Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/282c8156-9284-4c57-8c12-e56f065648ae.roa
File: 282c8156-9284-4c57-8c12-e56f065648ae.roa (raw, json)
Hash identifier: j4f8/ictGXTPF76BsYdZ04JFoK0Fi/h9KIi+aozv6qU=
Subject key identifier: 5A:34:AE:5A:8B:C1:CF:D7:F5:F3:3C:24:99:FA:85:2C:A3:5B:B5:2E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 76F7556BA32AEC32CD0C60991846E9BDD0DAEFE8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/282c8156-9284-4c57-8c12-e56f065648ae.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 129.239.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:f7:55:6b:a3:2a:ec:32:cd:0c:60:99:18:46:e9:bd:d0:da:ef:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a7:fb:a7:38:f6:0d:ac:dd:70:eb:f2:6f:0b:
5c:20:f6:13:6d:68:60:3d:39:ff:08:ad:ed:06:21:
c1:1f:23:fe:fb:9d:0e:53:8a:e4:78:5d:b3:f2:0e:
bd:29:2a:98:81:54:c3:5c:2d:aa:91:74:cb:d4:3c:
f3:89:cf:40:97:cf:42:c2:33:67:f4:89:24:c5:16:
50:6b:ed:2e:60:46:6b:a5:12:34:29:c7:54:4e:9e:
88:62:65:a3:2f:c0:38:0b:37:90:90:43:e8:a0:73:
72:3b:fd:3e:9e:96:f8:d2:e0:9f:1b:30:1d:77:0f:
0a:1a:3a:cd:34:70:12:10:81:ad:85:45:f1:a0:41:
a6:45:dd:d0:68:d9:2e:96:e7:a0:89:cd:ce:62:2e:
27:bd:dc:34:b5:0c:52:5d:7b:67:a6:b4:97:a3:b0:
5b:c2:1b:64:bc:2f:bb:fa:08:b5:fd:7d:71:d2:c9:
1a:50:76:fb:c0:44:65:3b:17:da:f3:2a:63:07:04:
c4:37:40:37:58:4f:8f:a2:01:13:2a:3c:63:04:ea:
b5:a8:24:0b:8e:86:bf:a5:37:db:c7:3a:2d:a8:2f:
63:b2:3a:34:10:0d:54:7e:f0:26:f9:f8:40:30:e4:
67:78:fa:ca:e1:b2:e5:0d:e9:7b:ab:4a:94:dd:e8:
69:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:34:AE:5A:8B:C1:CF:D7:F5:F3:3C:24:99:FA:85:2C:A3:5B:B5:2E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/282c8156-9284-4c57-8c12-e56f065648ae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:66:05:f9:3a:d2:c2:d7:f8:60:80:14:b7:21:e1:79:bb:93:
a1:26:54:dc:b9:12:27:98:21:55:ba:42:a3:9c:c4:19:8a:c5:
7d:61:03:48:8a:c5:bd:af:ae:c6:d0:0f:70:cc:53:a3:fb:c1:
c4:be:7e:8c:4c:3e:41:22:bf:47:0a:5b:dd:ef:73:7a:36:46:
2a:d9:ec:6b:a3:91:a4:84:d1:59:f8:b5:ce:42:32:bd:a3:b0:
5a:8c:41:ef:9e:e4:4e:6e:78:2a:7d:e0:ae:61:7a:b5:68:d4:
c7:ac:ce:6b:84:15:28:68:b3:7f:d6:3c:ef:92:3c:c1:cf:0a:
a7:ea:75:73:c9:3f:aa:c2:bf:0d:89:6d:54:44:ba:0d:c9:d3:
8a:2e:74:fe:b9:f8:28:9b:d5:bb:2f:d7:ef:d5:da:3e:81:75:
52:75:62:49:09:45:9e:11:bc:bd:65:bd:91:02:be:1a:d4:19:
35:15:57:a2:32:b5:79:53:f5:33:fe:00:dc:3c:e8:2d:72:ac:
7b:18:ca:b6:08:53:fb:19:37:75:4a:65:a1:65:1e:ca:0b:5e:
19:5f:94:9c:10:1e:37:d9:89:59:c4:10:9c:08:db:78:4d:bb:
eb:f1:eb:c0:31:f2:04:3c:8f:8f:45:0c:4c:8b:ba:ed:b5:02:
7c:51:f8:ea
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdvdVa6Mq7DLNDGCZGEbpvdDa7+gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI1MDAwMDAwWhcNMjUwMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZjRlOWUyMWY4MmRiZTY4N2JjOWJhOTlkODU1ZTI0YTdk
ZjdkNWU0ZGJmNTU4Zjk2MzNhZDg2NTlhNTVmMzgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0p/unOPYNrN1w6/JvC1wg9hNtaGA9Of8Ire0GIcEfI/77
nQ5TiuR4XbPyDr0pKpiBVMNcLaqRdMvUPPOJz0CXz0LCM2f0iSTFFlBr7S5gRmul
EjQpx1ROnohiZaMvwDgLN5CQQ+igc3I7/T6elvjS4J8bMB13DwoaOs00cBIQga2F
RfGgQaZF3dBo2S6W56CJzc5iLie93DS1DFJde2emtJejsFvCG2S8L7v6CLX9fXHS
yRpQdvvARGU7F9rzKmMHBMQ3QDdYT4+iARMqPGME6rWoJAuOhr+lN9vHOi2oL2Oy
OjQQDVR+8Cb5+EAw5Gd4+srhsuUN6XurSpTd6Gn7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWjSuWovBz9f18zwkmfqFLKNbtS4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI4MmM4MTU2LTkyODQtNGM1Ny04YzEyLWU1NmYwNjU2NDhhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCB7zANBgkqhkiG9w0BAQsFAAOCAQEAMmYF+TrSwtf4YIAUtyHhebuToSZU
3LkSJ5ghVbpCo5zEGYrFfWEDSIrFva+uxtAPcMxTo/vBxL5+jEw+QSK/Rwpb3e9z
ejZGKtnsa6ORpITRWfi1zkIyvaOwWoxB757kTm54Kn3grmF6tWjUx6zOa4QVKGiz
f9Y875I8wc8Kp+p1c8k/qsK/DYltVES6DcnTii50/rn4KJvVuy/X79XaPoF1UnVi
SQlFnhG8vWW9kQK+GtQZNRVXojK1eVP1M/4A3DzoLXKsexjKtghT+xk3dUploWUe
ygteGV+UnBAeN9mJWcQQnAjbeE276/HrwDHyBDyPj0UMTIu67bUCfFH46g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:32 2025 by rpki-client