Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e17693d-8c5e-416b-9922-0d547354839a.roa
File: 4e17693d-8c5e-416b-9922-0d547354839a.roa (raw, json)
Hash identifier: FB0xDQAR2Gtdv1jeCYoUg+zAY+lzHPmAP1q9IjnOzY4=
Subject key identifier: 51:0A:88:35:50:21:99:54:18:D0:B6:79:60:2E:84:8C:CC:86:23:FB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4536FE267385D71A412AA1CF7EBDD4A91785BDDB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e17693d-8c5e-416b-9922-0d547354839a.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 192.157.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:36:fe:26:73:85:d7:1a:41:2a:a1:cf:7e:bd:d4:a9:17:85:bd:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:16:9f:96:3b:0d:65:10:8c:76:10:21:33:08:
d1:26:24:0e:10:30:00:ac:18:f6:69:1e:4d:dc:85:
1e:a5:88:97:ac:ba:27:70:25:19:64:d9:ac:fc:4a:
ae:c1:8d:96:f6:ee:c8:24:99:bc:3c:1c:d4:e7:c0:
1e:e7:6e:ec:b5:5d:9b:69:d6:3e:3a:c0:85:67:42:
e0:97:b7:3e:ec:1e:27:aa:38:6d:72:5d:9d:ce:4c:
b4:4c:0f:a3:4a:c4:cc:f5:7f:74:62:37:82:54:c5:
0d:b5:e1:eb:20:e5:f8:54:8e:df:a9:a9:a0:b7:f6:
4d:26:74:7a:94:0a:16:86:d5:9f:8a:42:00:7e:97:
ee:5a:77:cf:f6:53:23:9e:ee:ff:20:54:c2:1c:58:
1e:5b:b8:79:0a:91:63:27:4e:1a:40:a5:1d:80:62:
f0:e6:06:e8:70:dd:1f:4f:1f:98:a0:2a:da:2f:09:
0b:2a:aa:4d:5f:5b:39:f9:88:30:e3:b1:b9:88:b5:
c4:ec:cc:a7:8f:73:83:a8:ce:a2:81:54:f3:62:d8:
4c:58:6d:8e:0f:39:26:ef:96:28:df:b4:bd:75:e3:
86:b1:66:39:50:f8:e3:45:20:df:0c:68:68:df:bd:
1d:0d:13:88:7a:46:8a:94:38:4a:5a:ac:68:5d:d9:
29:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0A:88:35:50:21:99:54:18:D0:B6:79:60:2E:84:8C:CC:86:23:FB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e17693d-8c5e-416b-9922-0d547354839a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.157.32.0/24
Signature Algorithm: sha256WithRSAEncryption
26:5a:87:3e:a2:bc:db:35:6a:48:7d:4a:04:44:60:5b:f1:d8:
9f:a5:9c:be:25:4a:92:d4:14:90:a1:ed:53:38:e4:a9:3c:56:
d7:59:13:7a:50:09:bd:f4:4d:5c:84:e3:31:e4:72:3a:9a:78:
98:b7:a2:ae:66:68:8b:8b:30:fc:ee:d7:64:35:5d:0f:cd:1a:
07:a8:b8:fd:53:66:09:98:e6:1a:dc:37:2c:bc:ef:46:65:84:
5a:40:c0:84:f0:0d:51:d1:a8:1b:2b:81:76:b1:82:ff:00:2c:
f8:cd:1c:c0:ec:12:9b:93:44:f6:9a:8e:ee:de:92:1c:fc:7c:
31:f2:69:e1:d4:b9:bf:3b:62:81:6c:80:4d:c9:bb:6b:34:2e:
2a:f2:1e:65:49:ce:8e:0b:e3:f4:56:55:70:eb:f4:5f:07:77:
1d:0e:fb:1d:29:f1:7a:5d:1f:9c:54:26:13:6b:13:13:73:86:
e1:8f:07:20:af:af:80:cd:bd:5f:34:f6:8d:12:09:38:6e:96:
d3:ef:d9:02:b1:58:85:42:1f:15:7e:96:93:0a:86:14:e1:00:
cc:04:20:eb:c7:8d:35:a5:cf:e6:63:5a:93:82:a4:8c:3e:bf:
58:c2:d0:1d:38:54:6d:10:be:ff:f9:72:31:a9:14:6d:bc:9d:
0a:22:ca:a2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURTb+JnOF1xpBKqHPfr3UqReFvdswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyOWJmNTYxZjQ3MzlmMDAwY2FhYTk5MmQ4YWIyMjM0NzNm
MTY2YjI3ZThkNjFmZTFmYzkwMmUzOWUzYzRiZDE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtFp+WOw1lEIx2ECEzCNEmJA4QMACsGPZpHk3chR6liJes
uidwJRlk2az8Sq7BjZb27sgkmbw8HNTnwB7nbuy1XZtp1j46wIVnQuCXtz7sHieq
OG1yXZ3OTLRMD6NKxMz1f3RiN4JUxQ214esg5fhUjt+pqaC39k0mdHqUChaG1Z+K
QgB+l+5ad8/2UyOe7v8gVMIcWB5buHkKkWMnThpApR2AYvDmBuhw3R9PH5igKtov
CQsqqk1fWzn5iDDjsbmItcTszKePc4OozqKBVPNi2ExYbY4POSbvlijftL1144ax
ZjlQ+ONFIN8MaGjfvR0NE4h6RoqUOEparGhd2SkXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUQqINVAhmVQY0LZ5YC6EjMyGI/swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlMTc2OTNkLThjNWUtNDE2Yi05OTIyLTBkNTQ3MzU0ODM5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADAnSAwDQYJKoZIhvcNAQELBQADggEBACZahz6ivNs1akh9SgREYFvx2J+l
nL4lSpLUFJCh7VM45Kk8VtdZE3pQCb30TVyE4zHkcjqaeJi3oq5maIuLMPzu12Q1
XQ/NGgeouP1TZgmY5hrcNyy870ZlhFpAwITwDVHRqBsrgXaxgv8ALPjNHMDsEpuT
RPaaju7ekhz8fDHyaeHUub87YoFsgE3Ju2s0LiryHmVJzo4L4/RWVXDr9F8Hdx0O
+x0p8XpdH5xUJhNrExNzhuGPByCvr4DNvV809o0SCThultPv2QKxWIVCHxV+lpMK
hhThAMwEIOvHjTWlz+ZjWpOCpIw+v1jC0B04VG0Qvv/5cjGpFG28nQoiyqI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:34 2025 by rpki-client