Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b853ac2-828f-4aaf-9728-f1a950d4f541.roa
File: 5b853ac2-828f-4aaf-9728-f1a950d4f541.roa (raw, json)
Hash identifier: dbMxbnCPR0pfBTv7W6QrStBIw5zNcdOn7kBcaEMgfs0=
Subject key identifier: 37:97:39:08:A5:72:57:D7:2A:D7:51:D0:75:AC:B3:06:14:BD:11:E6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 25934E39412B1E9659776ECD2BBE5A0F06FFD129
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b853ac2-828f-4aaf-9728-f1a950d4f541.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 108.156.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:93:4e:39:41:2b:1e:96:59:77:6e:cd:2b:be:5a:0f:06:ff:d1:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:0c:ed:96:95:ce:57:bd:a6:dc:e8:8d:26:
4e:4b:4a:4a:95:bb:7b:dc:59:d5:5d:cf:36:86:c8:
7d:08:17:42:d8:fb:c6:99:dc:88:22:18:75:3c:2f:
73:13:68:b3:d0:66:58:12:e4:ae:23:2b:77:da:a6:
cd:36:c5:9b:5d:79:e6:ac:a9:b9:59:98:22:ca:a3:
9b:15:03:ae:98:f3:22:a1:c0:32:bd:ef:46:a4:62:
95:58:43:a6:b8:97:ab:83:cf:44:c0:01:c8:2a:89:
f1:9a:fe:66:b4:00:80:94:99:65:7b:da:22:bf:b0:
11:86:6e:df:7d:1f:7e:17:f0:83:f0:32:c5:23:ce:
1e:57:8e:93:de:4f:51:cf:a4:6e:47:e4:a0:ac:ef:
4e:6e:fc:c2:4d:f3:80:3a:d5:7c:7a:07:2b:14:f9:
e9:da:62:a5:08:4f:11:6d:c2:46:c5:a5:5f:a1:97:
34:b3:11:79:fc:12:ae:25:2f:9f:fd:e9:ed:f3:f4:
06:aa:1a:13:7f:95:69:d0:f5:f9:67:e6:b1:12:bf:
8e:b5:61:90:00:40:9d:20:ce:0b:d5:9f:aa:67:03:
58:48:d1:18:da:7c:d6:0f:b7:d4:b9:35:1b:aa:02:
04:7c:06:d0:16:3f:a9:59:67:1e:e6:08:ad:e5:b5:
77:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:97:39:08:A5:72:57:D7:2A:D7:51:D0:75:AC:B3:06:14:BD:11:E6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b853ac2-828f-4aaf-9728-f1a950d4f541.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.156.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9f:68:46:9e:17:85:86:fb:70:6b:d1:4f:f7:cc:00:21:de:1a:
bb:27:3e:11:84:12:a2:c6:09:f7:dd:2c:1c:64:81:4f:66:dd:
29:76:a9:40:0e:25:fa:5f:13:aa:81:77:92:09:6d:8f:14:61:
b1:e7:01:fc:b6:66:db:a6:8a:6a:55:5e:c9:d9:ee:d2:16:eb:
0e:61:21:e9:79:76:21:d1:55:10:cd:cd:f5:df:a1:6d:31:4a:
d5:94:b9:15:38:79:c1:39:42:48:9b:26:28:e7:52:b1:98:86:
6d:72:9c:7d:f0:a4:e1:bf:51:a1:de:f6:50:c2:6b:27:be:df:
14:7d:72:34:07:07:14:b7:da:93:20:94:80:59:25:31:da:a6:
ae:b2:c5:b6:47:e3:85:72:3a:89:bf:f2:d1:2e:36:9b:75:22:
65:fa:69:63:2e:1a:84:3e:81:a3:47:ed:55:f7:6a:34:d9:9f:
5c:2d:3e:e8:0c:80:db:4c:22:43:b4:d3:02:02:b0:e4:28:2e:
ef:65:d0:89:42:66:1d:24:fc:ae:ed:1d:d5:2f:1b:28:7b:93:
21:62:58:44:be:db:42:8a:a3:ee:8b:22:2e:ad:0e:ee:36:4d:
23:3d:f1:8a:23:0c:6c:64:e3:4b:d2:db:db:ab:87:88:3e:fb:
f9:4e:d1:a0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJZNOOUErHpZZd27NK75aDwb/0SkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxODEwN2NmNDkxZDBiN2NjY2YwMjQ3YTg2YjBkMjIyZTFk
MDgxMDY1YzJiNzEwYTFlNDg1YjgxM2ZhNDJhMjgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvrgztlpXOV72m3OiNJk5LSkqVu3vcWdVdzzaGyH0IF0LY
+8aZ3IgiGHU8L3MTaLPQZlgS5K4jK3faps02xZtdeeasqblZmCLKo5sVA66Y8yKh
wDK970akYpVYQ6a4l6uDz0TAAcgqifGa/ma0AICUmWV72iK/sBGGbt99H34X8IPw
MsUjzh5XjpPeT1HPpG5H5KCs705u/MJN84A61Xx6BysU+enaYqUITxFtwkbFpV+h
lzSzEXn8Eq4lL5/96e3z9AaqGhN/lWnQ9fln5rESv461YZAAQJ0gzgvVn6pnA1hI
0RjafNYPt9S5NRuqAgR8BtAWP6lZZx7mCK3ltXepAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUN5c5CKVyV9cq11HQdayzBhS9EeYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzViODUzYWMyLTgyOGYtNGFhZi05NzI4LWYxYTk1MGQ0ZjU0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJsnDANBgkqhkiG9w0BAQsFAAOCAQEAn2hGnheFhvtwa9FP98wAId4auyc+
EYQSosYJ990sHGSBT2bdKXapQA4l+l8TqoF3kgltjxRhsecB/LZm26aKalVeydnu
0hbrDmEh6Xl2IdFVEM3N9d+hbTFK1ZS5FTh5wTlCSJsmKOdSsZiGbXKcffCk4b9R
od72UMJrJ77fFH1yNAcHFLfakyCUgFklMdqmrrLFtkfjhXI6ib/y0S42m3UiZfpp
Yy4ahD6Bo0ftVfdqNNmfXC0+6AyA20wiQ7TTAgKw5Cgu72XQiUJmHST8ru0d1S8b
KHuTIWJYRL7bQoqj7osiLq0O7jZNIz3xiiMMbGTjS9Lb26uHiD77+U7RoA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:06 2025 by rpki-client