Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3622ccb2-5aec-414a-96ab-d18c952a9a01.roa
File: 3622ccb2-5aec-414a-96ab-d18c952a9a01.roa (raw, json)
Hash identifier: vp0QxZJ9H4c6/vZy+u5zCTzhjmnS+0aN17JS65i+hGw=
Subject key identifier: 89:B0:B8:53:04:E7:A1:DD:CA:CC:F9:F1:A5:95:FD:68:D4:FC:B2:30
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5F5CC529095702CA20BDD0D22C57EBF0BB05EAEA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3622ccb2-5aec-414a-96ab-d18c952a9a01.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 155.50.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:5c:c5:29:09:57:02:ca:20:bd:d0:d2:2c:57:eb:f0:bb:05:ea:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=dc837b1387e077aef254d1c83820618d8c3c5286ed329327a872be3f8d0a6cb6, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:39:6a:e9:f2:49:0f:75:3c:c9:a3:69:13:34:
4c:dd:13:59:80:0b:12:d0:4d:ae:b8:f1:44:fe:4e:
e6:16:c9:67:fd:00:08:7e:cb:c3:d4:93:51:e1:1b:
92:db:0a:74:1a:d0:c9:c9:60:eb:3d:14:a3:f2:b0:
24:87:93:0d:83:36:2f:ee:f9:ee:be:35:7d:5e:59:
68:d8:2a:0f:bb:d6:bd:ff:5a:b5:3f:0a:b7:51:cd:
4b:79:4d:25:4d:f2:a1:7e:d8:4a:4d:af:d6:e8:de:
53:1f:ef:e1:20:be:9f:7f:f4:ba:e2:8c:5a:21:e2:
24:df:75:bd:82:79:97:82:79:05:bc:b4:cf:4c:2f:
61:d4:00:e6:88:a8:6d:f9:51:e9:f8:2c:f3:68:e1:
4b:2d:f6:73:8e:1e:06:b5:bd:77:ea:91:c4:7b:7b:
3e:1d:45:89:49:82:c3:ed:19:90:a0:74:f6:82:b1:
aa:b5:18:ed:9c:22:72:41:41:ad:60:97:07:b8:94:
16:ca:71:a2:1a:06:32:9a:75:b7:42:80:93:64:8e:
39:b6:a8:f0:63:28:39:ad:ed:82:50:c1:b7:61:cc:
e0:9d:29:6d:82:a0:c7:7a:bb:90:be:24:2f:ba:8e:
f5:2d:10:b3:56:f9:45:02:39:a1:e1:df:11:bf:75:
91:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B0:B8:53:04:E7:A1:DD:CA:CC:F9:F1:A5:95:FD:68:D4:FC:B2:30
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3622ccb2-5aec-414a-96ab-d18c952a9a01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.50.128.0/17
Signature Algorithm: sha256WithRSAEncryption
68:01:8f:59:93:3a:e2:00:f1:0b:85:01:a2:da:6b:d1:9e:c4:
57:ee:82:42:48:e8:c7:e4:27:46:16:d9:1d:40:5b:98:fc:02:
81:5d:38:9c:f3:90:d9:83:76:6e:1b:7c:65:1f:0f:a2:84:39:
cc:90:31:6e:cc:06:5f:1b:d2:1c:d2:13:2e:4c:a8:9c:82:a5:
f0:4a:fa:3d:f0:f1:26:5a:34:e1:74:d7:a5:b1:ed:d9:a7:92:
0c:57:a3:a9:b4:f1:1f:97:82:eb:71:a8:9d:52:06:9f:37:b4:
ce:4e:1c:99:6e:79:18:c6:83:39:9b:8b:88:06:83:ed:36:34:
02:8e:9f:ab:1b:5c:58:24:c7:46:3b:71:7f:ad:f1:4e:5b:3c:
22:2d:23:cf:b1:72:83:7d:9f:5c:2e:73:13:71:53:14:3d:36:
50:cb:47:7f:08:81:7b:42:e7:6b:fb:38:8d:52:03:49:58:45:
14:f1:48:be:6c:13:5b:b3:4c:36:ef:a0:fc:29:8e:5d:de:42:
97:ea:a6:9b:75:cd:66:0e:79:68:87:1a:e7:74:97:e3:8f:11:
ea:19:d6:f8:66:a6:81:33:e9:86:ac:74:fa:40:01:19:33:9e:
bf:e7:08:44:f2:3a:84:38:c9:3e:f8:35:ed:2e:b2:6e:e8:55:
35:eb:0a:80
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUX1zFKQlXAsogvdDSLFfr8LsF6uowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzgzN2IxMzg3ZTA3N2FlZjI1NGQxYzgzODIwNjE4ZDhj
M2M1Mjg2ZWQzMjkzMjdhODcyYmUzZjhkMGE2Y2I2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCROWrp8kkPdTzJo2kTNEzdE1mACxLQTa648UT+TuYWyWf9
AAh+y8PUk1HhG5LbCnQa0MnJYOs9FKPysCSHkw2DNi/u+e6+NX1eWWjYKg+71r3/
WrU/CrdRzUt5TSVN8qF+2EpNr9bo3lMf7+Egvp9/9LrijFoh4iTfdb2CeZeCeQW8
tM9ML2HUAOaIqG35Uen4LPNo4Ust9nOOHga1vXfqkcR7ez4dRYlJgsPtGZCgdPaC
saq1GO2cInJBQa1glwe4lBbKcaIaBjKadbdCgJNkjjm2qPBjKDmt7YJQwbdhzOCd
KW2CoMd6u5C+JC+6jvUtELNW+UUCOaHh3xG/dZE9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUibC4UwTnod3KzPnxpZX9aNT8sjAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM2MjJjY2IyLTVhZWMtNDE0YS05NmFiLWQxOGM5NTJhOWEwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAebMoAwDQYJKoZIhvcNAQELBQADggEBAGgBj1mTOuIA8QuFAaLaa9GexFfu
gkJI6MfkJ0YW2R1AW5j8AoFdOJzzkNmDdm4bfGUfD6KEOcyQMW7MBl8b0hzSEy5M
qJyCpfBK+j3w8SZaNOF016Wx7dmnkgxXo6m08R+XgutxqJ1SBp83tM5OHJlueRjG
gzmbi4gGg+02NAKOn6sbXFgkx0Y7cX+t8U5bPCItI8+xcoN9n1wucxNxUxQ9NlDL
R38IgXtC52v7OI1SA0lYRRTxSL5sE1uzTDbvoPwpjl3eQpfqppt1zWYOeWiHGud0
l+OPEeoZ1vhmpoEz6YasdPpAARkznr/nCETyOoQ4yT74Ne0usm7oVTXrCoA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:07:02 2025 by rpki-client