Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6714ab35-fcfc-4a4f-b8cf-9fecda42ba45.roa
File: 6714ab35-fcfc-4a4f-b8cf-9fecda42ba45.roa (raw, json)
Hash identifier: twthuTNYgyGn17IvcLuLHfYPeyT1KqP/i8u3V3RBpJw=
Subject key identifier: 36:AE:D5:00:98:D6:B7:4C:BC:1F:9D:A8:A9:99:A0:A6:05:88:5B:B6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3A279809A8D1A3E65554E65B864D0E2A8C81CCF9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6714ab35-fcfc-4a4f-b8cf-9fecda42ba45.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 68.158.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:27:98:09:a8:d1:a3:e6:55:54:e6:5b:86:4d:0e:2a:8c:81:cc:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=a4f4d173d3707c9ba9e1669e93efd33b564e69c64a9a26df5c54b51b6c20ccb9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:95:16:ef:bb:d8:d4:fd:17:8a:01:97:03:8b:
33:cb:9b:88:44:51:ec:c7:d9:19:23:22:13:9f:11:
0a:da:3e:16:83:79:53:ae:c2:8a:2d:de:9a:98:9a:
13:1e:7c:bf:38:45:34:6d:cf:15:bc:be:90:c7:d8:
b0:1b:f2:7d:13:d7:65:a6:70:8a:62:69:46:a0:ca:
8f:40:7f:54:8e:b3:c2:2c:58:ba:37:9d:8f:1b:37:
4f:68:b1:d4:5a:9f:a7:57:62:ce:8d:26:e5:35:8a:
73:4d:6f:be:c9:e8:0d:46:a7:a7:94:78:b2:bc:c1:
36:88:cf:55:43:52:bc:48:f9:ed:9d:eb:58:2e:e5:
fe:51:fc:5a:40:be:fc:7f:38:a2:42:13:9b:78:f7:
3d:7b:91:5a:2e:68:84:fa:46:35:0c:14:88:5d:eb:
38:16:b2:59:67:9e:10:ad:28:bc:2e:29:56:ee:7d:
81:7b:ee:8e:5a:2c:fc:f8:b1:4e:f0:08:63:c2:b4:
48:91:a6:3b:58:de:a4:dc:3d:6e:b1:b3:bd:ec:6d:
e9:3c:fc:5e:b0:f5:00:d0:80:b9:51:e4:b4:66:77:
7d:42:d2:94:09:1c:35:e5:1d:6d:18:1a:50:1c:e9:
3d:7a:2c:45:8b:92:d7:dc:af:ea:10:99:6e:23:2c:
47:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AE:D5:00:98:D6:B7:4C:BC:1F:9D:A8:A9:99:A0:A6:05:88:5B:B6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6714ab35-fcfc-4a4f-b8cf-9fecda42ba45.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
68.158.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:a3:ed:c9:6e:b8:26:b1:60:5b:ef:02:94:c4:be:e2:40:ae:
0c:92:63:86:d8:a3:92:20:ed:09:fd:f4:ad:43:71:33:04:30:
b1:ff:a7:69:73:79:1c:12:88:78:8d:3c:cc:7b:64:88:a3:17:
51:7e:3c:1d:3c:f1:6b:b4:8f:a8:97:58:86:f7:bf:e4:2d:19:
8f:cd:87:5e:6b:34:f4:4b:94:d7:8d:46:49:16:58:65:2d:70:
af:4b:1d:21:d4:46:f1:c1:36:e0:5e:c0:01:14:b2:bf:2c:db:
5a:f7:70:62:6c:52:67:f0:67:26:92:ba:e6:45:9b:69:f4:21:
4d:8c:f9:5c:01:20:d8:b3:10:40:9a:1d:26:17:9c:6e:ff:4f:
36:84:42:62:4d:28:e0:68:e9:23:1a:dd:b3:d6:de:58:e6:87:
97:91:12:b9:0f:b1:46:dd:6c:fb:e7:ef:b4:88:4b:29:80:c2:
58:ef:1f:bd:35:f2:a0:75:da:ff:1a:cb:a8:07:d3:7e:dd:78:
74:52:fb:e7:2f:91:aa:87:03:4b:46:d2:2c:d0:a3:dc:1b:7d:
0a:0b:e1:4d:95:27:7a:00:31:c1:ec:f6:12:da:48:c9:07:34:
f6:9c:00:d6:2d:25:09:c8:6c:6f:df:a4:54:c2:44:40:f0:f3:
41:02:a9:e4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOieYCajRo+ZVVOZbhk0OKoyBzPkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNGY0ZDE3M2QzNzA3YzliYTllMTY2OWU5M2VmZDMzYjU2
NGU2OWM2NGE5YTI2ZGY1YzU0YjUxYjZjMjBjY2I5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDnlRbvu9jU/ReKAZcDizPLm4hEUezH2RkjIhOfEQraPhaD
eVOuwoot3pqYmhMefL84RTRtzxW8vpDH2LAb8n0T12WmcIpiaUagyo9Af1SOs8Is
WLo3nY8bN09osdRan6dXYs6NJuU1inNNb77J6A1Gp6eUeLK8wTaIz1VDUrxI+e2d
61gu5f5R/FpAvvx/OKJCE5t49z17kVouaIT6RjUMFIhd6zgWsllnnhCtKLwuKVbu
fYF77o5aLPz4sU7wCGPCtEiRpjtY3qTcPW6xs73sbek8/F6w9QDQgLlR5LRmd31C
0pQJHDXlHW0YGlAc6T16LEWLktfcr+oQmW4jLEfRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUNq7VAJjWt0y8H52oqZmgpgWIW7YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY3MTRhYjM1LWZjZmMtNGE0Zi1iOGNmLTlmZWNkYTQyYmE0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBEnjANBgkqhkiG9w0BAQsFAAOCAQEATKPtyW64JrFgW+8ClMS+4kCuDJJj
htijkiDtCf30rUNxMwQwsf+naXN5HBKIeI08zHtkiKMXUX48HTzxa7SPqJdYhve/
5C0Zj82HXms09EuU141GSRZYZS1wr0sdIdRG8cE24F7AARSyvyzbWvdwYmxSZ/Bn
JpK65kWbafQhTYz5XAEg2LMQQJodJhecbv9PNoRCYk0o4GjpIxrds9beWOaHl5ES
uQ+xRt1s++fvtIhLKYDCWO8fvTXyoHXa/xrLqAfTft14dFL75y+RqocDS0bSLNCj
3Bt9CgvhTZUnegAxwez2EtpIyQc09pwA1i0lCchsb9+kVMJEQPDzQQKp5A==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:00:36 2025 by rpki-client