Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/885ae76d-2736-4d57-95d4-a2473d3f4750.roa
File: 885ae76d-2736-4d57-95d4-a2473d3f4750.roa (raw, json)
Hash identifier: EhWXwfNErA0mB6w8cL8YEk6y98JDaylXBvntYBEHj4M=
Subject key identifier: 4D:B1:B6:C8:FA:8B:2D:7C:E9:9D:52:35:7B:56:FE:82:D6:21:A0:38
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 653B1277CA5E5A1DF676A762593E7D9178850E4A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/885ae76d-2736-4d57-95d4-a2473d3f4750.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 168.84.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:3b:12:77:ca:5e:5a:1d:f6:76:a7:62:59:3e:7d:91:78:85:0e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=d5b95f2fb1b58713e90e9ccba42bdb652b20390623ef0a8ab288c10b8a5447f2, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:4e:16:60:c3:25:9e:b6:c9:2b:46:1e:19:
75:bf:e1:0a:a5:b1:5a:37:00:25:06:2d:16:b3:a7:
2a:a4:bc:14:0a:97:c4:78:bc:f0:a6:29:84:1f:cb:
7a:cd:5b:3d:9a:2c:00:a1:57:bb:fd:34:ca:86:30:
92:1a:b5:3d:4d:d6:f2:a3:dc:70:c8:a7:48:54:1a:
2b:54:cc:10:3e:ba:c0:62:29:9b:50:24:bd:5b:50:
c2:9c:ba:83:e3:41:0d:2e:fe:d0:a0:21:79:b1:1b:
b1:f0:25:b2:b1:ee:b2:69:c4:ed:0e:75:02:12:7b:
a5:69:92:cf:f4:97:e0:e3:43:08:6f:df:08:6d:38:
e9:b4:e1:ce:05:c0:54:26:0c:9e:28:e5:4b:3d:ba:
4f:7f:ca:94:96:59:13:2b:e9:c2:2a:2b:9f:b9:f7:
d4:ba:28:30:d6:23:75:b5:ff:c7:4d:df:41:86:8d:
d7:83:8c:d0:8c:41:f0:43:ee:12:69:45:3b:e0:15:
14:cb:d7:3a:a2:92:ab:1f:56:5c:5d:34:68:48:a6:
8d:f0:42:2e:b6:02:7a:96:90:f9:aa:de:6f:05:1c:
02:f1:a5:b4:7f:8f:ef:ff:19:4a:d4:a0:61:b5:70:
e0:c8:0f:90:28:28:ff:c7:af:bc:45:9c:89:2f:f0:
51:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B1:B6:C8:FA:8B:2D:7C:E9:9D:52:35:7B:56:FE:82:D6:21:A0:38
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/885ae76d-2736-4d57-95d4-a2473d3f4750.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:4b:ff:06:d4:39:d6:dd:2b:3c:d7:8f:ce:39:ce:50:79:28:
b0:76:40:47:81:b6:d4:89:12:ee:ea:a4:63:af:fc:57:74:8e:
d5:ef:cf:05:25:82:09:4e:2f:b7:d1:b6:f8:54:d9:ce:b4:7d:
e7:39:d2:50:5f:10:f8:cb:fa:77:68:59:64:08:6c:47:97:bb:
76:0e:d0:e1:15:3c:df:de:90:4a:36:4f:11:a5:87:6e:6a:a2:
aa:79:b3:bc:d8:1b:32:48:6f:a0:e2:3a:c5:1b:41:35:f5:4e:
2f:ff:95:83:43:2d:df:c5:00:6f:2b:ad:42:f8:40:b4:ab:55:
b5:ec:c2:54:d2:a7:a1:68:31:69:5d:3c:09:41:ec:5d:54:ba:
b2:61:2e:b4:63:1d:4d:7f:76:ef:72:01:52:49:5c:ff:f5:a5:
f1:a3:54:56:ac:94:88:14:f1:97:62:49:8c:19:71:42:66:d0:
1b:9d:4b:f7:07:98:ab:a8:71:d7:37:d2:4d:08:05:64:03:54:
25:07:16:0d:0e:31:89:52:21:3c:50:22:0c:1e:32:8c:52:d1:
d8:da:86:12:8a:06:95:6f:e6:c5:87:c6:f1:ca:c6:43:17:97:
ae:10:52:79:c5:8c:e6:1c:33:ce:5f:4f:1f:53:7e:5c:d8:de:
9b:e7:54:cb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZTsSd8peWh32dqdiWT59kXiFDkowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNWI5NWYyZmIxYjU4NzEzZTkwZTljY2JhNDJiZGI2NTJi
MjAzOTA2MjNlZjBhOGFiMjg4YzEwYjhhNTQ0N2YyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCa2E4WYMMlnrbJK0YeGXW/4QqlsVo3ACUGLRazpyqkvBQK
l8R4vPCmKYQfy3rNWz2aLAChV7v9NMqGMJIatT1N1vKj3HDIp0hUGitUzBA+usBi
KZtQJL1bUMKcuoPjQQ0u/tCgIXmxG7HwJbKx7rJpxO0OdQISe6Vpks/0l+DjQwhv
3whtOOm04c4FwFQmDJ4o5Us9uk9/ypSWWRMr6cIqK5+599S6KDDWI3W1/8dN30GG
jdeDjNCMQfBD7hJpRTvgFRTL1zqikqsfVlxdNGhIpo3wQi62AnqWkPmq3m8FHALx
pbR/j+//GUrUoGG1cODID5AoKP/Hr7xFnIkv8FH7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTbG2yPqLLXzpnVI1e1b+gtYhoDgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4NWFlNzZkLTI3MzYtNGQ1Ny05NWQ0LWEyNDczZDNmNDc1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCoVDANBgkqhkiG9w0BAQsFAAOCAQEAIEv/BtQ51t0rPNePzjnOUHkosHZA
R4G21IkS7uqkY6/8V3SO1e/PBSWCCU4vt9G2+FTZzrR95znSUF8Q+Mv6d2hZZAhs
R5e7dg7Q4RU8396QSjZPEaWHbmqiqnmzvNgbMkhvoOI6xRtBNfVOL/+Vg0Mt38UA
byutQvhAtKtVtezCVNKnoWgxaV08CUHsXVS6smEutGMdTX9273IBUklc//Wl8aNU
VqyUiBTxl2JJjBlxQmbQG51L9weYq6hx1zfSTQgFZANUJQcWDQ4xiVIhPFAiDB4y
jFLR2NqGEooGlW/mxYfG8crGQxeXrhBSecWM5hwzzl9PH1N+XNjem+dUyw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:04:45 2025 by rpki-client