Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/96d1693e-c648-4be4-83b6-4e9d18687e82.roa
File: 96d1693e-c648-4be4-83b6-4e9d18687e82.roa (raw, json)
Hash identifier: Nt2mc212N+4QAXBAWCwbwXOKwlqOLnHsnFUAgH3FlmY=
Subject key identifier: E3:07:06:52:1C:6D:DF:75:4F:2F:9C:3F:48:95:B9:87:78:95:74:B8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 438937CF91E0E24BAEFC42083660D9E75BF434CE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/96d1693e-c648-4be4-83b6-4e9d18687e82.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 165.129.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:89:37:cf:91:e0:e2:4b:ae:fc:42:08:36:60:d9:e7:5b:f4:34:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=90abe74fa9bb349bba6769dd7d59f0bb8acb6c1f94f206a469fdf7d4a927a607, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:11:8d:13:78:22:a7:81:b7:21:8a:cf:5d:
54:69:d0:8c:5b:15:bc:66:93:e7:fa:29:e7:a8:c0:
23:55:fe:b9:e1:18:6b:b7:7e:1f:48:8e:2f:b8:63:
e0:b2:95:6e:7f:36:99:b5:ef:4a:c8:56:5a:41:21:
9a:76:0d:16:90:db:97:ec:be:a8:d9:6a:57:b3:91:
54:99:d5:76:2a:33:56:0e:71:8c:9b:1e:f6:6f:27:
63:08:71:37:fd:49:13:4b:aa:3e:cb:3d:2e:36:14:
c2:39:98:07:54:d4:ed:42:7d:c4:65:3e:1e:68:f2:
82:bc:d4:8e:0c:ab:74:18:e7:46:bd:df:87:86:aa:
aa:10:37:39:70:49:54:f8:38:17:1c:fa:9b:57:f5:
1f:e4:d1:a8:27:0b:78:1a:6d:3e:a3:3a:5b:8d:06:
c7:af:2a:ac:43:76:4c:af:a3:06:09:46:38:0a:5a:
0a:90:62:47:da:b3:04:7b:10:d6:33:41:8b:f4:30:
ac:ec:ef:f0:9f:9d:31:ea:25:1c:1b:40:37:c0:63:
4e:44:dd:8f:68:cf:fa:8a:74:a1:b9:2c:72:46:a8:
98:1a:60:ee:41:52:e9:cf:57:06:3e:9d:b7:bf:79:
da:50:6d:0a:e9:2e:89:f5:ce:ee:09:02:2f:76:82:
d5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:07:06:52:1C:6D:DF:75:4F:2F:9C:3F:48:95:B9:87:78:95:74:B8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/96d1693e-c648-4be4-83b6-4e9d18687e82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
165.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:0b:74:e9:6f:71:38:0b:93:24:5e:c6:6a:b2:45:74:aa:19:
bb:ba:53:95:ca:e8:fd:72:23:13:6e:dd:99:39:e8:a9:60:4d:
8a:ed:91:44:74:9e:d2:06:de:6e:9c:9b:44:67:62:6c:89:08:
29:dc:b9:85:37:19:18:e3:b5:1b:e8:e8:5f:e9:6b:14:0a:71:
16:42:02:6f:2d:e4:7a:c4:24:1d:f0:8b:89:6a:9e:06:ea:6c:
b5:d5:67:41:00:9a:58:f4:84:90:16:12:aa:35:21:6f:db:07:
09:4c:a8:4a:f1:e5:a4:9a:55:fb:86:8a:5c:5c:fc:c1:69:ba:
db:b3:2d:02:0f:89:75:1d:83:c1:3f:72:50:e7:ca:74:f4:84:
96:d8:4e:14:be:e4:55:07:46:ce:63:0f:ce:cc:56:af:07:aa:
dc:a6:8a:f7:a4:48:c4:d0:89:28:f7:b8:56:3f:ce:27:7b:7e:
e8:17:81:43:d3:4e:64:df:f4:e6:a8:a8:9b:ee:dc:29:cc:e8:
48:c8:61:48:86:ca:fb:90:11:57:96:61:33:2c:22:64:63:0f:
7a:c4:3f:86:d5:58:2b:85:8f:aa:67:8e:f7:0d:88:1c:e3:63:
b7:a9:95:f9:2b:43:e5:a6:d5:ca:01:b0:ae:f0:0e:21:19:83:
a3:fb:c0:e7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQ4k3z5Hg4kuu/EIINmDZ51v0NM4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MGFiZTc0ZmE5YmIzNDliYmE2NzY5ZGQ3ZDU5ZjBiYjhh
Y2I2YzFmOTRmMjA2YTQ2OWZkZjdkNGE5MjdhNjA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChEhGNE3gip4G3IYrPXVRp0IxbFbxmk+f6KeeowCNV/rnh
GGu3fh9Iji+4Y+CylW5/Npm170rIVlpBIZp2DRaQ25fsvqjZalezkVSZ1XYqM1YO
cYybHvZvJ2MIcTf9SRNLqj7LPS42FMI5mAdU1O1CfcRlPh5o8oK81I4Mq3QY50a9
34eGqqoQNzlwSVT4OBcc+ptX9R/k0agnC3gabT6jOluNBsevKqxDdkyvowYJRjgK
WgqQYkfaswR7ENYzQYv0MKzs7/CfnTHqJRwbQDfAY05E3Y9oz/qKdKG5LHJGqJga
YO5BUunPVwY+nbe/edpQbQrpLon1zu4JAi92gtVRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4wcGUhxt33VPL5w/SJW5h3iVdLgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk2ZDE2OTNlLWM2NDgtNGJlNC04M2I2LTRlOWQxODY4N2U4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwClgTANBgkqhkiG9w0BAQsFAAOCAQEAZQt06W9xOAuTJF7GarJFdKoZu7pT
lcro/XIjE27dmTnoqWBNiu2RRHSe0gbebpybRGdibIkIKdy5hTcZGOO1G+joX+lr
FApxFkICby3kesQkHfCLiWqeBupstdVnQQCaWPSEkBYSqjUhb9sHCUyoSvHlpJpV
+4aKXFz8wWm627MtAg+JdR2DwT9yUOfKdPSElthOFL7kVQdGzmMPzsxWrweq3KaK
96RIxNCJKPe4Vj/OJ3t+6BeBQ9NOZN/05qiom+7cKczoSMhhSIbK+5ARV5ZhMywi
ZGMPesQ/htVYK4WPqmeO9w2IHONjt6mV+StD5abVygGwrvAOIRmDo/vA5w==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:54:35 2025 by rpki-client