Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/206d96f1-1619-4027-bbab-6d34fe5d248c.roa
File: 206d96f1-1619-4027-bbab-6d34fe5d248c.roa (raw, json)
Hash identifier: gXc4idwo7SrmpN0OaWwO4Vb8ThJJCih5HzyDXZKs6Ic=
Subject key identifier: E0:E1:F7:F1:FC:8E:4F:88:08:F1:FF:C5:BC:D2:C8:A4:AD:C5:41:2E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 077BEDDD92B0E0CE016AD052E0A8B68F499422B5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/206d96f1-1619-4027-bbab-6d34fe5d248c.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 132.223.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:7b:ed:dd:92:b0:e0:ce:01:6a:d0:52:e0:a8:b6:8f:49:94:22:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=3ebcc9e054dca500882384a881c162278edaf92db4befb8fd99119368e801cc5, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:33:a5:92:ed:5a:1e:53:ca:88:ed:d7:50:c3:
00:74:d8:f1:67:51:d2:51:08:9c:7f:f0:ab:98:b7:
03:ad:9f:29:26:af:b0:da:ca:f1:ce:83:06:79:77:
6d:96:ba:03:08:4f:bc:05:8e:ff:3c:68:8b:4d:7e:
57:76:6a:62:9a:61:f7:93:d5:0d:14:b3:19:41:42:
bc:68:89:9f:0a:6b:8e:6e:e3:e4:b5:3e:4a:56:cf:
78:72:3d:ea:28:ff:70:e1:0c:38:4f:9a:c2:ca:14:
d1:5b:87:05:0f:37:4a:3c:2f:eb:60:dc:c8:d5:c5:
18:3c:23:84:26:99:3d:81:c2:3c:f2:17:d2:67:13:
46:03:62:e8:48:9e:76:8c:90:ce:67:fd:ec:60:af:
76:6c:80:e4:14:9c:e3:eb:44:7f:a8:4b:b5:81:c9:
da:44:fb:c3:9f:3c:ed:ca:62:9d:62:fc:16:6a:17:
76:22:d3:2f:c3:8b:ff:5c:7c:bd:d4:9d:42:ef:35:
8f:19:21:cf:17:a2:94:dd:6a:0b:17:ea:7f:60:d8:
03:cd:eb:73:8a:2e:80:45:78:11:4e:62:29:a3:63:
0a:81:9e:95:99:56:d2:8f:5d:70:03:e8:2d:16:a6:
3d:16:4b:c1:42:1c:3a:c8:a7:02:82:12:40:95:10:
fd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E1:F7:F1:FC:8E:4F:88:08:F1:FF:C5:BC:D2:C8:A4:AD:C5:41:2E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/206d96f1-1619-4027-bbab-6d34fe5d248c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.223.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:d1:23:49:ec:16:db:ca:c1:2f:75:9c:ee:bb:ed:88:d7:d7:
e0:9e:63:a4:a6:be:d7:70:66:48:da:09:61:ce:fb:af:b0:3d:
91:60:d0:3e:cb:44:8d:6a:d1:f1:57:35:6e:fc:e2:3b:65:34:
fc:4c:cf:71:f9:48:a5:00:74:d2:ac:92:06:9e:80:f4:b5:f5:
03:2f:3d:62:6c:7e:3a:87:04:9b:a0:8a:a5:b0:3d:51:f6:ee:
f5:0d:fd:57:32:bb:90:e9:d6:e4:01:28:6c:a8:22:a8:f4:8b:
f9:91:ad:7b:94:97:2d:63:ba:59:b7:59:33:20:24:82:38:30:
a1:ba:92:fd:16:04:ea:27:1f:df:d2:d7:32:fe:14:6d:7c:73:
c3:8d:c0:f7:f3:c1:c3:94:60:ab:fb:51:ab:07:26:e4:a2:18:
e6:e4:21:5c:26:d0:b0:99:10:b4:27:57:17:3a:6e:d6:8b:ae:
42:f8:5b:d6:e4:55:b6:80:03:57:e4:57:32:fd:3a:ca:38:08:
eb:14:66:c7:07:af:19:1d:fc:52:de:30:29:77:69:a3:03:0a:
e7:c9:3d:e3:f5:82:6c:53:fb:f2:7a:1d:f3:1d:a8:1d:b0:e1:
5a:c7:32:d7:e9:5e:31:d7:a0:74:e9:b3:b4:8f:9b:a4:c7:2a:
35:54:5a:38
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUB3vt3ZKw4M4BatBS4Ki2j0mUIrUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzZWJjYzllMDU0ZGNhNTAwODgyMzg0YTg4MWMxNjIyNzhl
ZGFmOTJkYjRiZWZiOGZkOTkxMTkzNjhlODAxY2M1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/M6WS7VoeU8qI7ddQwwB02PFnUdJRCJx/8KuYtwOtnykm
r7DayvHOgwZ5d22WugMIT7wFjv88aItNfld2amKaYfeT1Q0UsxlBQrxoiZ8Ka45u
4+S1PkpWz3hyPeoo/3DhDDhPmsLKFNFbhwUPN0o8L+tg3MjVxRg8I4QmmT2Bwjzy
F9JnE0YDYuhInnaMkM5n/exgr3ZsgOQUnOPrRH+oS7WBydpE+8OfPO3KYp1i/BZq
F3Yi0y/Di/9cfL3UnULvNY8ZIc8XopTdagsX6n9g2APN63OKLoBFeBFOYimjYwqB
npWZVtKPXXAD6C0Wpj0WS8FCHDrIpwKCEkCVEP0vAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4OH38fyOT4gI8f/FvNLIpK3FQS4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIwNmQ5NmYxLTE2MTktNDAyNy1iYmFiLTZkMzRmZTVkMjQ4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCE3zANBgkqhkiG9w0BAQsFAAOCAQEAkdEjSewW28rBL3Wc7rvtiNfX4J5j
pKa+13BmSNoJYc77r7A9kWDQPstEjWrR8Vc1bvziO2U0/EzPcflIpQB00qySBp6A
9LX1Ay89Ymx+OocEm6CKpbA9Ufbu9Q39VzK7kOnW5AEobKgiqPSL+ZGte5SXLWO6
WbdZMyAkgjgwobqS/RYE6icf39LXMv4UbXxzw43A9/PBw5Rgq/tRqwcm5KIY5uQh
XCbQsJkQtCdXFzpu1ouuQvhb1uRVtoADV+RXMv06yjgI6xRmxwevGR38Ut4wKXdp
owMK58k94/WCbFP78nod8x2oHbDhWscy1+leMdegdOmztI+bpMcqNVRaOA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:11:39 2025 by rpki-client