Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9306b083-df04-4523-9a3c-d8a732b9119d.roa
File: 9306b083-df04-4523-9a3c-d8a732b9119d.roa (raw, json)
Hash identifier: w1+S4bhH/Ca5VZxeSQw5dOjvrmlqvNreMQnOje56a40=
Subject key identifier: E5:F4:41:05:70:61:D7:EB:10:B2:6A:15:9B:D2:7B:99:29:F3:BA:4F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 60664961B1AAEAC944FC6BC61B1FA2F3148262A3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9306b083-df04-4523-9a3c-d8a732b9119d.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 16.154.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:66:49:61:b1:aa:ea:c9:44:fc:6b:c6:1b:1f:a2:f3:14:82:62:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=1a98ff6fc46cc098e3b648ccce63b69d25b711d7ff4ca173baa129d474a8bdab, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:12:25:c6:31:3a:78:c6:15:59:35:83:dd:55:
06:3b:65:d1:68:a1:19:61:d6:5e:e2:d1:0a:46:96:
ac:64:26:69:9b:13:d7:f4:38:35:a8:81:fc:64:fc:
28:bb:31:91:52:09:b9:54:33:c6:9d:4c:25:a1:8b:
49:a1:bf:be:92:47:75:31:61:a9:0f:f1:bf:88:3d:
f9:51:34:47:d5:fa:ac:f5:24:92:4b:a8:0d:9b:0a:
3b:7a:97:50:66:18:3e:b2:8f:54:0e:6f:60:de:ec:
de:ba:28:0b:80:b5:ab:0a:75:84:2d:e6:ff:06:20:
0d:17:64:5c:71:e6:59:cc:a4:6a:45:9e:c2:34:d0:
8b:bc:5a:87:58:11:e7:b3:42:1a:82:8b:1f:cd:18:
79:95:95:61:c0:27:68:7e:79:b3:5a:cb:58:d8:80:
70:15:43:03:9f:ba:f5:b7:86:2a:fb:af:d3:0b:90:
96:1c:6e:0a:29:0e:24:2d:a7:af:2e:19:b0:2f:93:
ed:a5:0f:88:88:86:ef:46:6b:38:90:d5:80:87:aa:
65:6c:d6:3e:76:7a:56:ef:ac:37:97:7d:f2:da:ee:
2a:3f:40:fa:fe:cd:5b:5b:1c:0e:7a:0d:e9:7e:37:
46:fa:f7:c0:56:9c:00:2a:6f:bc:b8:d3:be:52:06:
02:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:F4:41:05:70:61:D7:EB:10:B2:6A:15:9B:D2:7B:99:29:F3:BA:4F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9306b083-df04-4523-9a3c-d8a732b9119d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.154.0.0/15
Signature Algorithm: sha256WithRSAEncryption
71:96:e7:e8:21:56:72:9a:96:40:f1:ab:3b:6f:62:41:b6:70:
4d:0c:9a:68:58:ba:93:56:65:11:53:67:f6:99:49:81:13:ab:
c2:f7:cc:a5:e3:bc:be:ee:e2:cf:22:ad:0c:b1:86:6c:31:da:
e0:1f:36:44:d1:6c:a4:8b:8c:60:95:66:f3:da:5e:f9:fe:7f:
bf:5b:a3:b5:16:17:3c:3d:40:99:39:c1:83:f7:3c:d0:14:7b:
d3:01:de:8a:94:10:51:e6:8e:0a:1c:9c:97:03:a9:47:4b:0c:
1a:2d:76:2a:fc:37:d8:02:42:8b:25:21:15:30:1d:36:f9:1b:
76:9a:97:ea:d4:04:e2:84:bf:1e:f4:01:37:3f:61:2c:06:82:
ad:84:25:7f:20:99:1b:60:28:67:b9:0d:27:45:67:09:01:98:
06:e9:c0:90:33:f9:9d:4d:e5:5a:bc:fb:c2:cf:57:ee:db:c0:
a9:b0:f8:b1:75:2d:91:46:85:58:e6:22:fc:23:05:c8:38:d6:
48:96:ff:0d:1a:75:73:24:78:40:96:26:3b:0c:c8:81:ab:e0:
d7:c5:c0:9e:26:8f:f3:61:59:92:f6:35:6c:77:79:d1:9b:0b:
93:f0:cc:fe:8d:af:de:e4:33:42:c0:57:dd:1f:7e:14:4b:eb:
6b:a7:12:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYGZJYbGq6slE/GvGGx+i8xSCYqMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYTk4ZmY2ZmM0NmNjMDk4ZTNiNjQ4Y2NjZTYzYjY5ZDI1
YjcxMWQ3ZmY0Y2ExNzNiYWExMjlkNDc0YThiZGFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVEiXGMTp4xhVZNYPdVQY7ZdFooRlh1l7i0QpGlqxkJmmb
E9f0ODWogfxk/Ci7MZFSCblUM8adTCWhi0mhv76SR3UxYakP8b+IPflRNEfV+qz1
JJJLqA2bCjt6l1BmGD6yj1QOb2De7N66KAuAtasKdYQt5v8GIA0XZFxx5lnMpGpF
nsI00Iu8WodYEeezQhqCix/NGHmVlWHAJ2h+ebNay1jYgHAVQwOfuvW3hir7r9ML
kJYcbgopDiQtp68uGbAvk+2lD4iIhu9GaziQ1YCHqmVs1j52elbvrDeXffLa7io/
QPr+zVtbHA56Del+N0b698BWnAAqb7y4075SBgKtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5fRBBXBh1+sQsmoVm9J7mSnzuk8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkzMDZiMDgzLWRmMDQtNDUyMy05YTNjLWQ4YTczMmI5MTE5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQmjANBgkqhkiG9w0BAQsFAAOCAQEAcZbn6CFWcpqWQPGrO29iQbZwTQya
aFi6k1ZlEVNn9plJgROrwvfMpeO8vu7izyKtDLGGbDHa4B82RNFspIuMYJVm89pe
+f5/v1ujtRYXPD1AmTnBg/c80BR70wHeipQQUeaOChyclwOpR0sMGi12Kvw32AJC
iyUhFTAdNvkbdpqX6tQE4oS/HvQBNz9hLAaCrYQlfyCZG2AoZ7kNJ0VnCQGYBunA
kDP5nU3lWrz7ws9X7tvAqbD4sXUtkUaFWOYi/CMFyDjWSJb/DRp1cyR4QJYmOwzI
gavg18XAniaP82FZkvY1bHd50ZsLk/DM/o2v3uQzQsBX3R9+FEvra6cSHg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:46:40 2025 by rpki-client