Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f90d17e-dbdd-4fed-a1d4-ec4864a9e9c8.roa
File: 7f90d17e-dbdd-4fed-a1d4-ec4864a9e9c8.roa (raw, json)
Hash identifier: KEp+y952pSqJrODFiQDjCNl0Ws3AXqFU4PvaCmZlL2E=
Subject key identifier: EF:79:AD:76:6C:22:5B:65:FC:12:AB:F4:16:88:0B:7B:AD:8D:11:BC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4AB53BDA72CBC8B886CA07FAE4002ACCCFB61265
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f90d17e-dbdd-4fed-a1d4-ec4864a9e9c8.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 144.142.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:b5:3b:da:72:cb:c8:b8:86:ca:07:fa:e4:00:2a:cc:cf:b6:12:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:6a:01:24:3b:f6:61:b6:2e:70:f8:77:41:ed:
7b:78:e7:51:0b:93:e3:82:fe:b7:d0:1a:80:29:c6:
ab:85:35:f2:97:c5:de:6c:db:d7:de:29:34:0f:54:
d8:6d:81:6f:48:10:b9:5c:41:ea:a4:f4:9d:c2:95:
e1:2e:d4:af:c3:33:22:36:84:a5:b2:14:f9:09:bc:
c8:67:94:30:68:de:80:a7:50:3a:92:d4:db:dd:ba:
68:5c:1e:f9:b8:f5:17:2c:f1:6a:0f:07:67:f7:6a:
93:20:d7:59:40:5e:86:1c:c2:81:43:34:94:1d:84:
c5:c5:7e:f6:83:3e:42:5c:a8:31:5e:be:f0:03:c5:
84:07:64:ec:db:0c:8d:de:25:53:0a:d6:99:7b:34:
a6:f8:50:e9:41:cb:a2:cf:80:67:73:52:45:99:e8:
17:5f:d2:25:2f:c5:62:c9:b4:fb:9e:b6:0d:97:2a:
47:58:12:9e:95:e8:76:1b:e1:38:29:bf:ec:08:06:
7d:e0:07:04:09:eb:81:ff:48:e8:cb:51:c9:87:9c:
fb:9d:5a:73:fb:dd:67:f1:1b:31:d6:81:b7:c9:8a:
cf:19:af:af:8f:13:3b:40:97:ff:b4:cf:43:0b:d5:
84:aa:7f:bc:63:c6:64:28:d7:a9:2b:82:b3:17:63:
db:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:79:AD:76:6C:22:5B:65:FC:12:AB:F4:16:88:0B:7B:AD:8D:11:BC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f90d17e-dbdd-4fed-a1d4-ec4864a9e9c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.142.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:80:84:e5:22:6b:d5:ab:d4:bb:95:b3:00:be:19:d1:b7:a9:
a9:7e:bf:73:35:31:b5:50:ee:ac:60:9f:f5:60:cf:c6:a9:65:
bb:ee:6c:38:f8:a9:8e:ba:64:e5:3b:56:df:a8:e4:76:9e:49:
ec:03:a1:dd:e8:c0:59:fb:c0:8e:4e:94:90:50:cb:a7:3e:1d:
3f:8b:e2:07:5c:73:32:0c:a7:ab:86:c1:cb:3f:8e:ac:5f:12:
d2:33:37:aa:4e:a2:9e:86:c2:c4:fb:32:5e:46:00:11:dc:28:
3d:08:53:cf:2c:c3:e9:9a:34:d0:7a:c1:b3:62:92:86:3b:b0:
6a:d6:fe:77:3e:70:73:54:85:bc:7d:1d:ea:f6:f4:db:db:1a:
c9:3b:a5:8b:99:28:87:48:29:c9:56:96:43:c2:f1:2f:7b:40:
d5:59:e4:00:12:3b:43:fc:d2:03:e8:e0:5f:2c:17:bc:4b:98:
54:98:7f:bb:9c:44:4c:d1:a8:21:c7:06:fc:ae:06:7e:cc:52:
d1:17:9d:9b:f7:2d:fb:78:0e:62:da:9b:8d:9d:54:59:4d:01:
65:6a:1a:cd:4b:6f:6b:8f:ce:92:2c:14:3c:6b:13:18:4c:c7:
b0:b8:b6:7a:cd:bc:bb:1d:19:1f:3e:4c:e4:70:a4:61:76:92:
89:ad:ba:e4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSrU72nLLyLiGygf65AAqzM+2EmUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI1MDAwMDAwWhcNMjUwMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjODFhNGI3NTJmN2Q2OTEwMDIyZGE0Mzk5MmM0MTMxYjY0
NWY5MjMwNzZhNzAyMTNiODk3ODBmMjY1YzlmMWE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDzagEkO/Zhti5w+HdB7Xt451ELk+OC/rfQGoApxquFNfKX
xd5s29feKTQPVNhtgW9IELlcQeqk9J3CleEu1K/DMyI2hKWyFPkJvMhnlDBo3oCn
UDqS1NvdumhcHvm49Rcs8WoPB2f3apMg11lAXoYcwoFDNJQdhMXFfvaDPkJcqDFe
vvADxYQHZOzbDI3eJVMK1pl7NKb4UOlBy6LPgGdzUkWZ6Bdf0iUvxWLJtPuetg2X
KkdYEp6V6HYb4Tgpv+wIBn3gBwQJ64H/SOjLUcmHnPudWnP73WfxGzHWgbfJis8Z
r6+PEztAl/+0z0ML1YSqf7xjxmQo16krgrMXY9v9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU73mtdmwiW2X8Eqv0FogLe62NEbwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdmOTBkMTdlLWRiZGQtNGZlZC1hMWQ0LWVjNDg2NGE5ZTljOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCQjjANBgkqhkiG9w0BAQsFAAOCAQEAioCE5SJr1avUu5WzAL4Z0bepqX6/
czUxtVDurGCf9WDPxqllu+5sOPipjrpk5TtW36jkdp5J7AOh3ejAWfvAjk6UkFDL
pz4dP4viB1xzMgynq4bByz+OrF8S0jM3qk6inobCxPsyXkYAEdwoPQhTzyzD6Zo0
0HrBs2KShjuwatb+dz5wc1SFvH0d6vb029sayTuli5koh0gpyVaWQ8LxL3tA1Vnk
ABI7Q/zSA+jgXywXvEuYVJh/u5xETNGoIccG/K4GfsxS0Redm/ct+3gOYtqbjZ1U
WU0BZWoazUtva4/OkiwUPGsTGEzHsLi2es28ux0ZHz5M5HCkYXaSia265A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:05:09 2025 by rpki-client