Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e781df5-2e01-4681-90b6-7d1a50f9504e.roa
File: 6e781df5-2e01-4681-90b6-7d1a50f9504e.roa (raw, json)
Hash identifier: 0I3x/NY+lKgXu24X9SxlJy5Z/ig+3W+yKENC90DEXb8=
Subject key identifier: 54:4A:26:FC:74:00:8E:87:9B:5D:C0:53:2C:80:3C:A8:B7:22:03:B9
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 20E15631E88FDB7E4F316242FDCD0C8A557D3F17
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e781df5-2e01-4681-90b6-7d1a50f9504e.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 78.12.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:e1:56:31:e8:8f:db:7e:4f:31:62:42:fd:cd:0c:8a:55:7d:3f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=e91e34329b75d451b73eff960c300e025d0ed1b514318abef921832e8583a747, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9c:ce:3f:03:11:18:c4:08:42:08:46:fa:86:
5f:7e:62:ee:51:eb:65:4a:91:ef:8b:77:dc:fc:c5:
06:1e:8a:38:37:13:94:f3:a9:6a:ac:6b:0e:07:cc:
da:bc:22:7a:77:1f:5a:77:3f:45:68:2a:8b:04:31:
a8:7b:95:b9:09:b5:83:37:ac:c7:37:e6:00:08:c0:
fa:75:d8:1d:7e:12:47:94:48:96:da:d0:c2:bf:90:
c5:22:bf:c6:aa:47:4b:35:ae:a0:fa:9b:8b:1a:48:
73:c3:85:be:82:e7:8a:16:6f:f4:74:9c:fd:fc:7e:
7e:31:7f:69:d2:6a:ca:ed:fa:0e:c7:f1:94:88:ac:
ee:1a:c5:d4:7a:c6:e4:3e:a0:5a:cc:3b:1a:53:75:
06:2b:2d:55:d8:a4:fa:72:fe:c6:c2:a0:c3:75:a0:
5e:2a:05:c9:af:c3:9b:55:2a:dc:98:ec:6a:b7:7e:
ed:ea:40:66:5f:4d:de:fc:6c:cd:9c:71:cf:36:3b:
cf:f6:2b:5e:42:a2:0a:a9:19:10:de:45:2a:73:66:
65:22:86:6b:71:1b:b1:c0:ce:09:80:7a:ff:14:b4:
ed:84:41:a3:c2:8f:b7:1c:9d:e6:ff:22:2f:0f:07:
15:78:1b:3d:9b:f8:75:31:86:11:26:c2:f5:ac:44:
37:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:4A:26:FC:74:00:8E:87:9B:5D:C0:53:2C:80:3C:A8:B7:22:03:B9
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e781df5-2e01-4681-90b6-7d1a50f9504e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.12.0.0/14
Signature Algorithm: sha256WithRSAEncryption
52:ac:f9:b9:78:0d:f3:43:8b:dc:d7:79:47:3a:9f:66:d2:05:
4d:9e:7d:a4:a1:a7:dd:83:78:b6:da:c5:ec:e9:72:09:68:05:
8e:08:23:79:8f:fe:ab:9a:94:73:ae:ed:cd:70:a7:04:f8:9d:
09:3e:4f:f7:c0:3d:42:6c:a0:01:9d:0d:a5:cf:fd:d0:3b:01:
a3:bb:08:53:ee:55:fe:46:bf:25:bb:31:5c:36:c9:5a:2b:af:
06:78:b7:17:2e:71:e7:6d:45:67:a4:b8:c5:a1:99:cf:15:be:
7d:9f:8c:d6:13:4e:f5:fa:99:d1:6a:05:cc:6d:c0:d6:fe:35:
5a:71:0d:dc:08:f6:6a:34:45:67:69:f2:d1:2b:84:89:c0:34:
34:9a:6b:71:72:21:16:23:6a:32:49:65:25:cc:d5:30:d9:bc:
32:99:b9:d0:e4:31:4b:6b:9d:9a:83:c4:53:39:fb:a6:82:30:
55:c7:67:03:9f:ed:f7:c4:7f:36:aa:cb:ac:70:f5:53:ab:3e:
cb:6c:94:fd:00:80:b7:07:d2:0c:53:5c:0a:a8:3c:97:ce:fa:
0a:3a:b3:e1:16:0a:cf:76:8c:16:6d:fe:c1:c8:37:ce:ae:41:
d2:59:92:4d:77:ce:26:1a:87:46:5e:0b:7d:7c:b6:da:19:ba:
a7:09:50:ac
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIOFWMeiP235PMWJC/c0MilV9PxcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOTFlMzQzMjliNzVkNDUxYjczZWZmOTYwYzMwMGUwMjVk
MGVkMWI1MTQzMThhYmVmOTIxODMyZTg1ODNhNzQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKnM4/AxEYxAhCCEb6hl9+Yu5R62VKke+Ld9z8xQYeijg3
E5TzqWqsaw4HzNq8Inp3H1p3P0VoKosEMah7lbkJtYM3rMc35gAIwPp12B1+EkeU
SJba0MK/kMUiv8aqR0s1rqD6m4saSHPDhb6C54oWb/R0nP38fn4xf2nSasrt+g7H
8ZSIrO4axdR6xuQ+oFrMOxpTdQYrLVXYpPpy/sbCoMN1oF4qBcmvw5tVKtyY7Gq3
fu3qQGZfTd78bM2ccc82O8/2K15CogqpGRDeRSpzZmUihmtxG7HAzgmAev8UtO2E
QaPCj7ccneb/Ii8PBxV4Gz2b+HUxhhEmwvWsRDezAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUVEom/HQAjoebXcBTLIA8qLciA7kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZlNzgxZGY1LTJlMDEtNDY4MS05MGI2LTdkMWE1MGY5NTA0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJODDANBgkqhkiG9w0BAQsFAAOCAQEAUqz5uXgN80OL3Nd5RzqfZtIFTZ59
pKGn3YN4ttrF7OlyCWgFjggjeY/+q5qUc67tzXCnBPidCT5P98A9QmygAZ0Npc/9
0DsBo7sIU+5V/ka/JbsxXDbJWiuvBni3Fy5x521FZ6S4xaGZzxW+fZ+M1hNO9fqZ
0WoFzG3A1v41WnEN3Aj2ajRFZ2ny0SuEicA0NJprcXIhFiNqMkllJczVMNm8Mpm5
0OQxS2udmoPEUzn7poIwVcdnA5/t98R/NqrLrHD1U6s+y2yU/QCAtwfSDFNcCqg8
l876Cjqz4RYKz3aMFm3+wcg3zq5B0lmSTXfOJhqHRl4LfXy22hm6pwlQrA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:52:09 2025 by rpki-client