Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/835cffdf-1f3d-4b3f-8c14-514a36373177.roa
File: 835cffdf-1f3d-4b3f-8c14-514a36373177.roa (raw, json)
Hash identifier: Cj8Lm/Lm9aQhqNtFzU5cpFPB8Ax9lOaeO+Lnf6ozKkM=
Subject key identifier: 16:FD:1D:16:D2:F3:64:AD:54:56:42:FD:82:9F:B8:0A:AA:77:98:F3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 04F21C3669842562D150CB9AD12C3BD067E3370E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/835cffdf-1f3d-4b3f-8c14-514a36373177.roa
Signing time: Sat 11 Jan 2025 00:00:00 +0000
ROA not before: Sat 11 Jan 2025 00:00:00 +0000
ROA not after: Sat 15 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 147.106.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f2:1c:36:69:84:25:62:d1:50:cb:9a:d1:2c:3b:d0:67:e3:37:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 11 00:00:00 2025 GMT
Not After : Feb 15 23:59:59 2025 GMT
Subject: serialNumber=a4cd71f9f0f621f4299b21981505b173957ea11caf7a436062129f375666c24c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9c:a5:db:69:da:ec:31:61:0b:56:ca:27:00:
1a:d8:73:d8:0e:0c:43:82:7c:b1:5d:3c:eb:b8:72:
d9:de:82:64:ee:85:f7:b6:77:5b:a3:de:bc:da:bf:
19:7f:cc:4a:9f:00:c0:b2:88:5f:05:86:b5:68:89:
82:63:17:ee:7a:58:fe:7f:fb:e5:f9:4e:66:09:db:
38:9e:6b:97:73:cf:a4:4a:92:d3:5f:a5:86:64:2c:
c1:02:35:32:05:07:77:e2:36:40:c7:0d:db:d3:07:
d4:0f:33:06:cb:d9:1d:9a:62:bf:65:cb:18:9b:e0:
ab:7b:03:9e:0f:ae:5a:03:09:9b:e7:4b:75:89:8b:
fa:0a:ad:c8:e7:8c:73:63:f6:7c:cc:45:a8:14:5e:
cf:4d:34:e4:4a:1c:ab:bc:2b:4c:53:40:7d:15:eb:
17:0e:85:43:e8:e4:2d:04:40:ba:6a:6c:d4:33:0d:
a0:33:eb:f8:fc:67:32:5a:1e:22:dd:2d:43:5a:2a:
12:05:d4:e3:73:39:d8:61:08:9b:1b:b4:19:9d:40:
ca:57:b0:6f:87:ac:3b:8f:b6:57:e9:38:bc:dc:a1:
94:fd:2a:92:c9:a0:9c:6a:f8:e7:7f:36:36:6d:db:
3e:5d:1d:3b:f0:1d:61:85:88:e6:95:c8:b5:29:b7:
95:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:FD:1D:16:D2:F3:64:AD:54:56:42:FD:82:9F:B8:0A:AA:77:98:F3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/835cffdf-1f3d-4b3f-8c14-514a36373177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.106.128.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:23:8e:38:21:fd:10:68:89:74:8b:39:81:1e:0e:35:4a:09:
88:cf:42:9d:b4:1d:9d:76:ae:bb:7c:fe:83:b2:94:ae:72:4a:
be:7a:b8:47:9e:22:83:0f:0a:4a:0b:75:cd:3d:5e:fc:36:7d:
f0:d1:9d:df:a5:47:0b:cc:c4:dd:73:28:70:6f:7d:c1:95:41:
eb:5d:93:5d:2f:1d:15:5a:da:d3:6c:7a:82:10:fa:e1:22:9f:
fe:10:60:12:81:17:02:bd:66:05:2a:30:9e:44:49:57:58:31:
5e:25:72:3e:86:7b:b3:3c:d2:4b:bd:13:26:68:f5:cf:b9:30:
d3:a1:e9:2d:05:e4:78:d8:18:fe:a4:1a:a3:f7:9d:16:65:4b:
e3:88:ff:81:45:c0:dc:b8:af:48:95:ff:49:3a:bd:b6:52:6c:
9c:87:33:75:6c:17:cc:50:c6:52:94:3a:4e:75:fc:78:f0:cb:
7d:ed:c6:4f:36:7f:fb:7e:da:e8:b2:f4:9f:48:ac:b5:a8:f6:
81:17:16:90:14:9e:18:d6:ef:96:c7:29:c1:8e:45:e7:3f:35:
2b:28:15:d2:86:57:51:24:ed:d3:31:de:b9:64:a0:33:71:0f:
eb:4f:78:7b:e6:59:c9:e0:4c:87:4c:c6:74:28:be:54:2a:21:
e1:83:2a:55
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBPIcNmmEJWLRUMua0Sw70GfjNw4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTExMDAwMDAwWhcNMjUwMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNGNkNzFmOWYwZjYyMWY0Mjk5YjIxOTgxNTA1YjE3Mzk1
N2VhMTFjYWY3YTQzNjA2MjEyOWYzNzU2NjZjMjRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQnKXbadrsMWELVsonABrYc9gODEOCfLFdPOu4ctnegmTu
hfe2d1uj3rzavxl/zEqfAMCyiF8FhrVoiYJjF+56WP5/++X5TmYJ2ziea5dzz6RK
ktNfpYZkLMECNTIFB3fiNkDHDdvTB9QPMwbL2R2aYr9lyxib4Kt7A54PrloDCZvn
S3WJi/oKrcjnjHNj9nzMRagUXs9NNORKHKu8K0xTQH0V6xcOhUPo5C0EQLpqbNQz
DaAz6/j8ZzJaHiLdLUNaKhIF1ONzOdhhCJsbtBmdQMpXsG+HrDuPtlfpOLzcoZT9
KpLJoJxq+Od/NjZt2z5dHTvwHWGFiOaVyLUpt5W1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFv0dFtLzZK1UVkL9gp+4Cqp3mPMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgzNWNmZmRmLTFmM2QtNGIzZi04YzE0LTUxNGEzNjM3MzE3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAaTaoAwDQYJKoZIhvcNAQELBQADggEBAC4jjjgh/RBoiXSLOYEeDjVKCYjP
Qp20HZ12rrt8/oOylK5ySr56uEeeIoMPCkoLdc09Xvw2ffDRnd+lRwvMxN1zKHBv
fcGVQetdk10vHRVa2tNseoIQ+uEin/4QYBKBFwK9ZgUqMJ5ESVdYMV4lcj6Ge7M8
0ku9EyZo9c+5MNOh6S0F5HjYGP6kGqP3nRZlS+OI/4FFwNy4r0iV/0k6vbZSbJyH
M3VsF8xQxlKUOk51/Hjwy33txk82f/t+2uiy9J9IrLWo9oEXFpAUnhjW75bHKcGO
Rec/NSsoFdKGV1Ek7dMx3rlkoDNxD+tPeHvmWcngTIdMxnQovlQqIeGDKlU=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:12:35 2025 by rpki-client