Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e8474fb-456e-4959-83e8-4508d2c0ea83.roa
File: 8e8474fb-456e-4959-83e8-4508d2c0ea83.roa (raw, json)
Hash identifier: p4+PMXnFVPrwhAFQnR3sQlWNoM3AXonDUmhUS/4ZRZU=
Subject key identifier: B9:7F:6B:05:E3:DF:D8:C6:76:51:DB:48:3C:72:99:95:5F:06:F1:C3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4ED79D0A736872454C0B873ADA0EA83A0B3ED5C9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e8474fb-456e-4959-83e8-4508d2c0ea83.roa
Signing time: Sat 04 Jan 2025 00:00:00 +0000
ROA not before: Sat 04 Jan 2025 00:00:00 +0000
ROA not after: Sat 08 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 173.83.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:d7:9d:0a:73:68:72:45:4c:0b:87:3a:da:0e:a8:3a:0b:3e:d5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 4 00:00:00 2025 GMT
Not After : Feb 8 23:59:59 2025 GMT
Subject: serialNumber=620e4ecad508a8af0c8d112648d9126adc791ad2cbf679a8e18c4c292fb1e994, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ba:8e:9e:1b:d3:66:8d:64:ac:b5:71:a4:c9:
5e:de:65:d3:65:84:d6:24:f7:f4:8a:36:9e:fb:dd:
29:11:21:0c:aa:08:67:49:79:34:21:9f:a2:c1:05:
a6:cc:cb:9d:eb:45:0f:cb:bf:21:a3:cd:bf:06:14:
f6:e9:73:04:0c:97:cf:50:f2:fa:23:a1:c5:37:01:
29:f9:ff:ce:6a:ff:70:6a:3d:d0:7b:7d:3e:7b:c4:
32:fa:fb:1a:4f:29:75:5c:47:50:c0:7c:eb:e4:29:
49:73:8d:07:d2:6c:48:3a:28:dd:2a:41:6e:3a:2f:
81:ae:0d:80:ae:a5:f3:86:62:72:07:90:d4:aa:22:
c1:76:f1:80:de:65:d5:31:e9:dc:d6:f5:b4:45:ac:
f4:85:c3:83:1c:3b:7c:11:f2:ee:52:42:fd:dd:ea:
e8:61:98:53:20:53:dd:d8:93:77:1b:ae:7c:ad:26:
ca:94:c8:53:ca:76:f5:e6:99:c2:b7:44:f9:1c:51:
a4:f4:da:17:ad:1e:95:a8:2a:1e:74:b1:5e:24:46:
76:87:c3:6d:a8:d4:10:74:10:0f:c5:e8:62:6b:15:
c5:bd:23:2c:ca:1d:d7:49:09:27:28:e5:17:ef:c5:
76:aa:eb:c4:9a:bf:7f:3d:21:18:6b:15:ae:67:c0:
ed:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7F:6B:05:E3:DF:D8:C6:76:51:DB:48:3C:72:99:95:5F:06:F1:C3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e8474fb-456e-4959-83e8-4508d2c0ea83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.83.213.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:fd:a3:1d:d6:a8:30:52:c7:bb:82:18:e7:2b:44:8c:33:01:
d9:d9:20:17:0e:dc:2a:69:b6:c6:5b:07:0d:66:a1:7e:2e:89:
a8:49:05:1f:9d:95:69:19:05:f8:c2:31:9a:0b:20:f8:7b:56:
60:ea:4a:f6:7a:b4:89:62:f9:48:d3:da:60:8e:2a:76:cd:1b:
83:b9:e5:52:ba:60:db:aa:2b:72:75:ec:05:fd:e7:7f:62:5b:
09:ef:8c:b7:c9:1b:f9:b7:42:bf:e1:84:1b:dd:f1:a2:ff:5f:
a0:d9:14:27:ad:59:47:d1:f0:72:7d:c5:21:89:3b:fc:04:a3:
33:f0:ee:25:36:06:4f:79:15:cb:a7:1f:54:e0:62:1b:69:08:
d6:bd:2b:35:c2:42:e8:b5:76:13:c1:96:b5:2d:52:37:d0:36:
29:14:90:9d:88:88:76:d9:fd:03:90:7a:dc:02:b3:72:a4:c7:
64:b0:15:b7:2d:05:26:e6:03:a6:d0:60:c3:34:47:a7:d0:73:
bf:4d:4b:2b:c9:cf:a5:93:27:95:ae:af:19:2e:68:be:80:3f:
8c:cf:36:9c:ff:ae:2c:0d:44:50:4c:b5:22:54:cf:dd:c7:39:
8d:b1:a5:80:24:bc:18:48:ae:f4:fd:cc:47:ba:1e:a5:fb:64:
5c:87:b1:51
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTtedCnNockVMC4c62g6oOgs+1ckwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MjBlNGVjYWQ1MDhhOGFmMGM4ZDExMjY0OGQ5MTI2YWRj
NzkxYWQyY2JmNjc5YThlMThjNGMyOTJmYjFlOTk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDuo6eG9NmjWSstXGkyV7eZdNlhNYk9/SKNp773SkRIQyq
CGdJeTQhn6LBBabMy53rRQ/LvyGjzb8GFPbpcwQMl89Q8vojocU3ASn5/85q/3Bq
PdB7fT57xDL6+xpPKXVcR1DAfOvkKUlzjQfSbEg6KN0qQW46L4GuDYCupfOGYnIH
kNSqIsF28YDeZdUx6dzW9bRFrPSFw4McO3wR8u5SQv3d6uhhmFMgU93Yk3cbrnyt
JsqUyFPKdvXmmcK3RPkcUaT02hetHpWoKh50sV4kRnaHw22o1BB0EA/F6GJrFcW9
IyzKHddJCSco5RfvxXaq68Sav389IRhrFa5nwO25AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuX9rBePf2MZ2UdtIPHKZlV8G8cMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlODQ3NGZiLTQ1NmUtNDk1OS04M2U4LTQ1MDhkMmMwZWE4My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtU9UwDQYJKoZIhvcNAQELBQADggEBAC39ox3WqDBSx7uCGOcrRIwzAdnZ
IBcO3CpptsZbBw1moX4uiahJBR+dlWkZBfjCMZoLIPh7VmDqSvZ6tIli+UjT2mCO
KnbNG4O55VK6YNuqK3J17AX9539iWwnvjLfJG/m3Qr/hhBvd8aL/X6DZFCetWUfR
8HJ9xSGJO/wEozPw7iU2Bk95FcunH1TgYhtpCNa9KzXCQui1dhPBlrUtUjfQNikU
kJ2IiHbZ/QOQetwCs3Kkx2SwFbctBSbmA6bQYMM0R6fQc79NSyvJz6WTJ5Wurxku
aL6AP4zPNpz/riwNRFBMtSJUz93HOY2xpYAkvBhIrvT9zEe6HqX7ZFyHsVE=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:54:27 2025 by rpki-client