Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f3823f7-d4d2-469a-a318-036ca21d1954.roa
File: 8f3823f7-d4d2-469a-a318-036ca21d1954.roa (raw, json)
Hash identifier: cIy2WZ0Eef+yCwhFDDc3OMsgcsBEtJnKHJF+5CMxNuE=
Subject key identifier: C0:D4:E0:A5:86:E8:CF:22:4D:5C:DF:6B:57:27:E0:F7:42:68:54:AF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 059176023C56A8F25099285FD687566231A5D673
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f3823f7-d4d2-469a-a318-036ca21d1954.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 160.223.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:91:76:02:3c:56:a8:f2:50:99:28:5f:d6:87:56:62:31:a5:d6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=84e14a06c103a493a8fe140e72c6ccd5f154168958f7f0c72cff4c6f73428598, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dc:2c:07:91:36:df:8c:8d:d8:de:2d:7c:1a:
3f:72:42:3a:98:90:37:44:f1:42:95:0b:08:81:bc:
ed:38:76:b3:b7:36:c4:ba:c3:36:63:95:7c:a4:bc:
1f:b8:77:d9:09:d2:33:ce:75:f8:94:99:f9:f2:20:
44:fb:06:23:e7:84:b8:ed:72:05:f8:b2:31:ce:74:
4d:59:ac:be:4e:06:a8:ed:75:a6:b1:19:b8:91:d4:
2f:88:a4:93:4e:ce:42:86:08:9e:7f:9e:bb:75:c4:
9d:20:39:eb:75:f1:d1:cd:fc:0c:44:76:be:9b:a5:
fd:0e:8f:49:1c:6c:4b:fc:16:cc:d8:b2:f8:ba:d5:
8a:3b:96:e0:44:74:59:5b:f6:f5:be:77:24:53:60:
af:a2:93:e0:86:b4:21:8e:49:6e:73:5f:de:e1:9b:
9d:5a:5e:78:33:31:3b:81:a4:43:66:7a:00:f3:da:
d0:15:05:0a:d2:72:61:aa:50:64:a8:05:e4:5f:7b:
73:03:9f:27:f6:3f:40:02:d1:7e:fd:b1:e4:fc:47:
bf:63:9b:50:c0:01:ea:8c:04:2f:c0:ff:26:db:01:
7f:cf:34:eb:a7:54:68:8b:19:4a:8b:89:dc:e1:75:
38:cb:6f:72:a2:bf:ff:bd:2d:ab:6d:ee:1a:2a:c7:
30:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D4:E0:A5:86:E8:CF:22:4D:5C:DF:6B:57:27:E0:F7:42:68:54:AF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f3823f7-d4d2-469a-a318-036ca21d1954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.223.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1f:7f:4d:19:c3:2d:fe:fc:e4:30:53:5f:f3:2d:e3:54:c9:5b:
45:57:0f:5f:c4:e6:a0:b0:97:0e:c7:af:ae:be:dd:8c:61:30:
84:54:67:46:ff:f2:fd:dd:71:aa:8d:d4:d3:e4:43:c2:e3:72:
f4:2a:fc:af:a8:32:49:72:41:da:fa:68:e7:e8:3a:cc:0b:c0:
60:4a:8f:02:9c:60:8c:ae:9a:9d:2b:f8:ff:e8:30:72:06:85:
2a:4d:3d:e4:b0:39:b6:de:5b:ae:26:d3:f7:c3:05:6e:60:69:
ed:14:e9:51:05:1b:3b:1b:7b:bb:4e:8c:89:c3:9f:78:1a:2f:
c8:1a:3b:f5:03:15:be:81:3a:f9:83:23:d4:39:10:f5:6f:1b:
2a:f7:fd:82:1b:5c:6e:00:07:ed:79:05:1d:d8:6f:ff:10:bb:
39:e5:db:1a:ac:99:9d:c8:b2:66:2d:13:7c:18:68:f7:38:65:
b1:4c:d7:5a:6f:2a:d9:a1:67:71:da:d5:00:ff:6a:1b:c4:b0:
21:a0:f6:50:a2:c8:23:a1:4b:d0:82:b8:eb:cf:4b:26:f1:93:
7d:cc:44:fe:0b:ee:92:8f:9d:e7:44:1f:c5:e3:a6:6a:dc:76:
cb:a5:4f:3c:a5:cd:7d:9d:d7:08:25:c7:80:3e:36:b3:35:f0:
be:67:27:86
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBZF2AjxWqPJQmShf1odWYjGl1nMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NGUxNGEwNmMxMDNhNDkzYThmZTE0MGU3MmM2Y2NkNWYx
NTQxNjg5NThmN2YwYzcyY2ZmNGM2ZjczNDI4NTk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF3CwHkTbfjI3Y3i18Gj9yQjqYkDdE8UKVCwiBvO04drO3
NsS6wzZjlXykvB+4d9kJ0jPOdfiUmfnyIET7BiPnhLjtcgX4sjHOdE1ZrL5OBqjt
daaxGbiR1C+IpJNOzkKGCJ5/nrt1xJ0gOet18dHN/AxEdr6bpf0Oj0kcbEv8FszY
svi61Yo7luBEdFlb9vW+dyRTYK+ik+CGtCGOSW5zX97hm51aXngzMTuBpENmegDz
2tAVBQrScmGqUGSoBeRfe3MDnyf2P0AC0X79seT8R79jm1DAAeqMBC/A/ybbAX/P
NOunVGiLGUqLidzhdTjLb3Kiv/+9Latt7hoqxzA/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwNTgpYbozyJNXN9rVyfg90JoVK8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhmMzgyM2Y3LWQ0ZDItNDY5YS1hMzE4LTAzNmNhMjFkMTk1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeg3wAwDQYJKoZIhvcNAQELBQADggEBAB9/TRnDLf785DBTX/Mt41TJW0VX
D1/E5qCwlw7Hr66+3YxhMIRUZ0b/8v3dcaqN1NPkQ8LjcvQq/K+oMklyQdr6aOfo
OswLwGBKjwKcYIyump0r+P/oMHIGhSpNPeSwObbeW64m0/fDBW5gae0U6VEFGzsb
e7tOjInDn3gaL8gaO/UDFb6BOvmDI9Q5EPVvGyr3/YIbXG4AB+15BR3Yb/8Quznl
2xqsmZ3IsmYtE3wYaPc4ZbFM11pvKtmhZ3Ha1QD/ahvEsCGg9lCiyCOhS9CCuOvP
Sybxk33MRP4L7pKPnedEH8XjpmrcdsulTzylzX2d1wglx4A+NrM18L5nJ4Y=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:00:21 2025 by rpki-client