Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/43230e9f-e642-487b-922b-7b0fbce9ebc3.roa
File: 43230e9f-e642-487b-922b-7b0fbce9ebc3.roa (raw, json)
Hash identifier: iHuUjImPnvkAaUfPh7jIQ8jOXEpHd75wUZaEz9XhjKg=
Subject key identifier: DE:F6:82:0C:7F:2E:F8:29:D1:FE:2C:A9:42:C7:A9:F7:7E:6A:7F:82
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4EDCDA46002193E210C1D84A46B534339E7E4454
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/43230e9f-e642-487b-922b-7b0fbce9ebc3.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 64.52.112.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:dc:da:46:00:21:93:e2:10:c1:d8:4a:46:b5:34:33:9e:7e:44:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=6265a77114a8f35f5efc5c0bc2d083df6e5659eb9818e862540de9f96a8fe280, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:35:fe:58:57:da:17:65:f9:a7:34:e0:d2:9b:
c6:39:93:1f:dd:b6:94:98:69:31:0f:a1:fa:c0:af:
99:8c:f7:82:af:e6:10:59:df:d7:fa:5b:c0:6c:fd:
14:35:32:bb:3e:59:a7:4a:20:c7:83:58:05:97:68:
92:86:77:61:36:93:75:b8:55:06:70:f7:a8:27:71:
1d:be:58:76:5a:70:97:e6:3b:95:eb:bf:44:50:84:
7e:89:48:51:aa:83:33:d8:88:70:5d:59:e5:37:a8:
4a:55:da:47:2e:ae:5a:90:f1:21:f3:f4:7d:df:73:
46:75:6c:18:9b:3b:a4:a6:d3:0b:a3:95:cb:2e:a2:
70:e1:b1:c6:e6:63:13:7b:4e:24:91:6f:ac:05:06:
8b:8d:75:44:17:bd:98:26:da:d6:da:22:d0:75:6d:
99:2c:af:9b:42:7e:62:06:23:15:d9:ac:95:08:94:
3f:de:bf:80:28:43:87:23:58:b0:16:7d:2d:f1:cb:
ef:9b:ad:f0:2a:38:73:a8:01:40:cd:9a:92:cc:68:
87:e1:1b:10:1a:e6:6e:3d:ea:a5:1d:2c:4c:aa:e2:
9d:5b:c4:7e:5a:0a:f8:12:77:42:e7:06:d7:ff:9e:
94:ce:cc:94:97:fe:9a:63:a4:d3:4c:19:18:f1:28:
47:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F6:82:0C:7F:2E:F8:29:D1:FE:2C:A9:42:C7:A9:F7:7E:6A:7F:82
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/43230e9f-e642-487b-922b-7b0fbce9ebc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.52.112.0/20
Signature Algorithm: sha256WithRSAEncryption
c0:f3:f3:fe:11:f9:7c:31:59:be:90:74:2d:21:f2:7c:d1:cf:
b9:90:c6:9f:3c:4c:53:08:55:e6:7e:c7:69:be:b8:56:2c:40:
18:51:60:78:43:44:55:0e:c3:b3:d6:ab:ed:30:ad:dc:43:7b:
55:0e:21:8a:29:f6:f2:24:69:46:61:27:1f:fe:c0:fd:7e:b9:
3e:16:66:df:48:85:b2:e1:5e:21:ff:4d:c1:7a:06:8d:25:b3:
62:ac:25:6c:ce:7e:ae:3d:c4:c7:a6:f7:2d:92:f3:06:00:0d:
7b:14:fb:b3:08:89:22:ad:66:e3:93:5f:69:4a:fc:d9:e5:fb:
34:e0:10:44:47:ac:1f:a3:ae:40:3b:9f:a0:ea:8a:a2:3e:cd:
b5:11:26:fc:e8:62:6d:98:05:99:79:d4:fb:df:89:54:53:2e:
97:af:f0:c4:80:0f:ed:a7:a3:e2:e5:bb:d1:bc:0d:53:51:ca:
d7:0c:6e:1e:b0:07:9a:10:93:9e:c8:a4:b3:ab:23:6e:d0:d4:
b2:3a:7c:8d:82:60:99:be:52:4b:6e:fa:fc:99:f6:50:dd:14:
8b:b8:c8:89:4a:c3:df:b9:42:90:11:30:bf:4d:4b:82:32:19:
3c:34:49:3c:1a:ba:e4:9b:76:75:bb:79:90:2a:ab:88:aa:08:
e0:04:ef:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTtzaRgAhk+IQwdhKRrU0M55+RFQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MjY1YTc3MTE0YThmMzVmNWVmYzVjMGJjMmQwODNkZjZl
NTY1OWViOTgxOGU4NjI1NDBkZTlmOTZhOGZlMjgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsNf5YV9oXZfmnNODSm8Y5kx/dtpSYaTEPofrAr5mM94Kv
5hBZ39f6W8Bs/RQ1Mrs+WadKIMeDWAWXaJKGd2E2k3W4VQZw96gncR2+WHZacJfm
O5Xrv0RQhH6JSFGqgzPYiHBdWeU3qEpV2kcurlqQ8SHz9H3fc0Z1bBibO6Sm0wuj
lcsuonDhscbmYxN7TiSRb6wFBouNdUQXvZgm2tbaItB1bZksr5tCfmIGIxXZrJUI
lD/ev4AoQ4cjWLAWfS3xy++brfAqOHOoAUDNmpLMaIfhGxAa5m496qUdLEyq4p1b
xH5aCvgSd0LnBtf/npTOzJSX/ppjpNNMGRjxKEdDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3vaCDH8u+CnR/iypQsep935qf4IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQzMjMwZTlmLWU2NDItNDg3Yi05MjJiLTdiMGZiY2U5ZWJjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARANHAwDQYJKoZIhvcNAQELBQADggEBAMDz8/4R+XwxWb6QdC0h8nzRz7mQ
xp88TFMIVeZ+x2m+uFYsQBhRYHhDRFUOw7PWq+0wrdxDe1UOIYop9vIkaUZhJx/+
wP1+uT4WZt9IhbLhXiH/TcF6Bo0ls2KsJWzOfq49xMem9y2S8wYADXsU+7MIiSKt
ZuOTX2lK/Nnl+zTgEERHrB+jrkA7n6DqiqI+zbURJvzoYm2YBZl51PvfiVRTLpev
8MSAD+2no+Llu9G8DVNRytcMbh6wB5oQk57IpLOrI27Q1LI6fI2CYJm+Uktu+vyZ
9lDdFIu4yIlKw9+5QpARML9NS4IyGTw0STwauuSbdnW7eZAqq4iqCOAE73w=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:21 2025 by rpki-client