Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3694a095-b131-421a-9330-fac2c9987478.roa
File: 3694a095-b131-421a-9330-fac2c9987478.roa (raw, json)
Hash identifier: S5EzMEBRZ7y6fj1q4nKI5Ed7mE0Q0LpuxEBEmmEjPyg=
Subject key identifier: 58:09:27:65:CC:4C:AC:47:3B:AE:A9:3A:71:05:94:98:3D:06:03:67
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1D2212B248C3378AEC7C93EEA11CB7562E82E3E2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3694a095-b131-421a-9330-fac2c9987478.roa
Signing time: Mon 25 Nov 2024 00:00:00 +0000
ROA not before: Mon 25 Nov 2024 00:00:00 +0000
ROA not after: Mon 30 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 99.79.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:22:12:b2:48:c3:37:8a:ec:7c:93:ee:a1:1c:b7:56:2e:82:e3:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 25 00:00:00 2024 GMT
Not After : Dec 30 23:59:59 2024 GMT
Subject: serialNumber=6bc7580bc123d0364bc76dc989d4f2f7e7aca2726aaaf5aadd0494f5cf107d44, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:aa:13:35:cc:83:ba:d2:9c:e6:57:39:46:27:
4c:dc:a7:5c:57:1a:17:be:99:3d:d9:42:01:e5:9f:
dc:a2:08:09:45:5c:72:56:fd:78:05:2e:dc:28:19:
56:48:98:17:ed:5e:7a:a3:7d:9a:69:f7:88:fd:8c:
11:23:7b:8a:18:72:d4:5d:ee:ef:f1:82:91:47:f5:
64:3d:c7:dd:86:ab:99:ed:10:90:ce:b3:62:62:4f:
16:a1:2d:b4:69:bb:97:19:8a:42:b9:fb:af:0e:bd:
86:b5:26:95:92:13:09:6f:6c:d2:05:b0:12:92:d5:
ac:65:fe:19:94:1d:e5:82:ab:43:e3:02:6c:8f:7c:
dd:02:94:4c:35:11:f1:29:87:c6:ef:81:89:17:4d:
db:b3:1c:5d:73:cd:38:0a:6a:4a:35:7a:27:93:da:
1d:04:2a:7e:f4:52:64:f0:3e:b8:a8:a1:d0:06:2b:
8e:08:cb:91:7d:58:f1:03:98:8a:73:9a:9a:a8:71:
2b:34:a3:79:f7:35:3a:62:57:3b:73:31:10:9c:06:
26:3e:26:59:a3:04:da:8a:08:62:60:2c:56:b6:c7:
03:68:a5:f2:d5:61:07:ca:4c:65:39:77:49:b1:14:
ac:d8:e5:14:c5:3c:4f:b6:27:2c:70:a7:fc:19:a1:
97:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:09:27:65:CC:4C:AC:47:3B:AE:A9:3A:71:05:94:98:3D:06:03:67
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3694a095-b131-421a-9330-fac2c9987478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:98:d2:0b:46:9d:f0:26:37:f8:d5:d9:c9:a2:41:e4:64:24:
cf:b7:d1:31:b3:61:1e:d0:36:ea:20:81:34:50:59:7b:06:5a:
df:e8:71:bf:9a:ab:bb:84:aa:f1:da:42:1c:b7:9f:44:bd:b0:
87:83:3a:c5:4f:97:c8:4a:0b:fb:5c:05:e1:bf:45:8f:2f:ea:
4e:93:38:f9:b0:e9:d1:ca:4c:ad:6f:df:e0:21:31:cb:fd:ee:
b8:4d:18:fa:96:5b:00:45:c9:18:ef:b5:78:b1:ee:ad:7e:8b:
a1:7a:9b:99:fa:30:f4:85:dc:93:0a:ff:b2:82:92:76:36:aa:
3e:9e:8c:10:58:3b:63:f9:52:a3:bb:c9:df:02:4c:23:4a:59:
9a:ab:d6:f1:e4:28:e0:4f:c7:6d:7b:71:26:86:bc:68:a4:af:
5a:94:87:47:79:5b:c3:a0:65:b5:a2:3e:39:12:53:75:d0:54:
e3:ba:f0:a2:9e:52:47:8c:e1:d9:44:36:4a:8d:8a:e7:c5:bb:
50:e1:58:9e:cd:cb:8f:d5:ac:84:74:c4:73:d3:72:c5:f1:d4:
22:86:fa:6a:e3:69:17:ff:d4:d7:da:6b:42:02:b1:cb:d3:be:
91:3e:69:12:16:6c:9d:52:b3:85:6f:a7:b6:3a:48:2d:29:1b:
25:dd:b8:a6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHSISskjDN4rsfJPuoRy3Vi6C4+IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTI1MDAwMDAwWhcNMjQxMjMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmM3NTgwYmMxMjNkMDM2NGJjNzZkYzk4OWQ0ZjJmN2U3
YWNhMjcyNmFhYWY1YWFkZDA0OTRmNWNmMTA3ZDQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIqhM1zIO60pzmVzlGJ0zcp1xXGhe+mT3ZQgHln9yiCAlF
XHJW/XgFLtwoGVZImBftXnqjfZpp94j9jBEje4oYctRd7u/xgpFH9WQ9x92Gq5nt
EJDOs2JiTxahLbRpu5cZikK5+68OvYa1JpWSEwlvbNIFsBKS1axl/hmUHeWCq0Pj
AmyPfN0ClEw1EfEph8bvgYkXTduzHF1zzTgKako1eieT2h0EKn70UmTwPrioodAG
K44Iy5F9WPEDmIpzmpqocSs0o3n3NTpiVztzMRCcBiY+JlmjBNqKCGJgLFa2xwNo
pfLVYQfKTGU5d0mxFKzY5RTFPE+2Jyxwp/wZoZcHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWAknZcxMrEc7rqk6cQWUmD0GA2cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM2OTRhMDk1LWIxMzEtNDIxYS05MzMwLWZhYzJjOTk4NzQ3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBjTzANBgkqhkiG9w0BAQsFAAOCAQEATJjSC0ad8CY3+NXZyaJB5GQkz7fR
MbNhHtA26iCBNFBZewZa3+hxv5qru4Sq8dpCHLefRL2wh4M6xU+XyEoL+1wF4b9F
jy/qTpM4+bDp0cpMrW/f4CExy/3uuE0Y+pZbAEXJGO+1eLHurX6LoXqbmfow9IXc
kwr/soKSdjaqPp6MEFg7Y/lSo7vJ3wJMI0pZmqvW8eQo4E/HbXtxJoa8aKSvWpSH
R3lbw6BltaI+ORJTddBU47rwop5SR4zh2UQ2So2K58W7UOFYns3Lj9WshHTEc9Ny
xfHUIob6auNpF//U19prQgKxy9O+kT5pEhZsnVKzhW+ntjpILSkbJd24pg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:17:46 2025 by rpki-client