Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27bfb84a-0f3e-46f4-b13e-66c416dc239c.roa
File: 27bfb84a-0f3e-46f4-b13e-66c416dc239c.roa (raw, json)
Hash identifier: G+uozmL3EyPexc1gRdkpgbOsywMf1SpQTn8xX8flkqg=
Subject key identifier: D0:4F:CD:4E:E5:E0:4F:74:42:3B:15:06:49:22:FE:1F:58:30:4A:E3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 730B0B3A869CD9C5C8622BB912145505E483E7DA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27bfb84a-0f3e-46f4-b13e-66c416dc239c.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 134.31.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:0b:0b:3a:86:9c:d9:c5:c8:62:2b:b9:12:14:55:05:e4:83:e7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: serialNumber=508a4559822983e02b80807bf548b34bba256a5390188415b15692e44b5a4fc3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5e:36:31:36:96:2c:63:d2:85:81:0a:e1:18:
3f:21:3e:7c:df:dd:f0:82:2a:34:af:35:41:1d:e3:
0a:5c:a7:03:27:39:57:c8:29:65:88:05:42:ea:14:
6a:16:42:c7:f2:02:51:d8:21:2d:63:50:d1:0b:93:
a8:29:63:ff:b3:a5:56:65:56:b9:ad:30:44:11:44:
87:60:04:51:b2:8c:53:96:b8:58:cf:7d:07:35:75:
f5:57:11:d4:5e:39:2d:10:40:a0:3f:0e:e3:57:ea:
1e:ad:b0:4f:69:20:bd:89:ff:05:38:3a:ff:59:a4:
33:b1:61:7d:23:ef:43:8a:ff:33:42:15:8d:ac:ce:
2e:5a:27:7d:76:7c:9b:1c:18:af:8d:82:f1:65:24:
03:76:d7:76:07:c3:e9:a1:0a:f8:c5:a3:9f:e0:e6:
64:10:fb:fa:6b:87:1a:0b:0d:e0:f7:f9:04:9a:ea:
cb:ce:b7:e8:6b:10:ed:85:fe:b9:4c:cf:ae:79:f1:
26:b9:33:0d:c3:e0:38:62:8d:13:cb:c3:b4:17:30:
2b:c5:aa:b8:4b:6c:d7:9c:bc:43:e8:17:5e:08:c9:
bd:52:8e:75:4e:c2:5c:04:15:5c:58:dd:96:ae:90:
7d:a5:bd:85:8e:13:98:9c:86:a9:6d:93:96:f3:c3:
a0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4F:CD:4E:E5:E0:4F:74:42:3B:15:06:49:22:FE:1F:58:30:4A:E3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27bfb84a-0f3e-46f4-b13e-66c416dc239c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.31.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:e2:bf:c5:3e:bd:6e:96:77:e8:cc:30:13:95:e2:cb:0b:ab:
34:5b:b9:92:fd:76:77:dc:98:63:ee:20:03:fe:4c:68:7f:89:
f7:08:e7:33:55:49:ab:be:64:98:47:47:b4:87:cb:72:9e:ee:
ec:d8:96:6a:3a:1c:fe:cf:93:73:cd:a0:54:2e:bc:ed:c4:32:
3c:6a:dc:06:9a:c9:a8:81:a3:53:8c:a2:af:dd:6e:87:b7:2d:
a8:05:6f:83:cf:21:c3:37:4a:ae:62:06:41:b4:12:3b:26:b5:
7b:61:45:be:5f:3e:23:ec:6f:d2:f0:6a:87:da:ea:4c:cf:1c:
ae:08:a7:0a:6d:a0:3e:25:a5:bb:8c:9f:0e:4b:10:4f:60:22:
06:9e:62:38:c4:55:5e:0e:1c:9b:52:e8:68:9a:e9:f5:fd:77:
15:76:3b:7a:6a:fa:80:47:8c:49:23:24:4a:35:e6:aa:5c:7e:
da:cd:d2:c1:e8:07:e8:2a:6c:9b:64:84:ca:33:71:10:a7:95:
1f:52:83:00:3b:1a:1b:69:0d:c9:7f:2b:57:a2:53:68:7b:d8:
ce:bc:be:a2:18:f6:83:59:0c:a0:11:ef:25:f6:c2:35:de:2f:
a7:ff:cb:5b:bd:b3:58:bd:76:41:07:f1:53:87:65:e1:84:bc:
3f:f9:35:71
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcwsLOoac2cXIYiu5EhRVBeSD59owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI1MDAwMDAwWhcNMjUwMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDhhNDU1OTgyMjk4M2UwMmI4MDgwN2JmNTQ4YjM0YmJh
MjU2YTUzOTAxODg0MTViMTU2OTJlNDRiNWE0ZmMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbXjYxNpYsY9KFgQrhGD8hPnzf3fCCKjSvNUEd4wpcpwMn
OVfIKWWIBULqFGoWQsfyAlHYIS1jUNELk6gpY/+zpVZlVrmtMEQRRIdgBFGyjFOW
uFjPfQc1dfVXEdReOS0QQKA/DuNX6h6tsE9pIL2J/wU4Ov9ZpDOxYX0j70OK/zNC
FY2szi5aJ312fJscGK+NgvFlJAN213YHw+mhCvjFo5/g5mQQ+/prhxoLDeD3+QSa
6svOt+hrEO2F/rlMz6558Sa5Mw3D4DhijRPLw7QXMCvFqrhLbNecvEPoF14Iyb1S
jnVOwlwEFVxY3ZaukH2lvYWOE5ichqltk5bzw6CPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0E/NTuXgT3RCOxUGSSL+H1gwSuMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI3YmZiODRhLTBmM2UtNDZmNC1iMTNlLTY2YzQxNmRjMjM5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCGHzANBgkqhkiG9w0BAQsFAAOCAQEAbOK/xT69bpZ36MwwE5XiywurNFu5
kv12d9yYY+4gA/5MaH+J9wjnM1VJq75kmEdHtIfLcp7u7NiWajoc/s+Tc82gVC68
7cQyPGrcBprJqIGjU4yir91uh7ctqAVvg88hwzdKrmIGQbQSOya1e2FFvl8+I+xv
0vBqh9rqTM8crginCm2gPiWlu4yfDksQT2AiBp5iOMRVXg4cm1LoaJrp9f13FXY7
emr6gEeMSSMkSjXmqlx+2s3SwegH6Cpsm2SEyjNxEKeVH1KDADsaG2kNyX8rV6JT
aHvYzry+ohj2g1kMoBHvJfbCNd4vp//LW72zWL12QQfxU4dl4YS8P/k1cQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:48:51 2025 by rpki-client