Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f168bef-d65d-49e2-a764-448342774378.roa
File: 2f168bef-d65d-49e2-a764-448342774378.roa (raw, json)
Hash identifier: gq2/tgGV6OmO8KvTWnEhePprS32clXt2KraMu3tgF5Q=
Subject key identifier: B4:1B:CB:6C:A1:8F:96:17:DC:BE:93:19:92:AA:90:FF:ED:2A:E2:81
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 17ADA393CC5F66E97E8F1A497D727F7A131B6368
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f168bef-d65d-49e2-a764-448342774378.roa
Signing time: Sat 28 Dec 2024 00:00:00 +0000
ROA not before: Sat 28 Dec 2024 00:00:00 +0000
ROA not after: Sat 01 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 151.148.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:ad:a3:93:cc:5f:66:e9:7e:8f:1a:49:7d:72:7f:7a:13:1b:63:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 28 00:00:00 2024 GMT
Not After : Feb 1 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3e:7d:82:3b:cd:49:3a:72:aa:d5:c6:9e:1d:
7d:67:07:43:53:b8:3c:34:8f:63:25:61:78:61:ea:
28:da:0e:b8:cc:7c:73:10:30:4e:df:7b:ca:2c:6a:
63:e0:ea:64:73:0e:29:a3:85:93:bf:4e:7c:3a:97:
e7:2d:c2:68:f2:b0:e8:97:58:99:fc:5d:6e:a4:3f:
78:61:b8:e5:83:76:bf:cc:e6:2d:e0:50:65:f0:7c:
02:85:44:56:4d:91:3b:33:52:2c:5b:2e:54:30:ec:
54:d9:bb:fd:c7:e8:7b:0f:ea:e2:bf:82:0b:73:d2:
8c:97:7b:ae:92:30:4e:35:50:4e:1c:6d:99:e4:0b:
12:12:18:0d:44:ad:b2:9f:6a:07:34:56:15:93:ca:
07:ec:b6:56:e2:f1:97:8d:f0:ca:4d:b6:ed:97:d5:
59:c7:03:09:49:30:d0:0e:64:f3:07:6b:8a:cc:e8:
52:43:10:74:57:9f:eb:aa:9c:a0:80:c1:0f:cd:30:
9c:9a:ed:0c:63:1c:91:04:36:35:08:0d:d3:14:91:
8c:89:47:e7:52:a6:99:bd:82:b6:84:66:24:f5:91:
66:d7:e8:89:7d:ba:cc:16:5c:44:99:5f:18:e0:69:
5a:56:b7:e5:30:ac:7d:a8:ae:b4:78:6c:e3:c7:6e:
ae:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1B:CB:6C:A1:8F:96:17:DC:BE:93:19:92:AA:90:FF:ED:2A:E2:81
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f168bef-d65d-49e2-a764-448342774378.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.148.34.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:9e:e8:ea:c1:73:49:c4:b5:7d:33:16:b8:57:81:56:89:bf:
87:b9:6f:3f:1c:4f:46:68:61:f5:48:26:a6:8c:60:de:d1:87:
73:52:40:24:7b:60:1d:97:eb:3f:8a:b4:fe:a9:6f:de:43:a4:
3d:76:f5:b4:a2:94:b7:0d:69:8d:c8:2f:38:c6:95:f1:f9:12:
aa:b9:36:06:18:b9:2d:37:f4:90:6d:07:7b:87:84:7c:26:ad:
2d:b2:5e:32:66:05:55:ce:87:09:99:fa:d2:e1:c7:87:b7:7e:
c0:4b:4d:0d:d7:6b:43:b9:81:5f:b5:9d:9c:ec:c3:7f:b1:0e:
15:be:99:ed:51:a9:d0:ed:18:a5:c1:b4:52:56:5e:fd:a3:d0:
6b:6b:90:4e:dd:c8:c1:c5:17:a7:77:dc:e5:3b:1f:86:a1:2b:
61:b3:34:06:cf:4b:50:a0:c7:7f:9b:9e:de:7e:d4:dc:ab:e3:
07:de:13:e2:f0:f6:14:32:46:f3:9d:85:e5:da:e3:31:60:4b:
4b:2a:18:99:d0:4b:41:b5:a5:76:14:b5:eb:f4:3a:67:27:5d:
7b:8e:bc:b9:fb:42:bd:91:7e:b1:f5:be:a7:2d:9e:94:1b:fc:
67:8a:01:75:cc:c8:a3:ab:71:80:2b:c0:d4:c4:de:ba:db:99:
0d:e4:92:14
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF62jk8xfZul+jxpJfXJ/ehMbY2gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI4MDAwMDAwWhcNMjUwMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmYzAyOTg0NGYzZjkyODdlYWFkYjRjYmU4OWIxNjAxNWUy
OWE1OWM0NzM0NTg4NjBhNDZkZjhiZDY1NzcxMzBhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxPn2CO81JOnKq1caeHX1nB0NTuDw0j2MlYXhh6ijaDrjM
fHMQME7fe8osamPg6mRzDimjhZO/Tnw6l+ctwmjysOiXWJn8XW6kP3hhuOWDdr/M
5i3gUGXwfAKFRFZNkTszUixbLlQw7FTZu/3H6HsP6uK/ggtz0oyXe66SME41UE4c
bZnkCxISGA1ErbKfagc0VhWTygfstlbi8ZeN8MpNtu2X1VnHAwlJMNAOZPMHa4rM
6FJDEHRXn+uqnKCAwQ/NMJya7QxjHJEENjUIDdMUkYyJR+dSppm9graEZiT1kWbX
6Il9uswWXESZXxjgaVpWt+UwrH2orrR4bOPHbq6lAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtBvLbKGPlhfcvpMZkqqQ/+0q4oEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmMTY4YmVmLWQ2NWQtNDllMi1hNzY0LTQ0ODM0Mjc3NDM3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACXlCIwDQYJKoZIhvcNAQELBQADggEBAH6e6OrBc0nEtX0zFrhXgVaJv4e5
bz8cT0ZoYfVIJqaMYN7Rh3NSQCR7YB2X6z+KtP6pb95DpD129bSilLcNaY3ILzjG
lfH5Eqq5NgYYuS039JBtB3uHhHwmrS2yXjJmBVXOhwmZ+tLhx4e3fsBLTQ3Xa0O5
gV+1nZzsw3+xDhW+me1RqdDtGKXBtFJWXv2j0GtrkE7dyMHFF6d33OU7H4ahK2Gz
NAbPS1Cgx3+bnt5+1Nyr4wfeE+Lw9hQyRvOdheXa4zFgS0sqGJnQS0G1pXYUtev0
OmcnXXuOvLn7Qr2RfrH1vqctnpQb/GeKAXXMyKOrcYArwNTE3rrbmQ3kkhQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:47 2025 by rpki-client