Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b848658-4164-428a-8193-6b1f9a289da2.roa
File: 3b848658-4164-428a-8193-6b1f9a289da2.roa (raw, json)
Hash identifier: 4MNnRW+o39GpjV/HtsbM2ObIOsQ3+iMYypFpqPqO0a0=
Subject key identifier: D3:08:D9:72:33:59:39:D2:93:E2:75:EE:46:E4:61:A7:AD:8B:B7:B2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 34FB01FBD46CC98D3B728C06B86B5A357D1348E3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b848658-4164-428a-8193-6b1f9a289da2.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 93.77.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:fb:01:fb:d4:6c:c9:8d:3b:72:8c:06:b8:6b:5a:35:7d:13:48:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=a5a78ab09613d82699f2206af1807ab67ba0b88a2cbb8c7b773638edadc9a1c5, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ff:8c:56:2b:82:a1:be:07:bc:63:20:f6:97:
6c:8e:5d:21:ad:26:d8:b2:15:f5:14:cc:b8:a2:dc:
04:c3:cb:5a:9a:6a:4a:8e:4b:b0:32:ef:ec:c4:c0:
c9:29:f5:17:aa:2f:26:21:08:49:9d:f3:fd:50:58:
54:1f:68:7f:92:ad:63:d9:81:f6:23:e6:7a:54:37:
c9:71:b3:c3:23:bf:0e:60:49:dd:88:84:60:ef:08:
25:1f:91:d1:43:f8:0e:36:5e:38:ea:3e:d8:62:10:
95:a9:fe:a0:c4:5b:b5:c5:d4:c1:91:71:6c:73:32:
fd:40:bc:8a:a0:85:5d:c1:2f:6f:81:75:01:ae:34:
57:a7:f4:97:49:c7:69:58:42:41:6a:5c:6c:23:5f:
0f:18:d1:a6:71:65:37:67:f7:a6:0f:c7:2a:0c:93:
80:25:71:41:9e:b7:8d:67:96:d0:e7:7e:d9:95:54:
3e:9d:e6:50:83:b4:1a:89:3d:6f:d3:87:0b:ab:ca:
33:61:c7:39:f2:19:57:89:a8:78:47:ae:9a:a0:66:
ef:ba:50:1d:0b:cc:6a:9c:4f:1f:08:b7:55:b0:29:
3d:02:85:f9:ad:e4:2a:a6:29:21:96:be:6e:cc:2b:
3d:f3:cb:d8:83:58:c4:a2:7b:71:06:f9:6b:43:ca:
be:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:08:D9:72:33:59:39:D2:93:E2:75:EE:46:E4:61:A7:AD:8B:B7:B2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b848658-4164-428a-8193-6b1f9a289da2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.77.192.0/18
Signature Algorithm: sha256WithRSAEncryption
79:08:f2:3c:e1:26:26:cd:b1:98:fb:a6:73:cb:ff:93:a3:3a:
8b:32:b4:1e:1c:bb:dd:c4:98:04:12:4a:ae:67:79:2c:a1:97:
1d:4a:4d:09:0f:14:05:8d:ba:9e:2b:4d:db:9a:ff:1d:d1:d4:
d3:e5:29:f2:c4:19:ae:ef:c8:70:bb:0d:20:50:56:d7:e8:b6:
3e:de:0c:0d:60:74:1b:b3:d0:8a:fe:37:f8:5c:a4:c1:9b:f8:
6f:76:55:42:b3:98:c2:90:22:9d:f7:24:7e:52:f6:92:6d:0c:
63:bf:85:58:cc:8c:51:e1:88:6d:c9:89:11:d5:05:1d:a7:8a:
e9:24:02:46:45:2a:28:9c:3f:72:6f:01:31:21:95:14:14:27:
70:89:66:1e:ed:1e:59:5c:01:ad:32:bd:95:04:90:f5:3c:e7:
a8:52:a9:88:b4:83:b4:c8:e8:6f:d1:50:38:7c:ba:89:aa:74:
b1:12:bc:bf:b9:73:e6:4f:02:4b:92:c1:08:d0:4b:aa:84:24:
21:a6:6c:cc:9c:70:a7:2e:b9:e6:62:9c:0f:7c:0b:ec:bb:df:
19:79:46:7f:c4:cf:5c:20:fa:c6:6f:94:b5:67:d1:f4:98:82:
12:37:41:91:9a:1d:96:a6:ea:91:11:08:d1:88:27:06:ad:b4:
73:99:bf:10
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNPsB+9RsyY07cowGuGtaNX0TSOMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNWE3OGFiMDk2MTNkODI2OTlmMjIwNmFmMTgwN2FiNjdi
YTBiODhhMmNiYjhjN2I3NzM2MzhlZGFkYzlhMWM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDY/4xWK4Khvge8YyD2l2yOXSGtJtiyFfUUzLii3ATDy1qa
akqOS7Ay7+zEwMkp9ReqLyYhCEmd8/1QWFQfaH+SrWPZgfYj5npUN8lxs8Mjvw5g
Sd2IhGDvCCUfkdFD+A42XjjqPthiEJWp/qDEW7XF1MGRcWxzMv1AvIqghV3BL2+B
dQGuNFen9JdJx2lYQkFqXGwjXw8Y0aZxZTdn96YPxyoMk4AlcUGet41nltDnftmV
VD6d5lCDtBqJPW/ThwuryjNhxznyGVeJqHhHrpqgZu+6UB0LzGqcTx8It1WwKT0C
hfmt5CqmKSGWvm7MKz3zy9iDWMSie3EG+WtDyr4FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0wjZcjNZOdKT4nXuRuRhp62Lt7IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNiODQ4NjU4LTQxNjQtNDI4YS04MTkzLTZiMWY5YTI4OWRhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZdTcAwDQYJKoZIhvcNAQELBQADggEBAHkI8jzhJibNsZj7pnPL/5OjOosy
tB4cu93EmAQSSq5neSyhlx1KTQkPFAWNup4rTdua/x3R1NPlKfLEGa7vyHC7DSBQ
Vtfotj7eDA1gdBuz0Ir+N/hcpMGb+G92VUKzmMKQIp33JH5S9pJtDGO/hVjMjFHh
iG3JiRHVBR2niukkAkZFKiicP3JvATEhlRQUJ3CJZh7tHllcAa0yvZUEkPU856hS
qYi0g7TI6G/RUDh8uomqdLESvL+5c+ZPAkuSwQjQS6qEJCGmbMyccKcuueZinA98
C+y73xl5Rn/Ez1wg+sZvlLVn0fSYghI3QZGaHZam6pERCNGIJwattHOZvxA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:17:52 2025 by rpki-client