Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f39db85-bb51-4b22-a180-8d268ddde2a8.roa
File: 4f39db85-bb51-4b22-a180-8d268ddde2a8.roa (raw, json)
Hash identifier: rB9AAjRKViM0REKDwNe8Ut5fGqrujTE/iYbO7KIWkfI=
Subject key identifier: 6C:27:F6:8A:7B:C2:A7:70:3A:51:34:39:74:4E:1C:DB:0F:C2:1B:32
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5699A25DE5060E86220226E0EB5A0E0204EFD522
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f39db85-bb51-4b22-a180-8d268ddde2a8.roa
Signing time: Tue 26 Nov 2024 00:00:00 +0000
ROA not before: Tue 26 Nov 2024 00:00:00 +0000
ROA not after: Tue 31 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 162.222.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:99:a2:5d:e5:06:0e:86:22:02:26:e0:eb:5a:0e:02:04:ef:d5:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 26 00:00:00 2024 GMT
Not After : Dec 31 23:59:59 2024 GMT
Subject: serialNumber=08a8a83c660d3b6f7560b290f15b8b743d910f34b21c82e4c9aab72d84e0bcc7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ec:17:03:ff:86:82:4d:56:d6:99:e7:38:f2:
b7:1b:80:e5:4f:20:1e:1f:64:75:ef:cc:86:93:f3:
32:80:a0:94:89:a1:de:9a:bc:39:83:0e:b6:1e:92:
11:eb:c3:8e:00:80:54:14:c5:a1:40:91:5b:fc:81:
fb:89:2a:d4:39:97:51:f1:72:40:74:44:53:3b:99:
4a:9c:a0:a9:f7:a7:92:cc:e2:2a:0f:53:62:38:13:
e9:ab:bb:4a:82:a8:5d:eb:d3:16:16:bf:50:68:f6:
e9:81:9b:4d:07:43:c3:5f:74:a6:26:14:4f:13:50:
2c:e7:46:db:31:98:9c:17:97:99:4e:b5:67:c2:d4:
9b:a7:c8:5d:0f:dd:5b:47:e0:f0:42:e9:8b:ff:80:
a0:c6:c8:ac:d7:29:c7:f6:c4:f8:0e:a6:f6:63:a0:
ac:50:cd:91:a1:b8:af:ee:52:94:eb:6d:49:ba:f8:
a1:6d:16:1a:15:27:91:79:6b:d9:8f:72:45:0d:bc:
0b:6f:ce:53:dc:55:50:32:80:9a:ca:e1:7a:57:ed:
67:a0:c5:ff:cd:08:e3:9a:c8:bf:b3:7c:06:2e:1e:
bb:6e:f4:4e:8e:34:14:85:e6:94:f4:09:e5:7f:1a:
19:00:92:63:be:93:ce:38:e7:a3:5a:9c:a9:77:ca:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:27:F6:8A:7B:C2:A7:70:3A:51:34:39:74:4E:1C:DB:0F:C2:1B:32
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f39db85-bb51-4b22-a180-8d268ddde2a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.222.148.0/22
Signature Algorithm: sha256WithRSAEncryption
99:1b:c4:cd:dd:12:e3:96:e1:98:65:d3:56:a1:85:71:25:06:
b7:68:12:82:40:27:3c:66:fb:4d:51:ea:f2:c3:c6:b9:5e:d5:
fa:ca:19:f6:46:05:18:bf:70:06:69:cd:52:50:6f:af:3a:42:
88:3a:ea:67:eb:2f:42:e0:4f:b2:58:1a:ea:af:92:ac:c5:26:
f1:b0:72:79:af:ef:65:1b:d2:3d:6d:4a:d7:75:d8:0f:27:11:
aa:f7:3b:9a:71:97:06:e4:be:66:27:f8:cb:6e:83:31:cd:9f:
23:c0:50:1b:ba:e2:e6:81:07:8c:25:04:c7:23:ae:49:87:d0:
9d:5b:8e:42:b7:90:ef:18:d3:92:f1:9f:c9:03:f3:23:e5:51:
79:93:02:d6:d9:8a:ee:14:62:93:34:8a:ab:af:8f:44:f8:05:
2a:61:93:26:ce:13:0a:34:b0:88:38:3d:f7:38:c6:3a:56:cd:
ad:69:c8:4b:1e:18:4c:52:17:60:30:e8:30:f9:85:1f:15:db:
1c:ab:2f:75:d4:29:fa:ae:df:02:79:99:de:24:98:ec:5b:31:
fe:03:ea:77:91:ad:0f:6a:10:12:76:4b:da:ea:32:cd:53:c6:
72:ed:b6:9d:70:2c:ef:7d:7c:e0:20:7a:7a:12:6f:04:cc:5c:
89:df:04:31
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVpmiXeUGDoYiAibg61oOAgTv1SIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTI2MDAwMDAwWhcNMjQxMjMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwOGE4YTgzYzY2MGQzYjZmNzU2MGIyOTBmMTViOGI3NDNk
OTEwZjM0YjIxYzgyZTRjOWFhYjcyZDg0ZTBiY2M3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCl7BcD/4aCTVbWmec48rcbgOVPIB4fZHXvzIaT8zKAoJSJ
od6avDmDDrYekhHrw44AgFQUxaFAkVv8gfuJKtQ5l1HxckB0RFM7mUqcoKn3p5LM
4ioPU2I4E+mru0qCqF3r0xYWv1Bo9umBm00HQ8NfdKYmFE8TUCznRtsxmJwXl5lO
tWfC1JunyF0P3VtH4PBC6Yv/gKDGyKzXKcf2xPgOpvZjoKxQzZGhuK/uUpTrbUm6
+KFtFhoVJ5F5a9mPckUNvAtvzlPcVVAygJrK4XpX7Wegxf/NCOOayL+zfAYuHrtu
9E6ONBSF5pT0CeV/GhkAkmO+k84456NanKl3yma7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbCf2invCp3A6UTQ5dE4c2w/CGzIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRmMzlkYjg1LWJiNTEtNGIyMi1hMTgwLThkMjY4ZGRkZTJhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKi3pQwDQYJKoZIhvcNAQELBQADggEBAJkbxM3dEuOW4Zhl01ahhXElBrdo
EoJAJzxm+01R6vLDxrle1frKGfZGBRi/cAZpzVJQb686Qog66mfrL0LgT7JYGuqv
kqzFJvGwcnmv72Ub0j1tStd12A8nEar3O5pxlwbkvmYn+MtugzHNnyPAUBu64uaB
B4wlBMcjrkmH0J1bjkK3kO8Y05Lxn8kD8yPlUXmTAtbZiu4UYpM0iquvj0T4BSph
kybOEwo0sIg4Pfc4xjpWza1pyEseGExSF2Aw6DD5hR8V2xyrL3XUKfqu3wJ5md4k
mOxbMf4D6neRrQ9qEBJ2S9rqMs1TxnLttp1wLO99fOAgenoSbwTMXInfBDE=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:12:42 2025 by rpki-client