Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62b6a94c-9079-4b92-b2f6-2803d071cf0b.roa
File: 62b6a94c-9079-4b92-b2f6-2803d071cf0b.roa (raw, json)
Hash identifier: VAQwAWcNZEfFao1oDlSdpogxYIrepuT+qL2oetl+OGg=
Subject key identifier: 29:53:87:2F:29:A5:F0:A4:11:54:46:AA:C8:5E:1C:AA:70:B7:65:64
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 257D059BD5D6A10E238E7F2DA14E22F1FBC31F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62b6a94c-9079-4b92-b2f6-2803d071cf0b.roa
Signing time: Mon 25 Nov 2024 00:00:00 +0000
ROA not before: Mon 25 Nov 2024 00:00:00 +0000
ROA not after: Mon 30 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 75.3.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:7d:05:9b:d5:d6:a1:0e:23:8e:7f:2d:a1:4e:22:f1:fb:c3:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 25 00:00:00 2024 GMT
Not After : Dec 30 23:59:59 2024 GMT
Subject: serialNumber=5eb90239619934c8c4527e88157d214b87d4444d753eca4313a19207d1a981c0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a6:81:a1:f4:11:c9:98:a4:3a:14:f1:af:a1:
02:67:a0:b4:08:41:dd:79:bf:50:4b:92:f5:93:08:
85:bb:8b:07:5e:47:bc:6c:6e:9d:43:00:44:5a:c4:
80:c0:59:3a:b4:f2:37:2f:19:b6:f6:d7:1b:5c:ac:
a2:2c:dc:84:4f:c1:fa:79:90:12:c1:dd:fb:c8:9d:
1d:84:8d:01:4f:81:5a:8c:77:a8:5b:7b:32:ac:8b:
c4:d7:b3:fb:9b:99:06:c3:57:e9:36:00:13:be:78:
7b:6a:4b:5b:84:87:94:28:9a:e1:a6:15:7c:ec:92:
cf:92:51:28:20:05:c6:58:31:93:7f:78:2c:60:5d:
b2:83:93:d7:31:a3:ea:56:8d:36:7c:d6:b4:a0:35:
ce:24:39:64:d2:aa:80:f6:48:1f:d0:ed:3a:3c:e6:
64:f1:a5:c0:c7:72:38:fd:9f:71:b7:1c:d3:0a:05:
bc:e3:95:7e:1f:69:85:49:a8:43:f8:f5:ac:f6:ef:
fc:9f:c5:8a:d0:02:dd:4f:d4:bd:9f:6f:8d:8e:0e:
7a:57:c6:ab:3d:28:2c:0b:95:b6:1b:20:cb:31:09:
88:ce:71:e4:7d:bf:d4:9f:45:a7:7a:e4:a2:54:e2:
4e:70:02:8d:e8:15:74:a8:bb:f3:e5:cd:2b:43:6d:
bf:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:53:87:2F:29:A5:F0:A4:11:54:46:AA:C8:5E:1C:AA:70:B7:65:64
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62b6a94c-9079-4b92-b2f6-2803d071cf0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
75.3.0.0/18
Signature Algorithm: sha256WithRSAEncryption
74:1d:32:08:59:e0:8e:fe:25:8f:36:79:47:97:f5:7f:bb:bc:
75:25:87:c3:b5:04:92:43:df:31:d9:15:41:ba:c2:22:9e:54:
02:58:57:f4:2a:0e:d5:4b:6a:74:9b:94:67:cf:87:11:8c:53:
47:7e:de:6e:93:96:2d:5f:e3:67:70:06:4c:c1:2a:d3:dc:a4:
f2:1e:e8:10:56:63:c7:4a:d9:39:19:3e:cb:66:02:8d:ab:9e:
94:76:20:8d:e3:54:8c:8b:dd:6d:95:6e:be:42:a5:81:8e:f9:
fd:7c:05:86:76:20:24:10:7a:0f:e7:a5:fb:bf:e1:fa:da:da:
aa:86:a8:e0:0b:cd:8f:10:b0:93:f6:fe:ad:cb:c8:a2:6c:56:
c2:44:54:c9:6c:da:58:bf:6a:e8:b9:8e:fa:db:cb:3c:97:42:
5c:1c:26:ce:4f:89:3d:2a:3f:aa:22:75:c9:cd:e4:a3:52:60:
8a:75:bd:40:80:4e:5b:a2:76:1e:11:85:54:5e:63:2f:92:66:
1a:66:eb:89:d9:16:c3:58:d4:55:8a:48:7d:2c:5f:f7:a9:06:
25:fc:1f:cc:b3:5e:f9:d5:cb:02:e0:e8:e6:38:b7:7f:89:db:
d4:b6:bf:77:27:c0:d7:e2:dd:d8:01:c8:bf:33:81:53:7e:e4:
95:ba:f3:cf
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITJX0Fm9XWoQ4jjn8toU4i8fvDHzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNDExMjUwMDAwMDBaFw0yNDEyMzAyMzU5NTla
MHoxSTBHBgNVBAUTQDVlYjkwMjM5NjE5OTM0YzhjNDUyN2U4ODE1N2QyMTRiODdk
NDQ0NGQ3NTNlY2E0MzEzYTE5MjA3ZDFhOTgxYzAxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmmgaH0EcmYpDoU8a+hAmegtAhB3Xm/UEuS9ZMIhbuLB15H
vGxunUMARFrEgMBZOrTyNy8ZtvbXG1ysoizchE/B+nmQEsHd+8idHYSNAU+BWox3
qFt7MqyLxNez+5uZBsNX6TYAE754e2pLW4SHlCia4aYVfOySz5JRKCAFxlgxk394
LGBdsoOT1zGj6laNNnzWtKA1ziQ5ZNKqgPZIH9DtOjzmZPGlwMdyOP2fcbcc0woF
vOOVfh9phUmoQ/j1rPbv/J/FitAC3U/UvZ9vjY4OelfGqz0oLAuVthsgyzEJiM5x
5H2/1J9Fp3rkolTiTnACjegVdKi78+XNK0Ntv10CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQpU4cvKaXwpBFURqrIXhyqcLdlZDAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvNjJiNmE5NGMtOTA3OS00YjkyLWIyZjYtMjgwM2QwNzFjZjBiLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBksDADANBgkqhkiG9w0BAQsFAAOCAQEAdB0yCFngjv4ljzZ5R5f1f7u8dSWH
w7UEkkPfMdkVQbrCIp5UAlhX9CoO1UtqdJuUZ8+HEYxTR37ebpOWLV/jZ3AGTMEq
09yk8h7oEFZjx0rZORk+y2YCjauelHYgjeNUjIvdbZVuvkKlgY75/XwFhnYgJBB6
D+el+7/h+traqoao4AvNjxCwk/b+rcvIomxWwkRUyWzaWL9q6LmO+tvLPJdCXBwm
zk+JPSo/qiJ1yc3ko1JginW9QIBOW6J2HhGFVF5jL5JmGmbridkWw1jUVYpIfSxf
96kGJfwfzLNe+dXLAuDo5ji3f4nb1La/dyfA1+Ld2AHIvzOBU37klbrzzw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:48:44 2025 by rpki-client