Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40cf659f-a858-44f4-85f3-fda1321f323e.roa
File: 40cf659f-a858-44f4-85f3-fda1321f323e.roa (raw, json)
Hash identifier: uu8+MRbuo4NkcSHbLzqM+jgaApmKQ9Zh3kUYPKREOX8=
Subject key identifier: 1B:09:E9:9A:EC:2C:25:4C:F3:5C:52:7A:DB:96:59:72:47:1A:6E:E3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 589A4F8700CFB35E023CFE91BA02E80A2D19E1B5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40cf659f-a858-44f4-85f3-fda1321f323e.roa
Signing time: Fri 07 Feb 2025 00:00:00 +0000
ROA not before: Fri 07 Feb 2025 00:00:00 +0000
ROA not after: Fri 14 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 5.60.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:9a:4f:87:00:cf:b3:5e:02:3c:fe:91:ba:02:e8:0a:2d:19:e1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Feb 7 00:00:00 2025 GMT
Not After : Mar 14 23:59:59 2025 GMT
Subject: serialNumber=cb74fc62253e2cf9474f201b9361e211475ea4b2135c445dfe6d3168fa1f6599, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:55:b2:d1:de:6e:4d:7f:ed:c0:ab:97:b9:fa:
80:d6:9a:6d:13:ce:6b:5d:6d:1b:2b:97:97:2b:3f:
17:ff:d7:7d:75:fa:ee:e8:1e:b1:5c:82:9e:b7:4c:
06:e3:f3:96:81:2a:43:6c:f8:34:74:23:0a:67:ab:
1c:6a:6b:d6:02:b9:ab:80:96:ae:d6:ec:21:18:73:
5f:85:fe:e2:fa:81:aa:32:5d:aa:e6:36:4a:8b:3f:
39:06:23:6f:88:a1:87:0d:d8:ae:1b:95:a8:39:e2:
4c:a1:4e:7f:dc:f3:5e:f3:36:b2:2d:db:79:9b:12:
02:45:e5:f4:81:82:d2:b5:d6:a0:ae:01:de:f4:72:
35:ea:45:65:2f:93:9f:4f:6e:9b:df:c7:1b:ba:8f:
e4:8b:b2:0d:33:34:ec:3a:2b:06:60:b0:b0:03:db:
bc:dc:c8:01:82:ef:c4:8a:bc:72:dc:4c:d8:3e:59:
c9:09:b4:93:4a:08:dc:27:b6:b3:b6:73:0d:1b:aa:
a3:7f:8e:6c:56:bc:43:99:6b:87:43:e0:c5:d7:9c:
63:af:0c:99:f5:4f:b1:0a:9a:68:b9:83:53:42:a8:
45:36:c6:7a:b7:07:88:29:ca:01:bc:ca:a2:1d:50:
cb:2a:9b:2a:ea:28:c2:74:1c:1f:01:77:a6:6e:aa:
a7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:09:E9:9A:EC:2C:25:4C:F3:5C:52:7A:DB:96:59:72:47:1A:6E:E3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40cf659f-a858-44f4-85f3-fda1321f323e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.120.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:73:04:8b:23:90:48:03:d5:ce:b2:7b:7b:28:47:a9:17:83:
a7:54:d1:44:d9:7f:34:8a:5d:62:0d:d0:35:d4:4f:d9:68:45:
cb:63:e4:bc:58:e5:a8:6b:66:5b:0e:c2:0b:d2:2c:21:b4:eb:
77:0e:6a:4c:2b:c6:46:18:b9:1f:1a:79:e2:5c:75:bc:c4:50:
e3:89:35:4f:ca:4f:53:15:6f:80:51:74:15:bc:78:bc:8e:6b:
04:46:48:3c:e0:1b:8d:0d:2f:f5:90:f6:b9:61:6a:62:ab:77:
02:40:70:a0:c7:b6:4a:f0:d7:1d:76:04:9d:32:c3:d1:30:c1:
c3:47:f3:1c:65:91:38:47:0b:eb:30:02:a3:f3:e5:a3:42:cf:
84:ba:0f:d0:d6:bc:cb:4b:fd:83:51:5e:90:ab:eb:5e:ad:b3:
27:19:69:68:99:cf:00:4b:7a:b3:33:1d:5b:21:85:ad:6f:ba:
60:2c:60:96:8f:8f:4a:00:72:f8:13:48:81:90:3c:b8:6a:87:
eb:d9:3b:58:e8:dd:f1:02:9d:86:81:56:fb:b0:b2:8c:da:4a:
6b:f2:0c:bc:f7:59:55:b0:d9:eb:da:86:02:60:c7:21:de:a3:
52:40:e8:83:5f:32:32:c7:16:d5:2b:7a:4e:55:5e:04:94:e5:
58:e8:34:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWJpPhwDPs14CPP6RugLoCi0Z4bUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYjc0ZmM2MjI1M2UyY2Y5NDc0ZjIwMWI5MzYxZTIxMTQ3
NWVhNGIyMTM1YzQ0NWRmZTZkMzE2OGZhMWY2NTk5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvVbLR3m5Nf+3Aq5e5+oDWmm0TzmtdbRsrl5crPxf/1311
+u7oHrFcgp63TAbj85aBKkNs+DR0Iwpnqxxqa9YCuauAlq7W7CEYc1+F/uL6gaoy
XarmNkqLPzkGI2+IoYcN2K4blag54kyhTn/c817zNrIt23mbEgJF5fSBgtK11qCu
Ad70cjXqRWUvk59Pbpvfxxu6j+SLsg0zNOw6KwZgsLAD27zcyAGC78SKvHLcTNg+
WckJtJNKCNwntrO2cw0bqqN/jmxWvEOZa4dD4MXXnGOvDJn1T7EKmmi5g1NCqEU2
xnq3B4gpygG8yqIdUMsqmyrqKMJ0HB8Bd6ZuqqcLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGwnpmuwsJUzzXFJ625ZZckcabuMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQwY2Y2NTlmLWE4NTgtNDRmNC04NWYzLWZkYTEzMjFmMzIzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIFPHgwDQYJKoZIhvcNAQELBQADggEBAMNzBIsjkEgD1c6ye3soR6kXg6dU
0UTZfzSKXWIN0DXUT9loRctj5LxY5ahrZlsOwgvSLCG063cOakwrxkYYuR8aeeJc
dbzEUOOJNU/KT1MVb4BRdBW8eLyOawRGSDzgG40NL/WQ9rlhamKrdwJAcKDHtkrw
1x12BJ0yw9EwwcNH8xxlkThHC+swAqPz5aNCz4S6D9DWvMtL/YNRXpCr616tsycZ
aWiZzwBLerMzHVshha1vumAsYJaPj0oAcvgTSIGQPLhqh+vZO1jo3fECnYaBVvuw
sozaSmvyDLz3WVWw2evahgJgxyHeo1JA6INfMjLHFtUrek5VXgSU5VjoNBo=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:46:49 2025 by rpki-client