Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c73514f-07ce-47ec-b4e3-1202588d3efc.roa
File: 5c73514f-07ce-47ec-b4e3-1202588d3efc.roa (raw, json)
Hash identifier: 8HKlr10sgAvSTA0nKNIjKgnys06IKm0UoR3ycA20Whg=
Subject key identifier: A7:04:76:3A:CC:89:7E:AF:E9:AA:2C:37:B1:AB:B6:7A:11:E0:21:C3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 218DEB8BF5A1EF60E3ACD8CEFFCDCF4A1A909639
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c73514f-07ce-47ec-b4e3-1202588d3efc.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 66.34.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8d:eb:8b:f5:a1:ef:60:e3:ac:d8:ce:ff:cd:cf:4a:1a:90:96:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=cee93332d0bb17c7a17a013958421b7022cc297d0520073774af803ad7bb54a1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:25:47:92:26:cd:6a:09:3b:b4:10:5b:99:d8:
33:b5:d9:fd:b5:06:b6:3a:4c:3f:35:91:9c:2b:17:
35:e7:96:8b:44:eb:17:9c:30:32:fb:56:a2:ff:64:
00:11:4b:89:bd:ad:7b:6d:6b:73:47:78:5b:66:5d:
f0:be:cd:4f:cc:6c:26:57:12:bb:45:26:0e:88:a3:
cd:28:52:df:4f:88:cc:0c:42:d4:00:b5:8c:ef:38:
ad:bd:70:14:66:ff:f6:de:21:13:b3:78:0d:e8:d6:
5f:43:a5:97:bb:04:32:85:f5:18:74:ba:0e:15:f7:
d0:ff:0b:57:53:5c:b8:43:fc:83:46:76:86:d0:48:
49:39:d5:bd:86:7d:1e:73:e4:bd:e8:12:c2:bf:b0:
e7:3e:73:0a:9a:42:7c:08:cb:f1:cf:5d:76:0c:27:
81:42:54:1c:79:b6:b9:8c:15:e7:e4:d5:2d:9a:ae:
83:9a:9d:e1:e3:a3:43:d3:b3:66:e8:d2:02:6a:55:
af:28:9b:0f:d4:f2:8b:57:f6:7f:8d:62:58:84:fc:
f6:aa:17:15:f0:51:b4:94:f9:58:01:db:99:06:29:
4b:31:6b:ef:08:d6:b2:0d:32:31:c9:23:9b:98:46:
09:19:63:c8:0d:cd:5b:b6:a1:4a:cf:cc:0f:0b:49:
d0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:04:76:3A:CC:89:7E:AF:E9:AA:2C:37:B1:AB:B6:7A:11:E0:21:C3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c73514f-07ce-47ec-b4e3-1202588d3efc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:7a:6c:9e:50:18:a5:82:b2:85:52:8a:8c:b8:af:4f:37:bc:
5c:07:e2:2b:b5:4f:e2:62:c0:6e:9c:2b:0a:96:1e:6e:4c:cf:
c0:a0:c0:aa:03:4c:5a:6a:2c:42:1e:83:88:27:12:27:27:1f:
2b:62:2b:1c:58:33:e6:9c:78:47:14:75:21:01:76:32:7a:ba:
17:41:92:5c:3d:7c:43:3b:9b:58:d1:35:d9:bb:c8:04:67:c0:
c3:cf:43:b6:49:28:08:e8:ff:d3:3b:1d:b5:f1:cb:32:91:f9:
68:ff:a0:e2:d7:71:53:0e:94:ab:77:27:55:7b:2f:69:8b:48:
8c:f2:b3:a8:01:b8:dd:d8:42:35:09:8b:d7:57:b1:36:f9:9a:
69:8f:87:ae:74:86:f0:15:4e:49:98:07:94:fd:cd:07:42:70:
2b:89:ee:27:a1:1c:ee:05:49:b7:37:50:88:38:70:a2:71:2c:
1d:4b:46:34:32:ec:23:05:b1:42:4d:85:3e:da:82:95:c5:77:
ac:09:81:5f:3c:7f:a9:e6:de:53:72:a6:a9:da:ce:a1:f9:63:
70:12:78:59:ee:7c:20:46:40:ab:59:6f:ed:4a:b3:69:a2:df:
aa:63:c0:16:f9:70:15:04:41:4b:5b:3d:21:13:11:d9:cd:da:
e6:79:1b:68
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIY3ri/Wh72DjrNjO/83PShqQljkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZWU5MzMzMmQwYmIxN2M3YTE3YTAxMzk1ODQyMWI3MDIy
Y2MyOTdkMDUyMDA3Mzc3NGFmODAzYWQ3YmI1NGExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgJUeSJs1qCTu0EFuZ2DO12f21BrY6TD81kZwrFzXnlotE
6xecMDL7VqL/ZAARS4m9rXtta3NHeFtmXfC+zU/MbCZXErtFJg6Io80oUt9PiMwM
QtQAtYzvOK29cBRm//beIROzeA3o1l9DpZe7BDKF9Rh0ug4V99D/C1dTXLhD/ING
dobQSEk51b2GfR5z5L3oEsK/sOc+cwqaQnwIy/HPXXYMJ4FCVBx5trmMFefk1S2a
roOaneHjo0PTs2bo0gJqVa8omw/U8otX9n+NYliE/PaqFxXwUbSU+VgB25kGKUsx
a+8I1rINMjHJI5uYRgkZY8gNzVu2oUrPzA8LSdC/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpwR2OsyJfq/pqiw3sau2ehHgIcMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVjNzM1MTRmLTA3Y2UtNDdlYy1iNGUzLTEyMDI1ODhkM2VmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBCIjANBgkqhkiG9w0BAQsFAAOCAQEAdnpsnlAYpYKyhVKKjLivTze8XAfi
K7VP4mLAbpwrCpYebkzPwKDAqgNMWmosQh6DiCcSJycfK2IrHFgz5px4RxR1IQF2
Mnq6F0GSXD18QzubWNE12bvIBGfAw89DtkkoCOj/0zsdtfHLMpH5aP+g4tdxUw6U
q3cnVXsvaYtIjPKzqAG43dhCNQmL11exNvmaaY+HrnSG8BVOSZgHlP3NB0JwK4nu
J6Ec7gVJtzdQiDhwonEsHUtGNDLsIwWxQk2FPtqClcV3rAmBXzx/qebeU3KmqdrO
ofljcBJ4We58IEZAq1lv7UqzaaLfqmPAFvlwFQRBS1s9IRMR2c3a5nkbaA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:05:53 2025 by rpki-client