Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2cce37b2-fa68-4fd3-9bc3-efe0a16090ea.roa
File: 2cce37b2-fa68-4fd3-9bc3-efe0a16090ea.roa (raw, json)
Hash identifier: 6o+5W1g8hrFDm55Zij/StspKrRhqxSN9Z9zNe6dw7TE=
Subject key identifier: C5:D8:00:0E:BC:4B:58:64:64:41:33:8D:9B:25:30:F8:6C:64:D4:AB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 31F102953E98BB3C38194AAFB408CF6C0411F59F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2cce37b2-fa68-4fd3-9bc3-efe0a16090ea.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 56.117.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:f1:02:95:3e:98:bb:3c:38:19:4a:af:b4:08:cf:6c:04:11:f5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: serialNumber=ab3292206c304d08ff8f3d15ed5815fd959bf11f774ed3c97cba7aed98829b76, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:15:04:50:44:6d:79:4d:06:b6:35:29:17:ae:
2b:7c:b2:16:5a:5a:00:f0:d9:2f:5f:55:d5:51:3f:
75:9c:93:b3:4a:20:58:25:b9:cf:c3:21:4c:0a:f8:
26:8e:8c:82:02:c6:2b:34:b1:f0:24:78:00:50:1e:
ee:d9:3e:28:0e:76:68:32:ef:42:72:be:65:df:7b:
74:de:29:4a:32:68:05:12:7f:ac:d0:17:09:d4:e3:
5c:81:fe:38:74:fb:6e:39:a3:2b:2f:b5:39:7d:79:
ec:3c:02:3f:a6:3c:99:c0:f1:62:5d:0e:7b:df:ea:
c2:fd:47:d0:e7:4a:07:60:f7:ed:75:df:11:48:c4:
b5:1c:4e:d1:9d:f0:90:89:51:ac:3b:13:4e:73:e9:
26:50:07:9c:38:82:50:cb:91:52:ba:1d:78:bd:aa:
b6:5c:b8:02:60:2e:f8:17:71:f6:89:09:c8:86:ba:
97:c6:7e:cf:0a:79:5d:9d:7c:7d:61:c5:31:c7:1a:
d5:1f:36:9e:f9:06:85:f2:19:d3:01:02:0b:d5:8d:
54:d5:af:45:64:95:cf:d4:2d:0a:5d:3b:09:a1:90:
21:f4:f3:95:2e:24:1e:03:7e:94:be:85:9a:2e:49:
47:3a:be:e4:6f:70:4a:bb:97:19:77:3d:47:b6:eb:
9a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D8:00:0E:BC:4B:58:64:64:41:33:8D:9B:25:30:F8:6C:64:D4:AB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2cce37b2-fa68-4fd3-9bc3-efe0a16090ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:8e:46:0e:ee:cc:9f:a0:ef:64:6c:aa:ad:de:c9:06:1d:9d:
2d:8b:e2:9b:03:df:63:bf:02:3d:34:2c:ee:29:d9:04:d1:a1:
d8:ac:6c:58:27:b4:77:97:2a:b7:1c:17:35:58:8d:d1:d1:05:
6e:dc:b0:2c:c0:a9:ab:6d:4f:d2:1b:e3:e3:d9:7c:ee:ad:53:
65:69:29:13:0a:64:b2:e1:a3:0f:88:f9:4a:52:32:a8:d1:77:
e1:38:c9:4b:fa:e2:f8:a9:1a:7d:78:82:70:65:8b:2e:d4:b5:
57:d4:a9:68:70:d5:70:5b:2c:63:d5:e5:51:72:87:1b:b5:46:
56:66:06:ff:e0:20:06:26:ff:e7:9d:84:b4:32:ac:00:d7:6b:
ef:7e:dc:04:57:e4:ce:e2:f7:e1:91:d8:17:28:b3:be:53:d0:
40:05:50:a6:fc:a6:be:f5:8d:0e:05:43:73:71:a3:2a:65:09:
2a:fa:f7:0d:d3:98:28:81:35:8b:d0:19:64:f3:2e:43:ff:f1:
92:b5:e9:5c:ef:ec:37:85:19:ca:58:17:da:11:a9:c9:b5:92:
06:ca:9b:43:7a:93:ee:68:18:32:2a:4b:8c:6d:4c:80:f0:1a:
34:e2:18:75:5f:d7:59:e9:0f:d1:6a:ab:48:7a:f0:7a:76:73:
38:21:be:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMfEClT6Yuzw4GUqvtAjPbAQR9Z8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAxMDAwMDAwWhcNMjUwMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjMyOTIyMDZjMzA0ZDA4ZmY4ZjNkMTVlZDU4MTVmZDk1
OWJmMTFmNzc0ZWQzYzk3Y2JhN2FlZDk4ODI5Yjc2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgFQRQRG15TQa2NSkXrit8shZaWgDw2S9fVdVRP3Wck7NK
IFgluc/DIUwK+CaOjIICxis0sfAkeABQHu7ZPigOdmgy70JyvmXfe3TeKUoyaAUS
f6zQFwnU41yB/jh0+245oysvtTl9eew8Aj+mPJnA8WJdDnvf6sL9R9DnSgdg9+11
3xFIxLUcTtGd8JCJUaw7E05z6SZQB5w4glDLkVK6HXi9qrZcuAJgLvgXcfaJCciG
upfGfs8KeV2dfH1hxTHHGtUfNp75BoXyGdMBAgvVjVTVr0Vklc/ULQpdOwmhkCH0
85UuJB4DfpS+hZouSUc6vuRvcEq7lxl3PUe265ovAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUxdgADrxLWGRkQTONmyUw+Gxk1KswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJjY2UzN2IyLWZhNjgtNGZkMy05YmMzLWVmZTBhMTYwOTBlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4dTANBgkqhkiG9w0BAQsFAAOCAQEAdY5GDu7Mn6DvZGyqrd7JBh2dLYvi
mwPfY78CPTQs7inZBNGh2KxsWCe0d5cqtxwXNViN0dEFbtywLMCpq21P0hvj49l8
7q1TZWkpEwpksuGjD4j5SlIyqNF34TjJS/ri+KkafXiCcGWLLtS1V9SpaHDVcFss
Y9XlUXKHG7VGVmYG/+AgBib/552EtDKsANdr737cBFfkzuL34ZHYFyizvlPQQAVQ
pvymvvWNDgVDc3GjKmUJKvr3DdOYKIE1i9AZZPMuQ//xkrXpXO/sN4UZylgX2hGp
ybWSBsqbQ3qT7mgYMipLjG1MgPAaNOIYdV/XWekP0WqrSHrwenZzOCG+Hg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:30 2025 by rpki-client