Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/560b3ab7-79c4-4d60-8270-3ca7d0f3a0a6.roa
File: 560b3ab7-79c4-4d60-8270-3ca7d0f3a0a6.roa (raw, json)
Hash identifier: nNBXuYFJEjqwPDRejLGUhLepiyPWTVOUHPGod2pCoDE=
Subject key identifier: 4E:B7:99:88:A7:4D:20:18:47:A5:AF:54:8B:49:C3:7A:6D:14:25:00
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 32DD41916E9D36E2063D66118CC987F114DE904F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/560b3ab7-79c4-4d60-8270-3ca7d0f3a0a6.roa
Signing time: Thu 26 Dec 2024 00:00:00 +0000
ROA not before: Thu 26 Dec 2024 00:00:00 +0000
ROA not after: Thu 30 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 66.156.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:dd:41:91:6e:9d:36:e2:06:3d:66:11:8c:c9:87:f1:14:de:90:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 26 00:00:00 2024 GMT
Not After : Jan 30 23:59:59 2025 GMT
Subject: serialNumber=e9ae912b017e897098913c12aa5d28d708ae7da38b30ead4b570998be6346881, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6d:48:8b:6b:e7:23:4d:83:6d:ac:83:4b:60:
ec:b8:95:e4:9a:45:fe:35:ab:71:00:ff:bb:6f:f8:
23:77:8a:8c:9d:32:ac:14:df:b3:52:6d:af:27:04:
62:5f:b2:78:c7:28:75:a0:d8:1d:c5:d8:80:65:84:
00:a5:3a:62:47:52:e7:7e:79:ae:40:6c:9b:1b:f1:
12:25:75:8a:29:14:bc:50:82:03:d8:28:7f:82:13:
1e:6c:5c:11:bd:1f:2e:26:d2:35:a2:eb:3a:f4:69:
19:f1:30:75:de:da:9e:7a:53:b9:b9:a6:63:c1:3b:
65:57:53:e8:42:0b:34:42:f0:25:fc:c1:5c:cb:29:
bd:1c:6c:fd:92:2d:b3:2b:4b:37:ba:e2:cc:22:7b:
e0:b8:5f:73:68:d9:67:01:25:56:e4:00:8f:ab:7d:
22:51:8c:df:9a:e5:40:38:89:9a:58:82:ac:01:25:
72:f8:08:56:54:e9:88:a2:12:bc:40:a6:40:98:9f:
13:46:ff:00:27:2d:53:e8:0a:da:72:11:8f:f6:c3:
45:b3:68:14:b6:04:43:88:a9:c9:4d:12:82:dc:10:
7c:8a:37:0a:c5:de:9b:83:00:92:bd:a3:3b:a3:14:
b1:15:13:81:ec:1e:4a:1e:61:28:c2:f3:9d:8c:91:
13:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B7:99:88:A7:4D:20:18:47:A5:AF:54:8B:49:C3:7A:6D:14:25:00
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/560b3ab7-79c4-4d60-8270-3ca7d0f3a0a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.156.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:be:16:d1:c5:98:df:c8:03:61:f8:da:c2:04:55:f3:d5:bf:
d9:ce:b0:8d:8f:80:36:77:d3:18:4c:00:2d:40:8a:f3:9e:f7:
f4:a9:c2:d1:31:37:c2:9e:00:77:33:c9:a6:9a:8f:90:f0:bd:
93:aa:83:a9:96:cd:be:e0:a4:7b:89:12:b5:b7:af:97:05:12:
2a:1e:f7:89:93:3e:c1:b0:ce:79:f4:9c:44:39:f1:29:c0:c3:
30:5c:61:be:d8:cc:0a:69:05:d2:01:40:6f:5d:c5:61:df:82:
fc:83:b2:28:b3:af:4b:a2:2e:9a:78:e7:0b:28:0b:90:9e:bd:
73:47:d8:19:6c:9a:7c:16:01:e5:5e:ce:3d:88:f7:61:3e:e3:
8c:41:77:9d:0b:1a:4d:02:3c:8c:6d:53:4b:31:63:5c:22:cf:
fc:2b:6b:0c:a1:c4:cf:5f:f0:8a:ad:f8:9e:5b:65:f1:77:90:
e4:8f:9e:df:56:f5:41:2d:9e:3e:da:00:88:25:3d:be:9d:15:
75:61:39:84:3b:5f:11:87:9c:cc:b0:16:cd:a2:c6:a1:32:18:
83:93:32:cd:8c:73:32:c6:5f:8e:db:4b:97:78:d1:bf:06:dc:
db:13:c6:e7:90:9f:c6:bb:1a:00:a6:e5:fb:6e:18:2f:49:6b:
44:bd:a5:dd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMt1BkW6dNuIGPWYRjMmH8RTekE8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI2MDAwMDAwWhcNMjUwMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlOWFlOTEyYjAxN2U4OTcwOTg5MTNjMTJhYTVkMjhkNzA4
YWU3ZGEzOGIzMGVhZDRiNTcwOTk4YmU2MzQ2ODgxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDybUiLa+cjTYNtrINLYOy4leSaRf41q3EA/7tv+CN3ioyd
MqwU37NSba8nBGJfsnjHKHWg2B3F2IBlhAClOmJHUud+ea5AbJsb8RIldYopFLxQ
ggPYKH+CEx5sXBG9Hy4m0jWi6zr0aRnxMHXe2p56U7m5pmPBO2VXU+hCCzRC8CX8
wVzLKb0cbP2SLbMrSze64swie+C4X3No2WcBJVbkAI+rfSJRjN+a5UA4iZpYgqwB
JXL4CFZU6YiiErxApkCYnxNG/wAnLVPoCtpyEY/2w0WzaBS2BEOIqclNEoLcEHyK
NwrF3puDAJK9ozujFLEVE4HsHkoeYSjC852MkRMNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTreZiKdNIBhHpa9Ui0nDem0UJQAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU2MGIzYWI3LTc5YzQtNGQ2MC04MjcwLTNjYTdkMGYzYTBhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBCnDANBgkqhkiG9w0BAQsFAAOCAQEAoL4W0cWY38gDYfjawgRV89W/2c6w
jY+ANnfTGEwALUCK85739KnC0TE3wp4AdzPJppqPkPC9k6qDqZbNvuCke4kStbev
lwUSKh73iZM+wbDOefScRDnxKcDDMFxhvtjMCmkF0gFAb13FYd+C/IOyKLOvS6Iu
mnjnCygLkJ69c0fYGWyafBYB5V7OPYj3YT7jjEF3nQsaTQI8jG1TSzFjXCLP/Ctr
DKHEz1/wiq34nltl8XeQ5I+e31b1QS2ePtoAiCU9vp0VdWE5hDtfEYeczLAWzaLG
oTIYg5MyzYxzMsZfjttLl3jRvwbc2xPG55CfxrsaAKbl+24YL0lrRL2l3Q==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:11:45 2025 by rpki-client