Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f8b0ea0-a883-4574-85eb-c1b4489efe73.roa
File: 2f8b0ea0-a883-4574-85eb-c1b4489efe73.roa (raw, json)
Hash identifier: VJa9v26q/oY0MUymVepXw5cC5YS1WpesSYPdPPf1E8c=
Subject key identifier: 33:E6:B8:65:C2:1F:05:CC:B6:9C:18:84:D7:32:20:5E:65:3D:87:88
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4D8E3FD900530430526FA340F803339E2B0DA917
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f8b0ea0-a883-4574-85eb-c1b4489efe73.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 16.150.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:8e:3f:d9:00:53:04:30:52:6f:a3:40:f8:03:33:9e:2b:0d:a9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:aa:3d:88:6e:56:4d:c2:95:47:9e:fd:b5:01:
99:73:7a:92:17:84:67:12:97:5b:fb:80:64:c1:6a:
92:1f:00:52:10:3e:a2:14:3f:83:05:75:09:cf:09:
4d:ca:79:06:cf:0c:ba:82:b3:c5:99:a6:c3:25:99:
63:82:6f:b5:cc:5a:27:ed:77:9c:69:fd:03:08:60:
82:2d:28:af:87:a7:5f:79:86:b0:01:ae:e1:93:17:
ae:52:18:f5:88:9e:4a:a8:85:71:4d:60:b9:d8:c7:
31:7c:3f:f3:14:3c:b3:9c:3f:cc:3a:6d:79:94:c2:
1c:3e:77:23:63:8f:61:36:14:a4:8d:b9:36:40:2f:
4d:09:f7:fb:fc:f5:31:d8:92:f5:96:be:50:d5:a0:
29:bb:c9:4c:6f:48:1c:47:e3:81:3e:81:20:7c:9f:
cd:d4:ed:93:37:3c:b0:49:b7:e2:bd:3d:72:a6:70:
de:12:ae:11:9a:93:8a:ec:9d:db:22:a7:03:5c:6b:
55:45:73:4e:37:fc:a1:88:da:0e:9a:6d:31:23:7a:
c4:e4:3e:f6:12:d5:07:97:49:dc:99:f6:d3:a9:aa:
7a:01:ff:77:05:39:8d:13:aa:21:71:4b:38:27:1c:
a4:15:bd:28:3d:b8:15:ae:e0:07:e9:aa:55:c6:e9:
74:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E6:B8:65:C2:1F:05:CC:B6:9C:18:84:D7:32:20:5E:65:3D:87:88
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f8b0ea0-a883-4574-85eb-c1b4489efe73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:bb:b3:a8:27:0c:66:5c:2a:88:6a:84:b2:dd:6c:ff:d1:8d:
ea:eb:26:11:16:c6:35:3f:81:a8:17:ec:05:a3:1b:22:fe:9a:
86:0c:46:ef:9c:92:9d:23:2d:c2:1d:52:7b:1e:c1:9f:bc:41:
a9:d0:c4:4a:86:cb:ff:eb:07:06:93:d9:df:14:63:7b:2b:4c:
3b:66:bf:da:ab:6b:7d:9e:05:64:cb:42:7c:10:3e:81:66:02:
13:51:fc:fe:01:9d:44:aa:6d:04:28:55:d2:dc:bc:95:da:2b:
5d:b5:4d:66:4c:9e:d1:d3:6d:a6:5d:ba:7e:5e:bc:69:47:70:
11:e0:11:b7:47:6c:a3:a9:83:c4:49:97:a1:b7:42:30:67:7c:
d8:95:ff:11:1f:a5:0a:80:1a:f1:69:15:ea:e8:5c:52:5b:e5:
43:af:4a:d1:3f:42:46:de:41:51:b8:bd:55:92:ab:2e:ff:26:
57:ce:78:fc:fb:82:b9:28:c6:53:04:8e:fb:6e:2c:7e:b4:d1:
28:76:d9:91:5c:fb:e1:09:4f:d3:66:a1:80:b1:a0:cf:1c:f1:
68:a8:d0:c0:fc:aa:44:ba:58:e2:12:a3:31:20:ae:a1:05:ad:
10:67:6c:c4:12:a1:e0:c3:49:f2:6a:0c:a2:fd:e2:de:ca:9f:
f2:07:45:71
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTY4/2QBTBDBSb6NA+AMznisNqRcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YjM4OTIyOTZkNzczOTNkYjFmZDYzMDdiNjRlYjYxZDU4
ZTI5ZTE2YjJhOTRhM2QxMGFhYWYyNzUxODA1YTUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDgqj2IblZNwpVHnv21AZlzepIXhGcSl1v7gGTBapIfAFIQ
PqIUP4MFdQnPCU3KeQbPDLqCs8WZpsMlmWOCb7XMWiftd5xp/QMIYIItKK+Hp195
hrABruGTF65SGPWInkqohXFNYLnYxzF8P/MUPLOcP8w6bXmUwhw+dyNjj2E2FKSN
uTZAL00J9/v89THYkvWWvlDVoCm7yUxvSBxH44E+gSB8n83U7ZM3PLBJt+K9PXKm
cN4SrhGak4rsndsipwNca1VFc043/KGI2g6abTEjesTkPvYS1QeXSdyZ9tOpqnoB
/3cFOY0TqiFxSzgnHKQVvSg9uBWu4AfpqlXG6XT9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUM+a4ZcIfBcy2nBiE1zIgXmU9h4gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmOGIwZWEwLWE4ODMtNDU3NC04NWViLWMxYjQ0ODllZmU3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQljANBgkqhkiG9w0BAQsFAAOCAQEATLuzqCcMZlwqiGqEst1s/9GN6usm
ERbGNT+BqBfsBaMbIv6ahgxG75ySnSMtwh1Sex7Bn7xBqdDESobL/+sHBpPZ3xRj
eytMO2a/2qtrfZ4FZMtCfBA+gWYCE1H8/gGdRKptBChV0ty8ldorXbVNZkye0dNt
pl26fl68aUdwEeARt0dso6mDxEmXobdCMGd82JX/ER+lCoAa8WkV6uhcUlvlQ69K
0T9CRt5BUbi9VZKrLv8mV854/PuCuSjGUwSO+24sfrTRKHbZkVz74QlP02ahgLGg
zxzxaKjQwPyqRLpY4hKjMSCuoQWtEGdsxBKh4MNJ8moMov3i3sqf8gdFcQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:46 2025 by rpki-client