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXB4XH/gfHdQee18AVy0QObVTohQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWI2ZWI4NGY1NjZmYWU3ZjA0MDJkZGUzYjU2ZTFlZjhh
MzNiNWM3YzExNDAxYjdhMTA1Y2IyZDA4M2MyNmVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDf3GaGFCHM3KeLzmr2uVAg0bnvGuXjwJufS/A19/CmpuDr
X9bvaB+cB9BAlhsvu7aBBU1LRRo6OykrJPp81E+ArxnsgMXEAt41QN90lQnZS/Qw
wgEmEdZ+nEs8GYg5auzK+iGToG/t689CX3ZSn2BiNaJZ6ey+1k4tssQqSNGbVwlt
JDMaT/SRgqgfcDIMy1smnHbog9ugrWygUY/Et6NtEb1CXTelQ8/iqhfpXbjkCr6p
zG6vRjHEgDOzZEsHm94FkgtDly8mmtd0R/bnrfvAHXGq45u4pB05kcYW4cSoB07J
uF8JyZMohad23b2t+4WUXmhAFI8YJtqZSuEQ+8K7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUM9RprHoyMlsSuK9Fus3PeKBbR8AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEyZjQ3NGNmLTAxN2YtNDA1Mi1hMzBlLWIxYjEyYzQxZjY2MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtU9QwDQYJKoZIhvcNAQELBQADggEBACP5leFHB0P5mnFgTI9Qpduz72LI
a1hdhU47PAO7IwS+2aw6xzF41jhkMJW8Bed9hOnExYqzhBjYWK1bTLwDwO2k+Es4
1h1YzF8KBjEoyc6aSmOB51K9JrjsPQhlJ37JVlmMQ89R7lBfbuptadkkMdY3KQ4p
4cue7L1Im6tvj6IqjNuM5HB3ddl+dkMTAFIryHCltZYt5FD+DLIcufM5qj3dDkag
D6nMKVxqgh3LGn+Z572lSxUEoxM1QXZPNn07V8qaI8YDEDqd/3PiJ0MpUywHkjEF
O7lTsUyJ6Q4fd/+jN/qNG0DYidmtlXX40DxJPAE8uWevAPKwBaUjE0KVaUQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:16:10 2025 by rpki-client