Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/575a85e8-bc68-4f86-af0b-5e916eb0c52f.roa
File: 575a85e8-bc68-4f86-af0b-5e916eb0c52f.roa (raw, json)
Hash identifier: iyEZ0iBp2ZOAMHaXqxgoqQDdmtYyPZtmiokH5+KYTAc=
Subject key identifier: 99:0F:34:E7:2A:AA:63:63:87:C5:17:A1:EF:D7:EF:A8:D0:35:56:B8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 14DA45D53EDA4731244A893B484E448E161CD6E4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/575a85e8-bc68-4f86-af0b-5e916eb0c52f.roa
Signing time: Sat 21 Dec 2024 00:00:00 +0000
ROA not before: Sat 21 Dec 2024 00:00:00 +0000
ROA not after: Sat 25 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 148.94.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:da:45:d5:3e:da:47:31:24:4a:89:3b:48:4e:44:8e:16:1c:d6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 21 00:00:00 2024 GMT
Not After : Jan 25 23:59:59 2025 GMT
Subject: serialNumber=b86add19d433e3bacfa5a771fa4483252d06223cfb88a8bab01ded5e0ee8af4d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:07:f5:d5:0a:ab:de:e8:88:38:72:b0:62:be:
8f:93:b4:f8:5f:63:95:68:ff:82:0d:ed:ba:cd:88:
96:96:16:4c:5e:13:85:2c:9d:b0:f6:71:34:5f:74:
87:50:54:f3:33:00:bf:cc:46:a1:d1:1f:0c:ef:36:
4b:72:e0:5e:be:47:22:0e:5a:80:db:50:3f:e4:72:
f8:c3:23:6e:39:33:df:79:5b:33:b7:73:bc:69:b9:
0b:24:da:03:cf:2f:de:42:9b:70:2b:d9:50:1c:5b:
78:e7:c3:df:5a:d6:8f:68:dd:39:86:a7:27:08:eb:
d6:bd:f4:36:aa:32:7b:ae:5b:a0:61:39:a1:41:6f:
c4:b4:3b:75:ea:cc:08:ab:01:70:c2:c7:d2:43:ed:
ab:6a:bb:93:91:5e:50:19:07:f3:c6:3e:a5:30:ad:
3a:99:56:6d:f7:8a:84:3c:28:fa:fd:fa:fb:37:d6:
f5:3d:14:b4:fe:d1:30:72:2c:65:5a:87:a8:c9:88:
e1:18:ce:c4:02:fe:cf:ef:3a:d1:6b:e0:a1:a1:da:
89:68:19:03:61:97:78:de:9b:4a:ac:b9:98:b7:b1:
3f:eb:7a:cf:5e:83:61:88:f0:f5:81:f4:b1:16:a1:
7d:67:3c:f5:66:3d:37:c8:b4:fe:07:9d:2d:af:75:
4a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0F:34:E7:2A:AA:63:63:87:C5:17:A1:EF:D7:EF:A8:D0:35:56:B8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/575a85e8-bc68-4f86-af0b-5e916eb0c52f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.94.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:47:81:24:d2:89:89:16:2d:9e:f4:e0:2d:a5:db:fb:fb:1a:
55:4a:ad:9b:45:70:b2:09:17:b6:26:86:b9:32:81:56:a0:7a:
4a:29:6d:92:2b:68:e8:a7:ff:59:72:24:87:4b:76:37:31:af:
1d:80:b9:90:17:01:b3:bc:57:31:4f:60:32:92:0a:92:60:5a:
b0:50:6a:3f:a1:09:63:6b:48:08:72:cb:47:57:ff:c2:c7:f1:
37:c5:2d:69:8e:98:d0:7b:9c:4a:b7:a3:55:03:08:b1:9d:87:
6a:66:6b:14:7f:f6:7a:fd:ba:8c:a9:11:84:1c:8b:41:89:05:
95:5f:f7:3a:9c:69:23:c6:53:76:99:09:e1:59:e1:35:f2:c4:
4d:0a:96:8b:6d:53:b8:50:02:0e:64:05:ef:92:48:66:c2:83:
22:b3:c8:fa:bd:b7:5d:ce:cd:a5:08:b3:62:ce:32:73:20:80:
2f:cd:00:ec:3b:f8:d1:02:aa:c0:ef:ec:fb:90:a3:85:13:8c:
f4:46:9d:b3:fe:fd:b8:be:63:30:cf:76:60:94:5c:91:30:6e:
74:5a:d1:a0:eb:fc:b0:9f:ef:cf:1f:bf:f3:ec:a5:0e:6b:0a:
9a:02:17:33:eb:c7:c2:b5:90:6a:dd:35:3c:4c:b5:8d:52:d6:
31:57:a9:58
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFNpF1T7aRzEkSok7SE5EjhYc1uQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIxMDAwMDAwWhcNMjUwMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiODZhZGQxOWQ0MzNlM2JhY2ZhNWE3NzFmYTQ0ODMyNTJk
MDYyMjNjZmI4OGE4YmFiMDFkZWQ1ZTBlZThhZjRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD1B/XVCqve6Ig4crBivo+TtPhfY5Vo/4IN7brNiJaWFkxe
E4UsnbD2cTRfdIdQVPMzAL/MRqHRHwzvNkty4F6+RyIOWoDbUD/kcvjDI245M995
WzO3c7xpuQsk2gPPL95Cm3Ar2VAcW3jnw99a1o9o3TmGpycI69a99DaqMnuuW6Bh
OaFBb8S0O3XqzAirAXDCx9JD7atqu5ORXlAZB/PGPqUwrTqZVm33ioQ8KPr9+vs3
1vU9FLT+0TByLGVah6jJiOEYzsQC/s/vOtFr4KGh2oloGQNhl3jem0qsuZi3sT/r
es9eg2GI8PWB9LEWoX1nPPVmPTfItP4HnS2vdUpPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUmQ805yqqY2OHxReh79fvqNA1VrgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU3NWE4NWU4LWJjNjgtNGY4Ni1hZjBiLTVlOTE2ZWIwYzUyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCUXjANBgkqhkiG9w0BAQsFAAOCAQEAP0eBJNKJiRYtnvTgLaXb+/saVUqt
m0VwsgkXtiaGuTKBVqB6Siltkito6Kf/WXIkh0t2NzGvHYC5kBcBs7xXMU9gMpIK
kmBasFBqP6EJY2tICHLLR1f/wsfxN8UtaY6Y0HucSrejVQMIsZ2HamZrFH/2ev26
jKkRhByLQYkFlV/3OpxpI8ZTdpkJ4VnhNfLETQqWi21TuFACDmQF75JIZsKDIrPI
+r23Xc7NpQizYs4ycyCAL80A7Dv40QKqwO/s+5CjhROM9Eads/79uL5jMM92YJRc
kTBudFrRoOv8sJ/vzx+/8+ylDmsKmgIXM+vHwrWQat01PEy1jVLWMVepWA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:52:14 2025 by rpki-client