Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e73af41-699f-4191-a5fd-61d8359ba3ae.roa
File: 4e73af41-699f-4191-a5fd-61d8359ba3ae.roa (raw, json)
Hash identifier: QQ+PaevA2AQ7/Ae05Gcmuu6Kk68y3wY0WviFQCn19Po=
Subject key identifier: A5:53:39:EA:19:AD:DD:30:63:EA:37:63:46:B4:55:45:70:02:2F:A0
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1EC27B86C74AACA12EEB950CDC020C06262B833F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e73af41-699f-4191-a5fd-61d8359ba3ae.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 207.202.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:c2:7b:86:c7:4a:ac:a1:2e:eb:95:0c:dc:02:0c:06:26:2b:83:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=004d62a328c8ada7c6b73a544116e20dcb4e1f2dd7ccb3315aecfe0f076c1708, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:04:b1:4c:be:c2:fb:f9:ce:65:5f:79:04:37:
89:f3:b6:c6:17:15:8d:26:5f:74:08:b7:27:cd:96:
a4:53:66:a3:f7:d6:46:3f:16:66:f1:d5:c5:1f:04:
e5:f8:07:ee:cd:df:d4:ff:14:17:1d:56:20:69:0d:
73:75:08:79:52:20:d2:b2:ce:17:44:a6:1f:4f:20:
6d:9f:b1:e4:cb:38:79:ec:d2:a3:a7:59:41:93:59:
36:7c:42:6f:94:e3:47:2c:63:09:cb:db:1b:b1:b1:
4d:b0:cc:f2:84:87:ca:e2:19:0a:6c:14:7a:b2:41:
95:5d:09:a3:0c:3d:7c:7a:39:91:53:35:c5:ab:50:
fd:03:13:56:4b:b7:61:38:9a:10:1a:a7:cc:0d:9b:
26:f5:07:af:d4:55:26:d0:2c:df:db:7e:d2:70:9f:
6b:9a:9b:c4:96:e2:fd:34:1f:69:58:8a:5e:fd:12:
43:19:d8:4b:3b:42:9a:73:2a:b9:72:dd:cd:e8:cb:
b0:9f:fd:fb:28:8c:7e:9e:1e:d5:99:cf:35:12:ba:
59:53:19:36:53:51:17:ae:54:b3:e2:1d:55:0d:f5:
97:7b:2e:a0:0b:40:df:29:98:20:0c:59:43:35:c5:
4d:99:3e:84:01:82:9f:1b:ba:47:a0:aa:bb:b7:0d:
cb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:53:39:EA:19:AD:DD:30:63:EA:37:63:46:B4:55:45:70:02:2F:A0
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e73af41-699f-4191-a5fd-61d8359ba3ae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.202.128.0/17
Signature Algorithm: sha256WithRSAEncryption
85:75:f0:6f:21:b5:de:1b:24:bc:6c:1c:93:1d:e0:b0:58:c6:
c6:42:19:5e:4f:15:b7:d3:43:89:b0:de:c3:fb:32:91:8c:31:
27:8f:9e:60:a8:d9:c3:d1:a7:73:9c:3a:8b:3c:56:eb:a6:8e:
00:b7:c7:c4:00:94:e0:ea:48:90:03:09:7e:4c:33:89:d1:61:
58:8e:c0:fc:b2:d3:cc:68:b2:11:b3:e7:9b:0c:a3:f8:2b:2f:
ca:32:59:a7:fc:2a:4e:75:9a:9a:d8:a5:a5:03:2e:ae:df:ec:
35:54:55:7c:62:82:29:f7:20:e7:fd:f0:61:d4:e4:f7:47:37:
cd:22:3f:2f:9c:8a:49:ac:bc:3b:ae:cc:84:06:d4:fd:26:a9:
32:11:a6:a8:21:c5:b3:ae:53:5a:84:d7:b6:e9:90:e0:00:8f:
e5:8e:6b:02:c8:94:a5:18:97:92:a2:3e:cd:bb:af:4c:a5:f5:
c4:34:54:bd:62:88:5b:94:80:d2:42:39:9b:1f:ff:fb:8d:b9:
c8:ea:c5:59:fb:1b:9c:93:ce:f9:39:43:2c:30:0c:05:dd:75:
bb:5b:b6:50:02:b2:25:51:5e:a5:fc:16:1e:88:c7:96:2b:d9:
ff:38:8e:36:26:f8:31:ed:7b:49:de:eb:19:5e:85:44:e2:ce:
88:60:2f:3c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHsJ7hsdKrKEu65UM3AIMBiYrgz8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDRkNjJhMzI4YzhhZGE3YzZiNzNhNTQ0MTE2ZTIwZGNi
NGUxZjJkZDdjY2IzMzE1YWVjZmUwZjA3NmMxNzA4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0BLFMvsL7+c5lX3kEN4nztsYXFY0mX3QItyfNlqRTZqP3
1kY/Fmbx1cUfBOX4B+7N39T/FBcdViBpDXN1CHlSINKyzhdEph9PIG2fseTLOHns
0qOnWUGTWTZ8Qm+U40csYwnL2xuxsU2wzPKEh8riGQpsFHqyQZVdCaMMPXx6OZFT
NcWrUP0DE1ZLt2E4mhAap8wNmyb1B6/UVSbQLN/bftJwn2uam8SW4v00H2lYil79
EkMZ2Es7QppzKrly3c3oy7Cf/fsojH6eHtWZzzUSullTGTZTUReuVLPiHVUN9Zd7
LqALQN8pmCAMWUM1xU2ZPoQBgp8bukegqru3Dcu1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpVM56hmt3TBj6jdjRrRVRXACL6AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlNzNhZjQxLTY5OWYtNDE5MS1hNWZkLTYxZDgzNTliYTNhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAfPyoAwDQYJKoZIhvcNAQELBQADggEBAIV18G8htd4bJLxsHJMd4LBYxsZC
GV5PFbfTQ4mw3sP7MpGMMSePnmCo2cPRp3OcOos8VuumjgC3x8QAlODqSJADCX5M
M4nRYViOwPyy08xoshGz55sMo/grL8oyWaf8Kk51mprYpaUDLq7f7DVUVXxigin3
IOf98GHU5PdHN80iPy+cikmsvDuuzIQG1P0mqTIRpqghxbOuU1qE17bpkOAAj+WO
awLIlKUYl5KiPs27r0yl9cQ0VL1iiFuUgNJCOZsf//uNucjqxVn7G5yTzvk5Qyww
DAXddbtbtlACsiVRXqX8Fh6Ix5Yr2f84jjYm+DHte0ne6xlehUTizohgLzw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:52:04 2025 by rpki-client