Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/922e3d80-97a4-46a8-b2e2-ee722cdf3fc7.roa
File: 922e3d80-97a4-46a8-b2e2-ee722cdf3fc7.roa (raw, json)
Hash identifier: qSTnxaa5eYgjm3n1VAs7CKFHnj1K7Ge8Y3wdLTeSn58=
Subject key identifier: 2C:7C:51:AE:80:0A:95:FA:31:03:E4:D4:6D:F4:4D:10:E3:8E:A4:79
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 141E00427C841DAC006C9FC21A0173B224541A6E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/922e3d80-97a4-46a8-b2e2-ee722cdf3fc7.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 35.128.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:1e:00:42:7c:84:1d:ac:00:6c:9f:c2:1a:01:73:b2:24:54:1a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:59:05:55:9b:64:42:ea:6b:cc:2c:8b:82:01:
da:f5:48:56:0c:7f:ad:d8:4d:05:8e:00:47:8d:27:
b8:24:41:98:8f:9c:ff:74:3f:ba:4c:53:62:b2:91:
9a:29:22:57:07:18:8c:86:50:c1:6e:8c:e3:0b:9b:
db:4a:35:46:27:9b:20:30:39:e1:d4:f0:64:b5:86:
ab:68:e5:ac:6e:a3:d5:de:42:d3:70:dd:eb:c4:e3:
89:01:53:b9:7d:b8:4b:e2:b4:8e:9b:b1:c0:2c:de:
30:ff:e7:2f:3e:51:61:e3:5e:08:2c:0d:49:a1:44:
f5:58:5b:a7:fa:a2:8c:7a:97:74:7f:0b:dd:4c:25:
f7:f3:9b:9a:82:b0:2c:cf:c6:87:a8:4b:de:ca:27:
00:19:d3:89:14:42:b8:fb:bf:fd:38:bd:cb:56:e0:
b3:91:6c:0a:78:24:5d:06:c2:a4:d0:4c:91:7a:e6:
ca:df:7f:25:fa:e3:f0:35:e5:24:cf:1b:ca:b7:77:
8c:81:eb:da:f3:c9:ab:a0:79:0a:27:ae:cd:b9:05:
6c:0d:8b:65:34:76:07:e1:51:5e:c8:36:48:f8:15:
14:84:fe:20:f7:45:1d:bd:c1:4b:29:81:2b:9c:c5:
fa:3b:6e:54:89:52:57:74:0e:8b:73:93:47:db:f7:
bb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7C:51:AE:80:0A:95:FA:31:03:E4:D4:6D:F4:4D:10:E3:8E:A4:79
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/922e3d80-97a4-46a8-b2e2-ee722cdf3fc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.128.128.0/18
Signature Algorithm: sha256WithRSAEncryption
59:9f:c1:65:5e:85:cc:3a:a0:a3:a4:99:c3:f5:ae:04:e6:4e:
0e:3d:8b:c4:b6:17:83:a1:fe:c5:24:86:6d:b4:72:b4:14:18:
59:c4:bc:44:f9:a5:92:10:a7:19:48:f7:25:dd:fc:ee:02:ce:
2e:8f:5d:14:43:a5:03:62:38:c5:cc:f7:4e:3b:b1:31:33:82:
03:49:48:74:07:a5:df:03:02:f4:91:8f:9e:f2:df:a9:c6:5c:
c3:e3:1d:72:c3:27:69:67:10:81:94:09:94:5d:fe:7a:1b:55:
dc:11:45:07:21:8d:71:5c:4f:4e:16:ca:fc:93:99:59:89:16:
27:da:97:8d:35:d3:e2:59:46:ee:02:f0:aa:be:5a:fd:c4:8c:
c1:03:05:79:37:17:d6:34:45:30:43:00:c3:20:8d:69:4d:78:
e5:c5:81:84:bd:dd:c9:39:e9:98:fd:99:52:1d:18:af:df:2c:
a8:b9:6b:70:1e:75:f0:d0:ec:f5:0c:17:78:b4:05:26:87:ca:
d1:7b:84:e9:50:02:1a:23:cb:d1:d5:f7:32:96:40:c3:7e:0a:
b1:22:c6:94:3b:f1:88:aa:2e:66:23:41:5a:a4:a5:03:26:d1:
7b:0d:62:a1:d9:91:90:18:f5:1d:d9:c1:37:54:b5:e8:97:d0:
ae:f2:f0:0a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFB4AQnyEHawAbJ/CGgFzsiRUGm4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjNiZWQwZDcwMWFhYjlmNTdhM2JhMmY1Y2NkMmZlY2M0
NDdmNDc4OWI3ZmJiMmFjN2Q3ZjExYTFlZDJhZDQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTWQVVm2RC6mvMLIuCAdr1SFYMf63YTQWOAEeNJ7gkQZiP
nP90P7pMU2KykZopIlcHGIyGUMFujOMLm9tKNUYnmyAwOeHU8GS1hqto5axuo9Xe
QtNw3evE44kBU7l9uEvitI6bscAs3jD/5y8+UWHjXggsDUmhRPVYW6f6oox6l3R/
C91MJffzm5qCsCzPxoeoS97KJwAZ04kUQrj7v/04vctW4LORbAp4JF0GwqTQTJF6
5srffyX64/A15STPG8q3d4yB69rzyaugeQonrs25BWwNi2U0dgfhUV7INkj4FRSE
/iD3RR29wUspgSucxfo7blSJUld0Dotzk0fb97snAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULHxRroAKlfoxA+TUbfRNEOOOpHkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkyMmUzZDgwLTk3YTQtNDZhOC1iMmUyLWVlNzIyY2RmM2ZjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYjgIAwDQYJKoZIhvcNAQELBQADggEBAFmfwWVehcw6oKOkmcP1rgTmTg49
i8S2F4Oh/sUkhm20crQUGFnEvET5pZIQpxlI9yXd/O4Czi6PXRRDpQNiOMXM9047
sTEzggNJSHQHpd8DAvSRj57y36nGXMPjHXLDJ2lnEIGUCZRd/nobVdwRRQchjXFc
T04WyvyTmVmJFifal4010+JZRu4C8Kq+Wv3EjMEDBXk3F9Y0RTBDAMMgjWlNeOXF
gYS93ck56Zj9mVIdGK/fLKi5a3AedfDQ7PUMF3i0BSaHytF7hOlQAhojy9HV9zKW
QMN+CrEixpQ78YiqLmYjQVqkpQMm0XsNYqHZkZAY9R3ZwTdUteiX0K7y8Ao=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:30 2025 by rpki-client