Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c0f7b50-5754-4d71-be8f-98547a565fd0.roa
File: 4c0f7b50-5754-4d71-be8f-98547a565fd0.roa (raw, json)
Hash identifier: aDhlSU32XdMUenxUjYnr1CITT36MNZrjyXaObYWBxro=
Subject key identifier: 64:10:A4:D5:5D:05:48:67:6D:C3:10:25:DA:40:94:B1:F6:F2:E8:9D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4A1D4CCC2AF3A532912D187829087001FC278166
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c0f7b50-5754-4d71-be8f-98547a565fd0.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.128.0.0/13 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:1d:4c:cc:2a:f3:a5:32:91:2d:18:78:29:08:70:01:fc:27:81:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:4c:83:4a:c8:0a:a5:ea:3c:58:f6:b4:82:
76:96:dc:45:69:a1:00:c1:53:eb:00:33:c4:b9:1c:
ee:f7:e9:10:16:f0:7e:b6:13:bb:0b:24:f2:dc:be:
5b:11:d3:c9:d1:58:47:41:ef:76:09:aa:63:58:00:
6f:30:5a:33:cb:f3:b2:7a:ef:f1:88:36:46:33:51:
88:4a:d3:b5:48:b9:a0:75:8c:d6:15:0d:27:d7:ed:
9b:86:64:84:d9:36:2a:19:c6:07:2b:e8:22:c0:c6:
48:e0:85:e9:9c:dd:82:1f:0e:69:bd:8a:f1:15:76:
ce:d5:59:ee:15:88:6f:a2:64:14:3e:13:da:30:09:
1e:8e:e2:be:bc:4e:47:d3:ad:5e:9d:04:bc:0f:b4:
47:01:55:a0:d3:86:81:6a:4c:6f:41:cd:3d:c5:7d:
06:07:b1:5d:a8:b2:dc:62:a4:c4:7f:b5:f9:93:de:
00:f8:b6:ef:93:f4:68:0a:b0:57:83:df:37:66:88:
a8:66:79:46:9c:b9:dd:b3:89:1a:fa:63:66:76:bd:
6c:32:f7:7f:f7:e2:3c:eb:99:42:aa:c6:3c:79:d0:
c8:de:8d:a0:bd:5c:b4:9d:9b:62:2a:5a:b6:39:95:
7a:97:02:1f:e2:dd:9e:01:d0:d8:b7:77:e6:f8:bc:
ac:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:10:A4:D5:5D:05:48:67:6D:C3:10:25:DA:40:94:B1:F6:F2:E8:9D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c0f7b50-5754-4d71-be8f-98547a565fd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.128.0.0/13
Signature Algorithm: sha256WithRSAEncryption
a4:19:e3:4c:d6:2f:78:7c:4c:a6:5c:53:d9:94:8f:3f:2d:a5:
2c:17:18:15:57:4c:28:4b:03:59:94:1a:18:b6:8a:75:27:ed:
e6:2c:6c:5b:2f:ac:71:4a:fc:fb:2d:3d:46:0c:f8:dc:cc:6e:
36:fa:30:d6:64:d9:23:fc:f8:08:13:e8:ff:8d:0d:39:7d:7f:
1b:ce:d8:68:fc:da:a0:14:39:2c:80:07:82:e4:b0:0e:ed:5e:
91:6f:58:b2:41:8b:ad:bf:2d:cb:df:45:0f:68:f5:ef:77:c8:
af:cb:6f:4e:a4:b9:5c:92:9f:fb:ad:c1:a6:0b:a3:a8:9c:5f:
1a:b8:fc:d2:86:b0:dc:bd:ec:84:1b:ee:fa:91:e2:61:be:fe:
44:0b:8e:cb:52:6c:d2:31:ce:c3:5d:82:6e:89:17:a8:2f:86:
9d:62:3b:04:4b:67:3e:e5:dc:ca:12:26:c6:28:4c:03:52:4a:
cd:74:0c:89:dd:23:18:b0:cb:a7:1d:b7:cd:12:dc:52:8e:ad:
f5:7a:87:d5:94:80:9e:17:47:f0:d6:42:c1:4a:6f:a4:37:7c:
0c:f7:3c:f1:52:5f:c1:63:37:38:28:cb:cb:46:d0:a1:20:b4:
7a:40:0a:10:df:d6:7a:de:79:e9:6d:b9:18:b4:10:37:ad:96:
7d:24:08:5e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSh1MzCrzpTKRLRh4KQhwAfwngWYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTMwMDAwMDAwWhcNMjUwMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYzIwMjBjYmQwNTc5YmZkYmVhYzRmODM3N2ZkNWMzYWEz
NDc3MmM5NWZmOGE4NTdkYWZmMWQ0YzZiMGQzZTNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHHUyDSsgKpeo8WPa0gnaW3EVpoQDBU+sAM8S5HO736RAW
8H62E7sLJPLcvlsR08nRWEdB73YJqmNYAG8wWjPL87J67/GINkYzUYhK07VIuaB1
jNYVDSfX7ZuGZITZNioZxgcr6CLAxkjghemc3YIfDmm9ivEVds7VWe4ViG+iZBQ+
E9owCR6O4r68TkfTrV6dBLwPtEcBVaDThoFqTG9BzT3FfQYHsV2ostxipMR/tfmT
3gD4tu+T9GgKsFeD3zdmiKhmeUacud2ziRr6Y2Z2vWwy93/34jzrmUKqxjx50Mje
jaC9XLSdm2IqWrY5lXqXAh/i3Z4B0Ni3d+b4vKw5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZBCk1V0FSGdtwxAl2kCUsfby6J0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjMGY3YjUwLTU3NTQtNGQ3MS1iZThmLTk4NTQ3YTU2NWZkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwNsgDANBgkqhkiG9w0BAQsFAAOCAQEApBnjTNYveHxMplxT2ZSPPy2lLBcY
FVdMKEsDWZQaGLaKdSft5ixsWy+scUr8+y09Rgz43MxuNvow1mTZI/z4CBPo/40N
OX1/G87YaPzaoBQ5LIAHguSwDu1ekW9YskGLrb8ty99FD2j173fIr8tvTqS5XJKf
+63BpgujqJxfGrj80oaw3L3shBvu+pHiYb7+RAuOy1Js0jHOw12CbokXqC+GnWI7
BEtnPuXcyhImxihMA1JKzXQMid0jGLDLpx23zRLcUo6t9XqH1ZSAnhdH8NZCwUpv
pDd8DPc88VJfwWM3OCjLy0bQoSC0ekAKEN/Wet556W25GLQQN62WfSQIXg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:42 2025 by rpki-client