Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a3584f7-041e-49fc-bc83-59d995bec280.roa
File: 8a3584f7-041e-49fc-bc83-59d995bec280.roa (raw, json)
Hash identifier: 8TxBRd2gn+4eWvqD5v0n13g7Tp92XmEaxd/wUQdrr8E=
Subject key identifier: 42:E2:6B:A3:44:BE:93:B5:DB:F3:EE:A7:2D:33:B4:1F:4B:A8:4E:23
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6B2ECC4923549780C424085691AD4487F80FFFAE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a3584f7-041e-49fc-bc83-59d995bec280.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1ff7:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:2e:cc:49:23:54:97:80:c4:24:08:56:91:ad:44:87:f8:0f:ff:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=1672e4e65121e7ca3fc317b17bb7ab46fecdd4e3b00986ece8ade353bb351076, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:18:21:82:fc:3c:48:68:dc:4c:dc:cf:f2:94:
e9:5d:e5:c7:6e:6d:ac:ae:2b:99:b9:c6:6e:09:68:
cc:f3:06:82:1c:17:b5:af:2f:d4:87:b7:9d:c8:c5:
58:69:d7:ef:c7:ed:20:d8:42:a7:3b:21:b7:70:49:
e6:52:18:09:92:c4:ca:f9:64:f3:2b:61:a7:c1:ae:
b8:4b:35:67:eb:93:5e:4f:d0:8c:2f:7d:14:bb:db:
ec:9a:5c:66:c7:fd:53:26:15:36:6d:49:8f:82:b9:
11:a1:ec:2e:b1:0e:65:86:30:96:23:96:8d:99:17:
e7:34:cf:ea:38:aa:bd:04:15:0a:a5:d9:db:a5:30:
44:86:60:07:b9:4d:53:c9:7d:67:b6:23:9b:a5:95:
df:b4:71:ef:c5:f0:27:d1:17:0c:53:9a:00:50:a9:
62:1c:cf:22:c8:62:30:bc:c9:c9:77:6e:ed:84:6e:
6c:09:17:40:13:a8:25:da:02:13:19:e8:f8:db:1e:
b4:0e:f0:28:56:a8:6d:ff:77:f0:77:53:fc:e7:85:
b2:8d:85:fb:e1:14:9e:cd:98:43:96:7a:1a:29:50:
d4:59:5e:1f:7d:28:fe:c0:eb:b0:95:c4:96:f8:98:
e5:00:7a:54:c9:62:ad:5c:98:dc:e8:78:84:ac:09:
ea:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E2:6B:A3:44:BE:93:B5:DB:F3:EE:A7:2D:33:B4:1F:4B:A8:4E:23
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a3584f7-041e-49fc-bc83-59d995bec280.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff7:2000::/40
Signature Algorithm: sha256WithRSAEncryption
02:00:64:f2:1b:56:f4:90:64:6d:2f:cd:88:8e:ca:97:c7:ec:
3f:61:bb:fc:1e:95:1e:83:90:07:6b:1f:18:29:7d:c5:ae:06:
66:c1:04:03:ec:a2:3b:17:43:79:49:e0:c0:0c:6a:ea:04:26:
cf:7a:df:13:f9:a3:ec:56:41:1d:f0:13:9e:57:57:da:a9:15:
86:f9:be:c1:e3:25:c7:7f:9c:cd:cc:24:26:53:62:b3:7a:26:
54:eb:60:d7:51:93:4c:88:76:b5:b7:6b:00:f1:3a:01:83:ff:
4d:53:0f:6a:27:51:d1:5d:08:19:e9:e7:5f:3b:eb:6d:0c:0f:
df:0d:79:46:59:94:ba:a0:cf:0a:13:6a:ca:56:40:d0:56:40:
9b:52:5d:ac:c6:8a:aa:fa:f7:24:6f:d7:96:d6:57:af:88:57:
ea:69:e0:fb:43:5f:df:76:00:bb:31:05:e8:91:16:a4:81:f1:
d6:8a:a3:06:b8:22:ca:3f:d2:79:ef:c9:e6:a9:95:0e:6d:af:
14:7c:42:76:2b:c5:15:6d:72:04:7d:35:fc:4c:8c:66:47:1b:
5c:d5:34:03:30:94:47:9e:00:3c:62:0a:65:b7:16:45:c0:1c:
c0:dd:72:06:27:44:6d:90:7a:64:9e:fe:5f:ba:dc:46:cd:93:
9a:85:ca:97
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUay7MSSNUl4DEJAhWka1Eh/gP/64wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNjcyZTRlNjUxMjFlN2NhM2ZjMzE3YjE3YmI3YWI0NmZl
Y2RkNGUzYjAwOTg2ZWNlOGFkZTM1M2JiMzUxMDc2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD1GCGC/DxIaNxM3M/ylOld5cdubayuK5m5xm4JaMzzBoIc
F7WvL9SHt53IxVhp1+/H7SDYQqc7IbdwSeZSGAmSxMr5ZPMrYafBrrhLNWfrk15P
0IwvfRS72+yaXGbH/VMmFTZtSY+CuRGh7C6xDmWGMJYjlo2ZF+c0z+o4qr0EFQql
2dulMESGYAe5TVPJfWe2I5ulld+0ce/F8CfRFwxTmgBQqWIczyLIYjC8ycl3bu2E
bmwJF0ATqCXaAhMZ6PjbHrQO8ChWqG3/d/B3U/znhbKNhfvhFJ7NmEOWehopUNRZ
Xh99KP7A67CVxJb4mOUAelTJYq1cmNzoeISsCeofAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUQuJro0S+k7Xb8+6nLTO0H0uoTiMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhMzU4NGY3LTA0MWUtNDlmYy1iYzgzLTU5ZDk5NWJlYzI4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/3IDANBgkqhkiG9w0BAQsFAAOCAQEAAgBk8htW9JBkbS/NiI7Kl8fs
P2G7/B6VHoOQB2sfGCl9xa4GZsEEA+yiOxdDeUngwAxq6gQmz3rfE/mj7FZBHfAT
nldX2qkVhvm+weMlx3+czcwkJlNis3omVOtg11GTTIh2tbdrAPE6AYP/TVMPaidR
0V0IGennXzvrbQwP3w15RlmUuqDPChNqylZA0FZAm1JdrMaKqvr3JG/XltZXr4hX
6mng+0Nf33YAuzEF6JEWpIHx1oqjBrgiyj/See/J5qmVDm2vFHxCdivFFW1yBH01
/EyMZkcbXNU0AzCUR54APGIKZbcWRcAcwN1yBidEbZB6ZJ7+X7rcRs2TmoXKlw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:46:54 2025 by rpki-client