Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65e077d5-d00b-4bee-8f23-bbb6499e72b5.roa
File: 65e077d5-d00b-4bee-8f23-bbb6499e72b5.roa (raw, json)
Hash identifier: wf0awUeIqInN7gwHWu90cdWokiRp6BrUL6vBGAkWQSo=
Subject key identifier: B4:FD:1E:02:54:47:65:42:BE:CF:17:78:9B:52:F4:C3:2B:30:E4:A4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 68F76D34A6136F213B1448ECFA37F046405A1CDD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65e077d5-d00b-4bee-8f23-bbb6499e72b5.roa
Signing time: Fri 23 Feb 2024 00:00:00 +0000
ROA not before: Fri 23 Feb 2024 00:00:00 +0000
ROA not after: Fri 29 Mar 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2600:1f61:8000::/39 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f7:6d:34:a6:13:6f:21:3b:14:48:ec:fa:37:f0:46:40:5a:1c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Feb 23 00:00:00 2024 GMT
Not After : Mar 29 23:59:59 2024 GMT
Subject: serialNumber=54be5648aa1938da18ccf3ae2f78f7629199fbf524820dc6cbfe75238dad650e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b5:28:54:5d:30:bd:f6:04:81:91:f4:d1:87:
82:01:5a:88:d0:d0:7b:45:09:1d:c5:81:1c:5f:bb:
a3:d5:57:03:17:fb:51:26:e0:e9:fb:49:5e:a1:a1:
0e:d5:3f:63:09:d7:02:49:05:28:23:a4:11:76:35:
62:c4:d6:29:00:2c:30:4c:2c:31:d5:51:4a:78:c3:
8a:87:d8:ae:48:84:f3:f0:ec:b0:e5:58:d9:1f:65:
df:5d:15:4c:8e:bf:c0:65:0a:54:21:70:32:5a:80:
63:10:2a:20:64:2e:d2:ac:97:21:08:37:b3:e0:04:
91:28:1d:02:58:5a:a2:31:69:c6:8b:d2:9d:86:c3:
a6:c1:4c:31:9e:e4:80:2a:60:22:12:4b:40:51:ea:
b1:95:f7:37:8f:5d:01:88:ec:bc:df:f7:ba:e0:5e:
f1:b1:93:23:8c:fd:3b:bc:53:35:d5:90:4d:c6:9a:
32:7a:fa:80:dc:8d:07:38:97:43:91:22:eb:ba:b6:
ee:30:eb:5a:5d:1a:fb:b8:c4:c3:98:f9:74:c0:be:
0b:65:df:77:98:7c:18:63:e3:22:24:23:8d:ab:ec:
f0:63:c2:8d:34:1b:18:2c:4b:1c:d5:f6:c9:4b:40:
f8:af:ef:98:93:cb:cd:1b:b8:4d:f5:5d:96:1d:61:
4d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:FD:1E:02:54:47:65:42:BE:CF:17:78:9B:52:F4:C3:2B:30:E4:A4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65e077d5-d00b-4bee-8f23-bbb6499e72b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f61:8000::/39
Signature Algorithm: sha256WithRSAEncryption
11:4e:3f:1b:94:86:ce:2b:a3:fd:67:c0:11:b4:bb:25:7a:9c:
1e:c6:e7:81:22:28:a2:98:53:9d:fb:f4:56:88:60:32:1f:70:
87:ce:54:70:f6:ac:a6:ed:d1:bd:97:75:19:8a:9b:2d:57:5e:
b8:36:e3:7f:45:3a:97:6a:3c:6f:bb:78:7c:d3:4c:55:32:7f:
5d:17:72:c3:32:d7:bb:4e:cf:ad:ce:d9:f4:da:47:9d:3b:dc:
70:95:07:68:78:7d:bb:1d:23:11:b3:0c:c2:59:61:0b:bf:7e:
03:2d:cc:87:cb:5f:a3:8f:88:85:69:86:29:4e:2d:fe:a4:a7:
a6:ff:b3:58:2e:85:85:ff:1d:51:80:4b:a1:a5:3d:09:29:ca:
41:d9:c8:ef:62:4e:81:42:d7:5f:ee:cf:f5:77:15:82:48:6d:
4e:f4:f1:0e:43:12:2b:24:73:54:d6:af:60:ed:f5:20:e5:f1:
16:c7:a0:14:06:08:91:3f:43:b3:53:3e:48:a2:a6:74:ff:75:
85:25:55:db:6d:df:09:0c:0a:d7:39:45:e7:64:f8:8d:1b:e7:
d2:b9:4e:a5:6d:f3:0d:a7:84:23:8d:af:d3:88:c3:5d:24:d7:
10:03:f7:cc:35:eb:ba:5e:60:28:4c:b0:e7:56:e1:30:97:4c:
44:6b:42:3f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUaPdtNKYTbyE7FEjs+jfwRkBaHN0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMjIzMDAwMDAwWhcNMjQwMzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NGJlNTY0OGFhMTkzOGRhMThjY2YzYWUyZjc4Zjc2Mjkx
OTlmYmY1MjQ4MjBkYzZjYmZlNzUyMzhkYWQ2NTBlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCtShUXTC99gSBkfTRh4IBWojQ0HtFCR3FgRxfu6PVVwMX
+1Em4On7SV6hoQ7VP2MJ1wJJBSgjpBF2NWLE1ikALDBMLDHVUUp4w4qH2K5IhPPw
7LDlWNkfZd9dFUyOv8BlClQhcDJagGMQKiBkLtKslyEIN7PgBJEoHQJYWqIxacaL
0p2Gw6bBTDGe5IAqYCISS0BR6rGV9zePXQGI7Lzf97rgXvGxkyOM/Tu8UzXVkE3G
mjJ6+oDcjQc4l0ORIuu6tu4w61pdGvu4xMOY+XTAvgtl33eYfBhj4yIkI42r7PBj
wo00GxgsSxzV9slLQPiv75iTy80buE31XZYdYU15AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUtP0eAlRHZUK+zxd4m1L0wysw5KQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1ZTA3N2Q1LWQwMGItNGJlZS04ZjIzLWJiYjY0OTllNzJiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB9hgDANBgkqhkiG9w0BAQsFAAOCAQEAEU4/G5SGziuj/WfAEbS7JXqc
HsbngSIoophTnfv0VohgMh9wh85UcPaspu3RvZd1GYqbLVdeuDbjf0U6l2o8b7t4
fNNMVTJ/XRdywzLXu07Prc7Z9NpHnTvccJUHaHh9ux0jEbMMwllhC79+Ay3Mh8tf
o4+IhWmGKU4t/qSnpv+zWC6Fhf8dUYBLoaU9CSnKQdnI72JOgULXX+7P9XcVgkht
TvTxDkMSKyRzVNavYO31IOXxFsegFAYIkT9Ds1M+SKKmdP91hSVV223fCQwK1zlF
52T4jRvn0rlOpW3zDaeEI42v04jDXSTXEAP3zDXrul5gKEyw51bhMJdMRGtCPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:52 2024 by rpki-client on console-fra.rpki-client.org