Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fca880c-74a0-4d2e-8088-10db50541d59.roa
File: 2fca880c-74a0-4d2e-8088-10db50541d59.roa (raw, json)
Hash identifier: 3QyNH7ZUfFfQ68huT0Qa+cnIGlDwZ7CnsXAm14Qy1BQ=
Subject key identifier: 67:96:C2:C7:1A:02:2E:25:CD:5D:53:44:11:D7:CF:6E:FE:AD:D3:B5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 340222E501481D5B4E09C034D4CB95552FA59DDE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fca880c-74a0-4d2e-8088-10db50541d59.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 56.132.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:02:22:e5:01:48:1d:5b:4e:09:c0:34:d4:cb:95:55:2f:a5:9d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: serialNumber=8abc08297d4c9a7b32760bd3ddc851010993ccb56fb64fade43861fac32d2a76, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:89:fa:b7:ea:da:fc:4d:73:b3:1a:42:20:ac:
95:18:e8:8e:ab:4b:59:c3:a4:1e:54:19:8e:98:5e:
06:87:f5:b6:29:ca:50:ab:a9:f2:86:b2:b6:4b:c3:
8e:75:ed:26:dc:84:32:32:ae:0a:40:11:df:2d:64:
59:b5:39:0c:76:a5:e6:ff:50:4f:1d:7d:a6:55:7d:
d8:71:94:3d:86:df:19:d6:06:e3:30:a0:d4:99:7f:
ba:90:4a:d9:77:66:43:6a:ef:cb:e5:6e:68:14:aa:
fc:11:d7:80:e1:11:b4:09:28:55:b0:1d:ad:59:9e:
ac:29:e1:5c:24:5e:27:e8:4e:7c:56:58:70:b3:c7:
c8:66:80:69:0c:49:40:86:23:ba:37:e6:0c:2b:c0:
73:4f:0c:64:2f:aa:7b:76:23:74:56:d1:d6:75:99:
41:ad:90:9d:c2:af:df:c0:24:b7:58:dc:38:ea:3c:
9e:47:f5:37:d1:bf:10:d0:96:cd:8e:2c:f4:ae:c8:
02:5a:f8:ab:1f:e4:6d:4f:29:6a:56:25:fc:5d:3e:
2d:d7:41:bd:16:39:1b:f1:a7:75:56:19:c0:35:ad:
77:ab:c4:fa:da:b3:af:0e:b0:e4:51:84:e9:79:a7:
e8:fb:c7:55:21:ea:a8:58:b7:8b:5e:58:4c:83:02:
f2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:96:C2:C7:1A:02:2E:25:CD:5D:53:44:11:D7:CF:6E:FE:AD:D3:B5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fca880c-74a0-4d2e-8088-10db50541d59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.132.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d6:5e:39:db:cb:58:ad:8e:8c:ee:63:4d:16:61:55:a5:15:0c:
a4:fb:c0:bf:79:72:31:10:53:18:c0:55:38:91:a9:28:de:6d:
55:04:d9:84:3f:1f:71:a2:2b:ad:a8:5c:9b:ce:68:f9:5b:c1:
c7:83:d6:e9:85:aa:2a:b6:52:97:55:8f:57:77:06:5f:88:c4:
9b:ca:ed:a1:41:01:1a:ed:a1:8a:68:a2:3c:02:4c:29:9f:e6:
b8:41:a3:d5:3f:32:ed:9c:15:f0:b6:b4:b2:5c:e8:6e:25:0f:
bb:14:92:ea:0a:2a:0e:6d:80:36:af:7f:a7:2a:d7:3e:64:b8:
5c:7a:c9:09:83:b3:da:15:a9:af:7b:c8:7f:a4:90:7d:ec:c3:
95:ce:11:bf:3b:52:0c:44:73:c3:90:9e:9d:f2:a0:53:a6:2c:
cb:8a:14:73:66:71:3c:85:e9:2b:5e:87:1a:9f:76:10:b0:b7:
1b:41:ca:ee:b7:c1:fd:62:1c:82:80:b9:12:1f:17:fc:5e:7d:
20:fb:92:61:8f:87:2d:02:23:8d:e2:53:c4:5b:d4:a5:f6:c0:
67:34:b3:6f:24:d2:00:26:80:9c:a8:e5:04:79:23:a4:49:38:
9e:13:d4:90:15:48:29:28:70:2a:5f:be:fd:0c:39:e1:92:ae:
21:73:8c:55
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNAIi5QFIHVtOCcA01MuVVS+lnd4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAxMDAwMDAwWhcNMjUwMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YWJjMDgyOTdkNGM5YTdiMzI3NjBiZDNkZGM4NTEwMTA5
OTNjY2I1NmZiNjRmYWRlNDM4NjFmYWMzMmQyYTc2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEifq36tr8TXOzGkIgrJUY6I6rS1nDpB5UGY6YXgaH9bYp
ylCrqfKGsrZLw4517SbchDIyrgpAEd8tZFm1OQx2peb/UE8dfaZVfdhxlD2G3xnW
BuMwoNSZf7qQStl3ZkNq78vlbmgUqvwR14DhEbQJKFWwHa1Znqwp4VwkXifoTnxW
WHCzx8hmgGkMSUCGI7o35gwrwHNPDGQvqnt2I3RW0dZ1mUGtkJ3Cr9/AJLdY3Djq
PJ5H9TfRvxDQls2OLPSuyAJa+Ksf5G1PKWpWJfxdPi3XQb0WORvxp3VWGcA1rXer
xPras68OsORRhOl5p+j7x1Uh6qhYt4teWEyDAvIDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZ5bCxxoCLiXNXVNEEdfPbv6t07UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmY2E4ODBjLTc0YTAtNGQyZS04MDg4LTEwZGI1MDU0MWQ1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4hDANBgkqhkiG9w0BAQsFAAOCAQEA1l4528tYrY6M7mNNFmFVpRUMpPvA
v3lyMRBTGMBVOJGpKN5tVQTZhD8fcaIrrahcm85o+VvBx4PW6YWqKrZSl1WPV3cG
X4jEm8rtoUEBGu2himiiPAJMKZ/muEGj1T8y7ZwV8La0slzobiUPuxSS6goqDm2A
Nq9/pyrXPmS4XHrJCYOz2hWpr3vIf6SQfezDlc4RvztSDERzw5CenfKgU6Ysy4oU
c2ZxPIXpK16HGp92ELC3G0HK7rfB/WIcgoC5Eh8X/F59IPuSYY+HLQIjjeJTxFvU
pfbAZzSzbyTSACaAnKjlBHkjpEk4nhPUkBVIKShwKl++/Qw54ZKuIXOMVQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:06:03 2025 by rpki-client