Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39d206d6-b04c-4933-8c4b-f295bc616b50.roa
File: 39d206d6-b04c-4933-8c4b-f295bc616b50.roa (raw, json)
Hash identifier: udqmgPI7BMulEaDWlI4VCP41evxakC6uQDytGNxizzY=
Subject key identifier: 82:87:6F:5D:4F:FF:0C:4F:0A:B7:31:86:E0:52:6A:82:EA:BA:30:83
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5FC68BCE25886472A0952FF864A86DEDC0E1399D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39d206d6-b04c-4933-8c4b-f295bc616b50.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f60:2080::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c6:8b:ce:25:88:64:72:a0:95:2f:f8:64:a8:6d:ed:c0:e1:39:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=2bc533900ad47b3b5ed2d06122c581e2d434029166516b6e427e68a22dab0ba3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b0:e7:52:11:c9:05:ca:28:b1:97:c2:03:f6:
9e:96:15:bc:97:36:30:82:3a:a2:fa:47:72:29:bc:
3d:6a:c4:c9:37:4b:84:c8:d7:fb:b3:9a:b6:bf:ac:
30:bd:2e:ea:55:cc:2f:3f:91:58:5e:58:a0:a6:ab:
c8:03:ce:97:8a:7f:c5:be:39:f7:2c:63:49:9c:59:
20:8b:31:02:f2:16:c1:f5:c4:55:ec:95:9e:6e:5a:
94:93:41:64:44:43:d5:bf:ee:4f:5c:48:fa:dd:d7:
56:07:b0:ff:6c:7b:d2:9b:a2:3a:1b:d5:4d:90:18:
09:de:e7:92:f8:64:b0:61:6a:f1:f9:0f:a9:36:ba:
9b:7e:ed:56:42:e4:70:7c:ae:a5:67:69:35:9f:4e:
34:e4:b4:85:98:ce:da:20:25:2f:7b:63:85:16:01:
8e:b6:a3:09:2c:cb:01:16:37:17:7d:5c:33:46:73:
96:89:1f:a7:12:fc:4a:2c:61:04:4a:75:36:81:58:
95:38:8f:60:7a:81:8c:95:12:1a:9d:21:9a:91:7e:
47:c9:29:50:32:13:1b:3d:c5:c8:f0:36:27:9f:e7:
b4:00:a4:ed:fa:83:96:48:6e:7a:74:60:ae:cb:b6:
fb:be:ab:77:e3:65:bf:10:a9:64:99:25:71:9d:0b:
e1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:87:6F:5D:4F:FF:0C:4F:0A:B7:31:86:E0:52:6A:82:EA:BA:30:83
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39d206d6-b04c-4933-8c4b-f295bc616b50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f60:2080::/46
Signature Algorithm: sha256WithRSAEncryption
43:bc:07:74:8b:ac:15:9c:fb:53:10:0d:a0:e5:57:66:55:15:
18:20:e6:b6:a7:7a:08:01:15:04:7a:14:ea:8e:60:8f:5b:bb:
38:4e:d0:82:77:ae:7d:1e:84:13:aa:6f:3f:c7:3b:89:9f:1a:
da:9f:39:34:50:e4:64:30:25:8b:d4:28:08:96:b4:f4:1f:89:
9f:f4:4c:24:20:48:97:0e:70:fd:22:4a:c1:da:9f:60:b5:39:
19:02:40:aa:54:91:c2:03:a7:f5:c4:1d:67:83:a3:3e:9d:b8:
17:9e:07:75:5a:c4:3b:8c:3a:37:47:9a:e6:8c:d0:fd:06:85:
f8:13:21:e4:d8:ee:f9:28:f3:85:f8:2c:6c:91:ee:bc:c3:42:
4c:e5:f8:9a:a7:d9:49:12:60:a3:26:81:1d:bb:de:da:65:15:
93:30:eb:4e:1a:e8:5a:39:b3:a4:8d:5e:f2:54:13:d0:f5:09:
9e:af:74:be:4a:77:53:76:7b:2f:c6:70:14:9a:c7:93:66:a3:
c4:c7:27:a8:e7:95:79:61:33:11:25:06:60:ff:e3:f2:f6:e3:
65:55:ae:6b:2e:c6:5a:65:50:ad:78:28:c4:ba:00:a7:c4:c1:
7c:3b:cf:40:1e:a4:74:12:c4:41:e0:7a:a9:b7:37:38:b0:f8:
bf:73:8c:1e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUX8aLziWIZHKglS/4ZKht7cDhOZ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYmM1MzM5MDBhZDQ3YjNiNWVkMmQwNjEyMmM1ODFlMmQ0
MzQwMjkxNjY1MTZiNmU0MjdlNjhhMjJkYWIwYmEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClsOdSEckFyiixl8ID9p6WFbyXNjCCOqL6R3IpvD1qxMk3
S4TI1/uzmra/rDC9LupVzC8/kVheWKCmq8gDzpeKf8W+OfcsY0mcWSCLMQLyFsH1
xFXslZ5uWpSTQWREQ9W/7k9cSPrd11YHsP9se9Kbojob1U2QGAne55L4ZLBhavH5
D6k2upt+7VZC5HB8rqVnaTWfTjTktIWYztogJS97Y4UWAY62owksywEWNxd9XDNG
c5aJH6cS/EosYQRKdTaBWJU4j2B6gYyVEhqdIZqRfkfJKVAyExs9xcjwNief57QA
pO36g5ZIbnp0YK7Ltvu+q3fjZb8QqWSZJXGdC+HRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUgodvXU//DE8KtzGG4FJqguq6MIMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM5ZDIwNmQ2LWIwNGMtNDkzMy04YzRiLWYyOTViYzYxNmI1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9gIIAwDQYJKoZIhvcNAQELBQADggEBAEO8B3SLrBWc+1MQDaDlV2ZV
FRgg5raneggBFQR6FOqOYI9buzhO0IJ3rn0ehBOqbz/HO4mfGtqfOTRQ5GQwJYvU
KAiWtPQfiZ/0TCQgSJcOcP0iSsHan2C1ORkCQKpUkcIDp/XEHWeDoz6duBeeB3Va
xDuMOjdHmuaM0P0GhfgTIeTY7vko84X4LGyR7rzDQkzl+Jqn2UkSYKMmgR273tpl
FZMw604a6Fo5s6SNXvJUE9D1CZ6vdL5Kd1N2ey/GcBSax5Nmo8THJ6jnlXlhMxEl
BmD/4/L242VVrmsuxlplUK14KMS6AKfEwXw7z0AepHQSxEHgeqm3Nziw+L9zjB4=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:52:25 2025 by rpki-client