Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42c9fccb-54d8-48f0-bdc7-b6d72acfb292.roa
File: 42c9fccb-54d8-48f0-bdc7-b6d72acfb292.roa (raw, json)
Hash identifier: CJgxr97pTA9idk4D0/HPuZRiVMNW1ugHvzOwSWF7olY=
Subject key identifier: EB:FC:1A:A4:3F:72:AD:F3:1A:E1:70:7A:02:3C:B5:51:D8:78:4F:82
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 25D7C7B9D43340EA27BE35652D18F8552ACAAFAA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42c9fccb-54d8-48f0-bdc7-b6d72acfb292.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 155.193.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d7:c7:b9:d4:33:40:ea:27:be:35:65:2d:18:f8:55:2a:ca:af:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=8edab3c0e09de367e13c85dde6186d8a0918fca75fac0cd4791c10a4f0260d14, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b8:2f:b7:d1:31:77:ff:29:25:a0:8b:04:69:
5e:c3:ed:32:6c:f4:12:6a:4e:20:41:18:c5:c1:0f:
eb:a7:14:20:85:d6:30:b0:8b:0a:0c:36:a2:f5:14:
71:7b:81:08:75:fa:aa:e3:7e:d5:30:42:a6:fe:22:
73:c2:a1:c7:44:d4:f2:8f:9d:34:70:3c:41:34:9d:
07:2e:93:6a:ea:3a:a2:dc:a6:0d:15:b4:b4:1e:2c:
e4:2c:c4:0e:8d:ac:c8:f8:23:d2:5c:98:5f:bd:1d:
74:e2:71:d4:ff:e3:ad:f9:e4:95:08:2e:e5:ed:3d:
4b:3c:be:2d:a9:66:e5:10:d9:19:c0:f3:ac:14:bc:
da:5a:32:66:7b:04:df:86:69:53:19:7c:d6:f2:c0:
c1:f7:0d:04:07:df:88:34:cf:b3:8e:14:7b:f9:29:
23:42:7b:40:af:ba:14:13:cd:f2:35:54:b4:38:fd:
49:a0:8c:c4:05:64:9e:f8:e9:44:8e:88:08:55:54:
3a:34:15:82:fa:e5:3d:0a:bd:10:4d:19:28:06:ce:
da:9a:b6:a8:6c:3b:67:c1:e6:1b:bb:d1:4a:0c:23:
f3:be:ed:fc:a5:e5:48:32:4d:c4:3e:8d:3d:15:4a:
7c:40:e1:25:d3:19:3a:fa:aa:ca:cd:67:79:20:27:
30:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:FC:1A:A4:3F:72:AD:F3:1A:E1:70:7A:02:3C:B5:51:D8:78:4F:82
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42c9fccb-54d8-48f0-bdc7-b6d72acfb292.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:f5:9e:b6:67:b0:1d:8f:43:99:f4:b1:c9:cb:7c:1c:52:3b:
d6:9b:68:8a:73:0c:1c:fe:d6:f9:72:ca:aa:d3:f5:d7:15:f2:
bc:50:29:a2:1a:86:2d:79:44:08:3e:36:e3:82:f1:4e:44:96:
b3:8e:fe:56:35:d2:75:13:11:d3:64:21:af:43:4b:c7:37:58:
3c:ce:77:89:bf:27:10:03:47:1b:51:63:85:9e:f2:4a:f3:74:
c0:39:51:0e:6d:ef:88:b9:49:7b:74:29:81:58:e5:63:e6:41:
85:6a:ca:1d:25:f9:f9:96:5e:23:e7:8c:92:db:3c:78:41:71:
0a:47:1c:09:82:8c:d5:65:b5:f5:d8:99:09:c6:ff:f7:da:f9:
c0:9f:ef:6d:de:a4:4c:3d:2f:85:ff:92:1c:3b:6b:44:a1:ac:
9e:43:80:49:0a:f9:14:9c:ad:ee:0e:bb:a3:66:f5:bd:fb:02:
4c:ec:38:02:d7:f7:aa:bc:fc:6f:a1:3c:7d:31:b3:f5:e0:d2:
b3:2b:28:b3:50:04:c1:83:a7:bd:2f:b8:5f:ae:48:2a:d8:09:
02:5d:b4:4e:08:28:40:e2:bb:f3:b9:d4:72:f4:fc:42:a9:f0:
cd:d2:0f:50:72:9f:c0:39:a1:77:0f:00:17:63:2f:02:75:5e:
08:28:4d:0e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJdfHudQzQOonvjVlLRj4VSrKr6owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZWRhYjNjMGUwOWRlMzY3ZTEzYzg1ZGRlNjE4NmQ4YTA5
MThmY2E3NWZhYzBjZDQ3OTFjMTBhNGYwMjYwZDE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzuC+30TF3/ykloIsEaV7D7TJs9BJqTiBBGMXBD+unFCCF
1jCwiwoMNqL1FHF7gQh1+qrjftUwQqb+InPCocdE1PKPnTRwPEE0nQcuk2rqOqLc
pg0VtLQeLOQsxA6NrMj4I9JcmF+9HXTicdT/46355JUILuXtPUs8vi2pZuUQ2RnA
86wUvNpaMmZ7BN+GaVMZfNbywMH3DQQH34g0z7OOFHv5KSNCe0CvuhQTzfI1VLQ4
/UmgjMQFZJ746USOiAhVVDo0FYL65T0KvRBNGSgGztqatqhsO2fB5hu70UoMI/O+
7fyl5UgyTcQ+jT0VSnxA4SXTGTr6qsrNZ3kgJzClAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6/wapD9yrfMa4XB6Ajy1Udh4T4IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQyYzlmY2NiLTU0ZDgtNDhmMC1iZGM3LWI2ZDcyYWNmYjI5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCbwTANBgkqhkiG9w0BAQsFAAOCAQEAW/WetmewHY9DmfSxyct8HFI71pto
inMMHP7W+XLKqtP11xXyvFApohqGLXlECD4244LxTkSWs47+VjXSdRMR02Qhr0NL
xzdYPM53ib8nEANHG1FjhZ7ySvN0wDlRDm3viLlJe3QpgVjlY+ZBhWrKHSX5+ZZe
I+eMkts8eEFxCkccCYKM1WW19diZCcb/99r5wJ/vbd6kTD0vhf+SHDtrRKGsnkOA
SQr5FJyt7g67o2b1vfsCTOw4Atf3qrz8b6E8fTGz9eDSsysos1AEwYOnvS+4X65I
KtgJAl20TggoQOK787nUcvT8QqnwzdIPUHKfwDmhdw8AF2MvAnVeCChNDg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:34 2025 by rpki-client