Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7dcc6701-a64f-442b-a018-829dca8b617d.roa
File: 7dcc6701-a64f-442b-a018-829dca8b617d.roa (raw, json)
Hash identifier: 9aNq0hix5Q0BzrXXM5hAnNT35ULXhBaEu9G5zmNgXbg=
Subject key identifier: D8:7B:21:2F:78:08:AE:9B:21:47:B3:03:0F:95:42:FE:06:9B:57:AB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0BFD059DE2B167E5EA49704551B688F8C4DC411B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7dcc6701-a64f-442b-a018-829dca8b617d.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 205.147.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:fd:05:9d:e2:b1:67:e5:ea:49:70:45:51:b6:88:f8:c4:dc:41:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=dab913c7edf825aad9b47612b7cb6fdb4d12b3b2c1635d043bcae72811a2c469, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:73:46:01:3d:a6:f8:f6:7c:c6:63:69:83:21:
be:ae:d4:08:1f:a9:4e:02:ab:4b:99:29:8a:fe:92:
8f:f4:da:02:d6:aa:33:55:38:a7:f6:22:98:d0:3f:
3b:b6:8d:91:b9:20:3a:ac:d1:1f:67:56:e1:61:eb:
9d:c1:fc:6b:ed:f3:07:6d:e3:ab:90:76:c5:7f:13:
56:58:c7:20:14:b0:f7:56:47:39:95:67:9a:e1:55:
b3:c4:95:8e:6e:a7:57:80:c7:b7:44:21:de:de:8e:
48:3d:fe:b0:1e:d4:f3:8b:b1:e4:fa:3b:92:f4:73:
18:f2:08:ba:3e:5a:27:6c:86:73:0f:4d:d1:67:5b:
b2:0e:ad:d4:4f:e7:4e:7a:51:9e:1b:bf:ca:12:9b:
9d:93:1d:d4:56:f2:0b:ca:10:4e:fb:96:eb:77:3e:
a4:16:0f:0a:c1:9a:87:ac:dc:06:43:0c:ec:55:e7:
df:b8:eb:d5:06:07:df:b9:98:89:e5:b8:23:4b:a4:
be:5c:f8:2b:5f:7a:03:3e:49:fd:ed:03:a0:57:0e:
63:ac:3e:17:bd:47:10:8c:3b:c7:bb:10:4f:7a:42:
e0:0e:20:c6:f0:73:6e:3f:88:7c:82:60:6b:b9:a7:
50:54:d9:09:f3:11:55:e8:50:d9:91:37:1a:d7:fb:
89:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7B:21:2F:78:08:AE:9B:21:47:B3:03:0F:95:42:FE:06:9B:57:AB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7dcc6701-a64f-442b-a018-829dca8b617d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
205.147.212.0/22
Signature Algorithm: sha256WithRSAEncryption
14:6f:16:7c:c9:67:48:3d:51:48:51:cc:a4:6f:aa:2c:8b:14:
3f:76:25:26:89:ee:bb:1e:93:d2:fa:16:a9:96:06:36:90:97:
7a:1e:01:1c:ef:45:3f:f4:a8:8b:4b:0d:8b:00:c0:32:a5:1c:
09:0b:d6:0d:1a:83:15:49:ed:4b:fa:0b:7b:58:2b:2e:19:58:
ba:40:7d:b1:4f:77:f4:cd:1a:22:de:44:51:ba:bc:59:27:11:
c8:06:d8:a6:06:32:06:83:d0:08:92:7f:13:66:de:c0:40:c6:
3a:64:fc:be:66:55:dd:cf:7e:3b:c6:67:e3:fa:f4:6c:5d:0b:
55:35:d4:48:74:42:de:a8:84:ba:c1:52:06:63:75:cc:8f:97:
b4:15:83:8c:f8:18:55:72:46:4e:90:cc:f3:5f:f0:32:2d:65:
2b:c1:42:3b:cd:85:8b:a3:fe:94:0e:cf:84:a5:61:74:94:22:
ac:dc:d8:e0:c1:3d:fa:a0:de:ef:95:b5:9c:39:38:da:3f:aa:
a5:4b:7f:9a:47:b8:87:ac:c9:96:34:d0:54:88:2c:15:08:04:
e6:1a:be:d7:40:7c:81:c1:b1:45:bd:94:f4:67:e3:bb:d7:32:
c8:f2:7d:23:ec:e2:00:07:c7:b7:62:f5:ec:96:21:32:b4:57:
f3:a0:25:8c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC/0FneKxZ+XqSXBFUbaI+MTcQRswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYWI5MTNjN2VkZjgyNWFhZDliNDc2MTJiN2NiNmZkYjRk
MTJiM2IyYzE2MzVkMDQzYmNhZTcyODExYTJjNDY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXc0YBPab49nzGY2mDIb6u1AgfqU4Cq0uZKYr+ko/02gLW
qjNVOKf2IpjQPzu2jZG5IDqs0R9nVuFh653B/Gvt8wdt46uQdsV/E1ZYxyAUsPdW
RzmVZ5rhVbPElY5up1eAx7dEId7ejkg9/rAe1POLseT6O5L0cxjyCLo+WidshnMP
TdFnW7IOrdRP5056UZ4bv8oSm52THdRW8gvKEE77lut3PqQWDwrBmoes3AZDDOxV
59+469UGB9+5mInluCNLpL5c+CtfegM+Sf3tA6BXDmOsPhe9RxCMO8e7EE96QuAO
IMbwc24/iHyCYGu5p1BU2QnzEVXoUNmRNxrX+4n7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2HshL3gIrpshR7MDD5VC/gabV6swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdkY2M2NzAxLWE2NGYtNDQyYi1hMDE4LTgyOWRjYThiNjE3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALNk9QwDQYJKoZIhvcNAQELBQADggEBABRvFnzJZ0g9UUhRzKRvqiyLFD92
JSaJ7rsek9L6FqmWBjaQl3oeARzvRT/0qItLDYsAwDKlHAkL1g0agxVJ7Uv6C3tY
Ky4ZWLpAfbFPd/TNGiLeRFG6vFknEcgG2KYGMgaD0AiSfxNm3sBAxjpk/L5mVd3P
fjvGZ+P69GxdC1U11Eh0Qt6ohLrBUgZjdcyPl7QVg4z4GFVyRk6QzPNf8DItZSvB
QjvNhYuj/pQOz4SlYXSUIqzc2ODBPfqg3u+VtZw5ONo/qqVLf5pHuIesyZY00FSI
LBUIBOYavtdAfIHBsUW9lPRn47vXMsjyfSPs4gAHx7di9eyWITK0V/OgJYw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:54:23 2025 by rpki-client