Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23d29d0e-b9f9-4b4e-9bf3-ea6ece78a69b.roa
File: 23d29d0e-b9f9-4b4e-9bf3-ea6ece78a69b.roa (raw, json)
Hash identifier: Ys3BRAhC3UM5dq1DA71XrTe6sve0qyZHPlCdGfSkj+I=
Subject key identifier: A5:8D:06:8B:49:AF:14:78:FB:11:39:5E:41:83:2D:30:D9:FC:97:13
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4B62EA761FD462998AF8A0F88CFDCF9661294164
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23d29d0e-b9f9-4b4e-9bf3-ea6ece78a69b.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 16.99.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:62:ea:76:1f:d4:62:99:8a:f8:a0:f8:8c:fd:cf:96:61:29:41:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=848e4143927cef264dcf35d2c60b99df6f8ab5d8b4c07e666a15b3cc41bfe5e7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:10:34:47:85:30:be:c0:2a:3b:a5:36:41:
af:f8:38:8e:bc:fc:62:ff:30:53:35:77:74:f9:88:
d7:d5:4d:45:11:81:4d:76:02:70:74:4d:de:53:af:
59:a5:17:14:bd:6e:cd:46:c1:cd:07:28:df:f8:61:
dd:4c:e9:32:56:73:85:6e:68:be:42:f9:90:ec:e6:
51:f6:bf:76:74:15:d6:48:a1:14:4d:8d:6d:df:ea:
52:19:12:73:6c:be:7d:35:03:c7:63:d1:2c:52:46:
5d:5f:14:db:57:59:f2:a6:21:ef:6c:78:59:98:b5:
7f:d9:df:86:e7:7c:20:44:8c:2e:7a:94:28:5b:4a:
f5:47:c3:53:d5:d6:4c:4d:b0:b2:13:6a:35:80:d2:
ef:d0:73:8d:cd:20:7b:8a:2b:5b:85:64:f2:1a:a7:
21:ea:75:97:48:6b:63:0f:15:4a:de:5e:89:64:27:
71:47:80:bf:cd:be:4a:33:2b:5d:c8:dc:f2:9a:9b:
ca:16:4b:33:03:21:26:c8:ec:4f:e0:35:c0:fe:61:
ea:55:1f:89:41:35:2f:2d:eb:67:cc:b5:92:e4:13:
78:9a:b8:ab:09:aa:49:b8:64:c3:87:49:09:2c:8d:
2c:0e:cb:7d:cf:7a:74:aa:5d:64:76:89:ba:1f:da:
1a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8D:06:8B:49:AF:14:78:FB:11:39:5E:41:83:2D:30:D9:FC:97:13
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23d29d0e-b9f9-4b4e-9bf3-ea6ece78a69b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:7b:38:b4:dc:ca:7b:4a:c5:5f:4f:6f:0d:d8:07:e1:69:6d:
10:68:dd:ec:44:16:ec:ca:23:56:93:bd:99:75:f6:8e:ca:6a:
0a:17:24:db:eb:5e:3a:d8:f2:35:28:45:b6:0a:42:c9:80:b6:
ef:47:63:78:e1:aa:56:9f:df:cc:3d:47:5a:42:17:16:4e:da:
b6:27:9f:29:b6:90:b7:6e:ab:de:d7:27:53:37:30:35:56:e9:
c4:86:8d:7c:0e:59:f2:c0:a1:7c:ae:fb:93:33:f1:b8:aa:46:
40:89:95:4d:a2:d0:82:11:49:8d:c1:c5:e9:d2:02:e4:9d:4c:
e0:bf:ef:29:52:82:99:44:ae:fe:e7:60:11:89:81:97:19:4d:
4e:e6:44:69:ef:13:eb:de:c0:6e:90:43:61:b0:fc:3d:93:17:
fe:60:c0:91:20:62:b4:6a:cd:25:e3:59:e3:50:9b:67:78:2d:
ca:cc:02:94:6c:c8:de:74:8d:4b:82:3f:af:6b:6c:7b:23:60:
8d:75:e9:0c:89:e5:63:cc:48:65:28:aa:af:9f:31:0a:d7:74:
37:94:c7:e9:c3:e9:54:15:75:38:7c:1c:53:2f:23:9a:69:fc:
19:73:f1:d4:51:bf:1f:5b:c0:f6:1d:66:0b:c8:1f:84:af:52:
39:3f:b1:f1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUS2Lqdh/UYpmK+KD4jP3PlmEpQWQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDhlNDE0MzkyN2NlZjI2NGRjZjM1ZDJjNjBiOTlkZjZm
OGFiNWQ4YjRjMDdlNjY2YTE1YjNjYzQxYmZlNWU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJcBA0R4UwvsAqO6U2Qa/4OI68/GL/MFM1d3T5iNfVTUUR
gU12AnB0Td5Tr1mlFxS9bs1Gwc0HKN/4Yd1M6TJWc4VuaL5C+ZDs5lH2v3Z0FdZI
oRRNjW3f6lIZEnNsvn01A8dj0SxSRl1fFNtXWfKmIe9seFmYtX/Z34bnfCBEjC56
lChbSvVHw1PV1kxNsLITajWA0u/Qc43NIHuKK1uFZPIapyHqdZdIa2MPFUreXolk
J3FHgL/NvkozK13I3PKam8oWSzMDISbI7E/gNcD+YepVH4lBNS8t62fMtZLkE3ia
uKsJqkm4ZMOHSQksjSwOy33PenSqXWR2ibof2hrPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpY0Gi0mvFHj7ETleQYMtMNn8lxMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzZDI5ZDBlLWI5ZjktNGI0ZS05YmYzLWVhNmVjZTc4YTY5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQYzANBgkqhkiG9w0BAQsFAAOCAQEAuXs4tNzKe0rFX09vDdgH4WltEGjd
7EQW7MojVpO9mXX2jspqChck2+teOtjyNShFtgpCyYC270djeOGqVp/fzD1HWkIX
Fk7atiefKbaQt26r3tcnUzcwNVbpxIaNfA5Z8sChfK77kzPxuKpGQImVTaLQghFJ
jcHF6dIC5J1M4L/vKVKCmUSu/udgEYmBlxlNTuZEae8T697AbpBDYbD8PZMX/mDA
kSBitGrNJeNZ41CbZ3gtyswClGzI3nSNS4I/r2tseyNgjXXpDInlY8xIZSiqr58x
Ctd0N5TH6cPpVBV1OHwcUy8jmmn8GXPx1FG/H1vA9h1mC8gfhK9SOT+x8Q==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:39:48 2025 by rpki-client