Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60296100-2830-4fdf-8e75-9b29c3ec34af.roa
File: 60296100-2830-4fdf-8e75-9b29c3ec34af.roa (raw, json)
Hash identifier: 10nhN8C3NN36OhHeSYZ0YjELzXZ82sFNRNn+R5mE78k=
Subject key identifier: 00:1F:1E:07:9E:3B:12:42:B2:5E:E5:FC:FF:52:04:E7:84:D6:9C:41
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2C4362D694B1E0A841B32697E88322C9A9FA0810
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60296100-2830-4fdf-8e75-9b29c3ec34af.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 137.160.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:43:62:d6:94:b1:e0:a8:41:b3:26:97:e8:83:22:c9:a9:fa:08:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: serialNumber=60ae06629071ee8ee530968cc788a23e6b01192450789955e86a43fe620448b9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4a:6e:5e:5e:95:e8:76:50:37:c3:95:fe:23:
96:4c:ae:c3:f6:cb:40:eb:f6:b4:9a:d4:b1:0f:bc:
67:be:5e:95:c0:4a:86:7f:a9:b9:b9:9f:b9:76:f3:
14:59:a3:a8:36:75:a6:bd:77:0f:f5:48:3f:1f:0e:
5f:98:e5:9a:ff:73:ad:62:dd:f9:43:6b:c4:1c:1f:
ad:26:e8:fc:47:92:7c:a3:52:0b:35:c6:9c:d2:57:
22:d9:5b:cc:fa:4e:3d:1e:36:8e:8f:dc:e3:0a:84:
cc:94:96:fc:0d:a5:f1:56:ca:15:4a:21:90:f0:62:
e6:f9:51:2a:d3:dc:28:c8:5c:57:40:11:5b:52:c8:
67:51:54:ba:1d:8b:99:48:ba:45:cf:4d:27:30:df:
3c:a9:41:d2:91:01:e0:a3:24:38:f0:3d:19:50:2e:
24:d1:a9:1b:cb:de:c8:6b:ad:45:93:47:97:e4:9c:
65:6c:da:33:95:f1:c5:2e:06:f6:88:1a:2b:c3:39:
e0:06:2d:8e:a2:64:8c:6f:8e:c8:4f:a9:af:08:e2:
53:fd:7e:ca:3e:c3:5f:77:c2:c3:ea:73:a8:08:80:
c6:ff:e4:54:cf:95:89:8a:ad:34:df:5d:86:3f:34:
30:1a:03:11:22:c5:1e:16:be:64:03:4e:64:2d:f8:
b9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:1F:1E:07:9E:3B:12:42:B2:5E:E5:FC:FF:52:04:E7:84:D6:9C:41
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60296100-2830-4fdf-8e75-9b29c3ec34af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:ba:05:61:53:31:4f:ce:14:b2:57:64:9d:41:15:50:32:eb:
9f:a4:fc:41:b5:f1:f7:25:56:fb:64:fb:45:d6:b8:3b:0c:40:
87:a3:8a:14:82:ca:02:17:17:25:5e:3a:c0:24:e4:a3:f3:5f:
d8:22:46:55:91:f1:98:ca:4b:bc:c9:a3:74:a5:7e:2e:6f:2c:
e5:b9:0e:b0:01:75:7a:45:1c:67:b9:03:70:b2:9b:d4:d2:3c:
86:cf:9d:e4:64:02:4d:ff:48:96:b5:a1:7a:d2:5a:7e:f0:67:
7a:24:63:a4:bd:24:f7:ba:b0:1e:10:5c:04:df:6f:b3:a6:d8:
36:4f:3d:35:73:0f:86:11:94:f1:97:49:40:21:dd:0c:23:6e:
0b:49:a6:44:4e:a4:fe:a0:79:47:a6:a9:e0:ef:bd:75:d3:ab:
d0:84:a1:d1:99:ba:86:e8:00:89:00:83:89:7c:bd:8b:76:65:
0f:68:33:3d:14:53:81:4d:af:20:90:ad:c5:9e:56:ba:9a:7e:
10:56:1a:8b:7d:a6:9e:3f:41:05:71:21:0a:64:da:54:b5:1e:
e3:6b:5a:cb:6b:9c:e8:78:4e:a0:ad:29:87:14:12:db:a6:2d:
82:8d:d5:96:0c:b2:07:c9:fc:6f:bf:1c:f5:bb:7b:cf:66:31:
2c:b2:4b:a9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULENi1pSx4KhBsyaX6IMiyan6CBAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI1MDAwMDAwWhcNMjUwMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MGFlMDY2MjkwNzFlZThlZTUzMDk2OGNjNzg4YTIzZTZi
MDExOTI0NTA3ODk5NTVlODZhNDNmZTYyMDQ0OGI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbSm5eXpXodlA3w5X+I5ZMrsP2y0Dr9rSa1LEPvGe+XpXA
SoZ/qbm5n7l28xRZo6g2daa9dw/1SD8fDl+Y5Zr/c61i3flDa8QcH60m6PxHknyj
Ugs1xpzSVyLZW8z6Tj0eNo6P3OMKhMyUlvwNpfFWyhVKIZDwYub5USrT3CjIXFdA
EVtSyGdRVLodi5lIukXPTScw3zypQdKRAeCjJDjwPRlQLiTRqRvL3shrrUWTR5fk
nGVs2jOV8cUuBvaIGivDOeAGLY6iZIxvjshPqa8I4lP9fso+w193wsPqc6gIgMb/
5FTPlYmKrTTfXYY/NDAaAxEixR4WvmQDTmQt+LlHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUAB8eB547EkKyXuX8/1IE54TWnEEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwMjk2MTAwLTI4MzAtNGZkZi04ZTc1LTliMjljM2VjMzRhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCJoDANBgkqhkiG9w0BAQsFAAOCAQEAZroFYVMxT84UsldknUEVUDLrn6T8
QbXx9yVW+2T7Rda4OwxAh6OKFILKAhcXJV46wCTko/Nf2CJGVZHxmMpLvMmjdKV+
Lm8s5bkOsAF1ekUcZ7kDcLKb1NI8hs+d5GQCTf9IlrWhetJafvBneiRjpL0k97qw
HhBcBN9vs6bYNk89NXMPhhGU8ZdJQCHdDCNuC0mmRE6k/qB5R6ap4O+9ddOr0ISh
0Zm6hugAiQCDiXy9i3ZlD2gzPRRTgU2vIJCtxZ5Wupp+EFYai32mnj9BBXEhCmTa
VLUe42tay2uc6HhOoK0phxQS26Ytgo3VlgyyB8n8b78c9bt7z2YxLLJLqQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:17:59 2025 by rpki-client