Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4da773c1-1f36-470b-b271-919911668a55.roa
File: 4da773c1-1f36-470b-b271-919911668a55.roa (raw, json)
Hash identifier: NLQSZD6ajlTMdGY6B4tlT2gNF2qeQRm4BEqvM+OlOU4=
Subject key identifier: CA:8B:FA:4C:4D:12:1E:5B:C4:F0:26:4B:B4:F1:41:2A:FE:06:77:37
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7E153D74A57E0EBCD6061C8EE2FDCC37A658B05D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4da773c1-1f36-470b-b271-919911668a55.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.151.144.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:15:3d:74:a5:7e:0e:bc:d6:06:1c:8e:e2:fd:cc:37:a6:58:b0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:0a:51:f2:09:3f:4f:63:0e:54:0e:95:b5:
60:a9:4f:ca:08:bc:b9:82:30:36:14:ab:07:3d:7b:
15:2a:91:0c:06:47:36:fd:bf:29:58:8d:7a:31:f3:
6d:da:e7:d8:95:98:6b:de:3e:f5:dc:69:b0:42:94:
cb:68:f2:9d:41:3b:8e:86:22:8a:8e:47:2a:0d:04:
71:8d:da:57:47:db:62:17:cd:f3:7d:ac:60:27:7c:
a7:2f:6e:03:74:4a:30:91:90:97:c1:f5:87:56:c4:
cb:33:f7:6d:7b:91:5d:86:e9:b2:41:11:24:e2:19:
c5:f8:13:c4:40:96:c4:27:9a:dc:30:bb:40:c5:59:
3a:0a:1d:44:c9:d3:2c:85:53:cf:be:51:f6:46:b4:
02:02:64:a6:06:71:06:27:3b:da:3f:0c:f6:19:ee:
7c:2d:b0:50:43:07:e9:6c:38:1f:97:0a:6f:a3:95:
4e:39:54:09:b5:37:ee:25:7f:ec:86:d1:e8:dd:3c:
27:b6:ff:2f:4c:b5:6b:89:96:04:1a:7a:c4:25:64:
93:f3:5d:0c:99:2b:64:72:e2:7f:2b:7a:d2:71:bf:
b7:52:4f:ab:8e:9f:72:6e:bb:19:a9:15:fc:06:c7:
a6:d2:fc:0a:d0:14:77:9c:53:59:4f:a9:3b:28:63:
2c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8B:FA:4C:4D:12:1E:5B:C4:F0:26:4B:B4:F1:41:2A:FE:06:77:37
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4da773c1-1f36-470b-b271-919911668a55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.151.144.0/21
Signature Algorithm: sha256WithRSAEncryption
92:f0:01:4f:c5:03:f2:91:8c:fb:7c:32:61:6e:d8:ac:c4:0f:
25:3c:1b:0d:b6:54:a3:c5:0d:86:48:e7:65:89:53:12:12:14:
ff:f9:a7:ba:f7:b4:cc:f4:2e:42:5a:7b:87:a7:bf:db:ef:a4:
c9:67:91:ff:75:51:4c:a2:d4:86:f4:72:4f:bf:13:d1:86:61:
94:06:5b:ac:fc:03:0c:51:d6:bd:36:72:4e:a6:29:b2:a5:11:
0b:99:34:14:98:c2:65:60:31:79:3b:eb:b9:de:73:b6:ce:82:
c0:4d:b5:c9:59:de:f6:d1:7a:61:06:06:b7:ef:e4:d0:32:82:
f6:65:5b:49:51:35:a2:82:5b:89:25:c8:5c:67:e8:c3:cb:21:
e6:15:88:6f:23:ea:18:3c:2c:e5:93:68:f7:0f:a4:4b:a7:78:
87:d1:24:19:48:0c:5f:fe:fd:aa:93:f3:55:c4:d6:0d:ac:a1:
9a:c7:ac:85:56:fc:4d:f1:05:0d:71:e8:48:1c:6e:e4:45:d2:
90:0a:97:c9:3c:42:fc:15:29:b5:f0:64:0e:f7:72:02:2b:b6:
ce:92:0b:f3:d5:59:3e:9e:13:60:00:ba:47:e8:0c:71:cd:38:
62:aa:ff:d5:a7:d8:64:15:f5:a7:ca:ce:83:70:7e:5e:10:8a:
2b:22:fe:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfhU9dKV+DrzWBhyO4v3MN6ZYsF0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMWQyOTk2NjMwZjE2Yzc5MjY5MjFhODU3MDliYTY1Mzcz
ZDU0M2QzMmVkZTE1YjA2MWYwZGQyZmUyMDYzM2U5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1ZQpR8gk/T2MOVA6VtWCpT8oIvLmCMDYUqwc9exUqkQwG
Rzb9vylYjXox823a59iVmGvePvXcabBClMto8p1BO46GIoqORyoNBHGN2ldH22IX
zfN9rGAnfKcvbgN0SjCRkJfB9YdWxMsz9217kV2G6bJBESTiGcX4E8RAlsQnmtww
u0DFWToKHUTJ0yyFU8++UfZGtAICZKYGcQYnO9o/DPYZ7nwtsFBDB+lsOB+XCm+j
lU45VAm1N+4lf+yG0ejdPCe2/y9MtWuJlgQaesQlZJPzXQyZK2Ry4n8retJxv7dS
T6uOn3JuuxmpFfwGx6bS/ArQFHecU1lPqTsoYyzpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyov6TE0SHlvE8CZLtPFBKv4GdzcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkYTc3M2MxLTFmMzYtNDcwYi1iMjcxLTkxOTkxMTY2OGE1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl5AwDQYJKoZIhvcNAQELBQADggEBAJLwAU/FA/KRjPt8MmFu2KzEDyU8
Gw22VKPFDYZI52WJUxISFP/5p7r3tMz0LkJae4env9vvpMlnkf91UUyi1Ib0ck+/
E9GGYZQGW6z8AwxR1r02ck6mKbKlEQuZNBSYwmVgMXk767nec7bOgsBNtclZ3vbR
emEGBrfv5NAygvZlW0lRNaKCW4klyFxn6MPLIeYViG8j6hg8LOWTaPcPpEuneIfR
JBlIDF/+/aqT81XE1g2soZrHrIVW/E3xBQ1x6EgcbuRF0pAKl8k8QvwVKbXwZA73
cgIrts6SC/PVWT6eE2AAukfoDHHNOGKq/9Wn2GQV9afKzoNwfl4Qiisi/l0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:57 2025 by rpki-client