Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26c99c08-48f7-4b2d-bfd6-8532096d3614.roa
File: 26c99c08-48f7-4b2d-bfd6-8532096d3614.roa (raw, json)
Hash identifier: 7Q2LAdRtKwk1w+WM4SHQkfh6gCZrb8STHSs+uw4u7ow=
Subject key identifier: F2:2C:7A:4A:94:54:77:F3:9E:D6:FC:F3:95:CA:FD:BB:55:F7:ED:A3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5274C3AAE67CA2D48521BA41E1DFC0345007C8F5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26c99c08-48f7-4b2d-bfd6-8532096d3614.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 162.213.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:74:c3:aa:e6:7c:a2:d4:85:21:ba:41:e1:df:c0:34:50:07:c8:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:a7:f7:98:65:c4:83:c3:25:0e:b9:cd:b9:
76:55:fe:59:e3:61:86:c5:14:46:b7:55:fc:b1:25:
a1:13:fc:3c:34:de:0e:7c:4b:32:0a:3d:01:fa:f0:
51:ba:29:26:b3:f9:bc:14:fa:22:99:05:13:54:7f:
9d:a8:ee:a2:67:b4:29:91:0f:ee:bf:ec:42:63:de:
f0:0e:ae:06:9d:d8:8f:15:80:06:b6:bf:21:76:27:
dd:c2:d6:93:83:6c:d6:e9:c1:ee:a7:10:19:66:6b:
df:6e:ca:b2:da:3b:53:47:a3:52:84:58:39:fc:ac:
de:f0:6f:8b:0e:a1:a6:ac:dd:bc:0d:01:09:29:ae:
55:20:1b:90:c2:dd:2a:11:03:72:77:79:47:3a:c0:
e2:94:05:94:c7:ee:b2:47:ea:0a:47:1b:57:79:16:
fb:24:33:f0:db:5a:96:0f:8d:13:cf:2b:55:c9:f1:
74:2b:c2:11:f0:3c:d6:80:68:11:59:95:9b:f8:93:
58:de:40:28:3b:91:75:6d:7a:79:81:ae:f7:e1:07:
b3:ff:48:e6:22:95:bf:b0:aa:98:34:30:1c:90:d7:
b1:11:f7:c7:05:82:9a:e6:05:1e:bb:a7:5b:e4:a7:
c6:95:75:6d:1b:9b:cf:51:07:88:42:6c:c4:f8:e2:
04:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2C:7A:4A:94:54:77:F3:9E:D6:FC:F3:95:CA:FD:BB:55:F7:ED:A3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26c99c08-48f7-4b2d-bfd6-8532096d3614.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.213.232.0/22
Signature Algorithm: sha256WithRSAEncryption
18:0f:45:22:6b:0d:48:74:78:92:e4:a4:8e:37:6b:a7:ad:ab:
f1:29:ea:ac:e7:fa:33:6f:d9:80:da:7e:55:12:69:ba:02:4f:
0e:3e:3e:ae:b0:67:bb:e4:70:0c:0c:1c:04:07:44:ce:1b:29:
45:fd:05:b7:df:b5:d5:d1:e7:c8:fe:ea:2e:ae:b8:7d:84:bb:
c8:3f:d7:b3:d0:e6:d5:08:a1:60:26:9e:24:f3:77:41:fe:ac:
50:41:d8:1c:3a:5b:01:b3:cd:38:10:7b:93:cd:90:54:37:cc:
bb:62:9a:24:36:30:a4:56:0e:f6:bc:70:c9:f0:07:4b:7a:cc:
8d:a9:33:9f:cc:54:9f:33:20:e1:b5:1c:05:49:ec:bc:29:a4:
bd:1f:82:7e:10:8d:b5:03:35:8a:97:0b:24:75:a5:ea:f2:65:
c9:ae:a7:6a:81:a8:6a:91:ad:40:a0:70:f8:8a:9d:d2:db:98:
e0:b1:34:83:3c:1a:c3:2c:51:ce:e4:f1:07:87:d8:cd:96:e1:
86:51:bf:12:64:7a:c9:38:8d:d1:b6:8e:10:80:b6:40:89:26:
03:87:f7:38:df:31:45:b4:46:87:c4:a6:51:a1:98:93:81:e4:
75:a6:46:05:57:03:57:81:0b:e9:72:f9:d8:4e:63:11:61:ef:
ea:3e:e8:d3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUnTDquZ8otSFIbpB4d/ANFAHyPUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNTVmNmU3YWY1MjYwYjNmMjI4ZGZlM2JmMjA2Yzg5NTQ3
ZjdlY2ViYWU3ZDgzMzAwODM3ZmZmYzYwMjE5MTgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2mKf3mGXEg8MlDrnNuXZV/lnjYYbFFEa3VfyxJaET/Dw0
3g58SzIKPQH68FG6KSaz+bwU+iKZBRNUf52o7qJntCmRD+6/7EJj3vAOrgad2I8V
gAa2vyF2J93C1pODbNbpwe6nEBlma99uyrLaO1NHo1KEWDn8rN7wb4sOoaas3bwN
AQkprlUgG5DC3SoRA3J3eUc6wOKUBZTH7rJH6gpHG1d5FvskM/DbWpYPjRPPK1XJ
8XQrwhHwPNaAaBFZlZv4k1jeQCg7kXVtenmBrvfhB7P/SOYilb+wqpg0MByQ17ER
98cFgprmBR67p1vkp8aVdW0bm89RB4hCbMT44gQ9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8ix6SpRUd/Oe1vzzlcr9u1X37aMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI2Yzk5YzA4LTQ4ZjctNGIyZC1iZmQ2LTg1MzIwOTZkMzYxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKi1egwDQYJKoZIhvcNAQELBQADggEBABgPRSJrDUh0eJLkpI43a6etq/Ep
6qzn+jNv2YDaflUSaboCTw4+Pq6wZ7vkcAwMHAQHRM4bKUX9BbfftdXR58j+6i6u
uH2Eu8g/17PQ5tUIoWAmniTzd0H+rFBB2Bw6WwGzzTgQe5PNkFQ3zLtimiQ2MKRW
Dva8cMnwB0t6zI2pM5/MVJ8zIOG1HAVJ7LwppL0fgn4QjbUDNYqXCyR1peryZcmu
p2qBqGqRrUCgcPiKndLbmOCxNIM8GsMsUc7k8QeH2M2W4YZRvxJkesk4jdG2jhCA
tkCJJgOH9zjfMUW0RofEplGhmJOB5HWmRgVXA1eBC+ly+dhOYxFh7+o+6NM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:07 2025 by rpki-client