Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91fcb15f-13b7-4590-8345-f94221d7046c.roa
File: 91fcb15f-13b7-4590-8345-f94221d7046c.roa (raw, json)
Hash identifier: McjNWdrTmfUIkrLwvCuuovvPhPdCo4Qd3T4iWQIOg9Q=
Subject key identifier: BB:DD:CC:BD:3D:65:33:8C:80:B5:E4:F0:75:9C:FA:D2:34:BD:F6:A5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 57172047FAFFF24D3752F42735367C02DCA4C6E8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91fcb15f-13b7-4590-8345-f94221d7046c.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 56.156.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:17:20:47:fa:ff:f2:4d:37:52:f4:27:35:36:7c:02:dc:a4:c6:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=5c45f06d95153440a9b8c53a93ef920d2fae7b57ee5af54d71089f94b913bb50, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:00:c6:2c:49:8e:97:a3:a1:89:26:b8:3b:92:
e8:5b:58:8e:7e:4b:00:f4:d6:c1:a6:a5:c0:96:d0:
3d:cb:b3:d4:e0:23:ee:d3:3e:98:6b:9c:ca:9c:12:
ec:b1:3a:e5:76:6a:cb:a7:a5:f0:bf:83:69:94:af:
76:c5:51:94:43:db:4d:70:f0:b2:d3:0b:48:2e:a7:
ed:72:d4:8a:70:02:ec:ff:ec:36:42:b7:f9:2f:61:
6e:d5:eb:0d:24:f3:ec:30:5b:cc:5d:e2:58:68:e8:
f2:a9:a7:77:82:2d:bd:b6:74:6a:39:9b:24:03:4f:
78:8d:89:e4:9d:c6:35:14:78:17:ae:75:1c:ea:c8:
9f:22:e9:4d:0b:52:65:c5:6a:b0:cd:6f:0e:7b:6e:
8a:9f:71:92:72:29:4b:41:b8:8c:60:9a:39:35:f2:
73:c4:90:28:ae:6f:ce:1b:37:3f:fa:e9:93:ec:25:
a0:cc:2c:fe:26:0d:2e:55:ae:72:64:11:63:f2:8c:
b9:09:86:e1:f2:af:75:1d:d2:54:fb:9c:ea:25:fc:
72:a9:94:76:8b:ac:4e:35:06:fb:0d:f3:63:35:32:
c9:79:94:32:c3:31:01:9b:04:a0:8c:c6:ff:02:68:
ca:90:90:7f:6a:81:50:7c:46:29:1a:38:61:25:65:
c3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:DD:CC:BD:3D:65:33:8C:80:B5:E4:F0:75:9C:FA:D2:34:BD:F6:A5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91fcb15f-13b7-4590-8345-f94221d7046c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.156.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:94:95:5c:d5:69:be:1a:e2:9d:53:b2:1b:a9:5e:a3:b4:0e:
3b:e1:1a:96:f3:a9:c7:66:4a:e7:51:ae:52:5e:08:6f:14:8c:
13:1c:e4:26:ce:ee:ec:38:5b:c0:fa:4d:6f:5f:d8:1f:bf:e2:
fc:62:e9:6d:d8:38:e5:30:b7:4f:c0:fe:58:ff:3d:d4:29:8e:
78:68:26:d9:b8:2c:34:bf:2f:3b:43:a3:4a:ba:c3:58:de:9f:
a5:a6:1b:a3:51:22:57:2d:56:26:86:a6:93:e1:ab:90:00:f7:
63:96:dc:57:4d:e3:b3:0d:dd:4b:d1:b0:cc:d5:8f:b6:41:f7:
47:cf:36:1d:0a:4b:c4:cc:6a:7a:04:ce:e4:40:66:a7:94:bd:
49:cc:3d:25:93:87:f6:95:25:e4:85:9d:4b:13:52:11:f4:b9:
8f:e6:a5:e0:69:98:c6:4a:fe:52:6f:1d:ad:54:d2:39:5f:4e:
7e:05:15:62:f9:1e:db:57:be:f4:c7:0c:51:8b:aa:fe:a5:f2:
b4:b0:c0:31:cc:33:41:2c:f5:d5:1e:ac:9d:5e:09:17:78:e2:
ee:5c:2b:2e:75:b6:f8:42:9d:6a:d5:0a:0b:bd:fb:d0:24:a3:
68:8c:ce:a6:2b:31:1f:7b:26:3e:58:4c:9d:4a:d9:99:98:fc:
b1:48:e1:16
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVxcgR/r/8k03UvQnNTZ8AtykxugwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YzQ1ZjA2ZDk1MTUzNDQwYTliOGM1M2E5M2VmOTIwZDJm
YWU3YjU3ZWU1YWY1NGQ3MTA4OWY5NGI5MTNiYjUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnAMYsSY6Xo6GJJrg7kuhbWI5+SwD01sGmpcCW0D3Ls9Tg
I+7TPphrnMqcEuyxOuV2asunpfC/g2mUr3bFUZRD201w8LLTC0gup+1y1IpwAuz/
7DZCt/kvYW7V6w0k8+wwW8xd4lho6PKpp3eCLb22dGo5myQDT3iNieSdxjUUeBeu
dRzqyJ8i6U0LUmXFarDNbw57boqfcZJyKUtBuIxgmjk18nPEkCiub84bNz/66ZPs
JaDMLP4mDS5VrnJkEWPyjLkJhuHyr3Ud0lT7nOol/HKplHaLrE41BvsN82M1Msl5
lDLDMQGbBKCMxv8CaMqQkH9qgVB8RikaOGElZcNfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUu93MvT1lM4yAteTwdZz60jS99qUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkxZmNiMTVmLTEzYjctNDU5MC04MzQ1LWY5NDIyMWQ3MDQ2Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4nDANBgkqhkiG9w0BAQsFAAOCAQEAQJSVXNVpvhrinVOyG6leo7QOO+Ea
lvOpx2ZK51GuUl4IbxSMExzkJs7u7DhbwPpNb1/YH7/i/GLpbdg45TC3T8D+WP89
1CmOeGgm2bgsNL8vO0OjSrrDWN6fpaYbo1EiVy1WJoamk+GrkAD3Y5bcV03jsw3d
S9GwzNWPtkH3R882HQpLxMxqegTO5EBmp5S9Scw9JZOH9pUl5IWdSxNSEfS5j+al
4GmYxkr+Um8drVTSOV9OfgUVYvke21e+9McMUYuq/qXytLDAMcwzQSz11R6snV4J
F3ji7lwrLnW2+EKdatUKC7370CSjaIzOpisxH3smPlhMnUrZmZj8sUjhFg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:09:02 2025 by rpki-client