Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/990929e7-cb31-4dd9-92e4-740e828fae8f.roa
File: 990929e7-cb31-4dd9-92e4-740e828fae8f.roa (raw, json)
Hash identifier: IV71MIp/GFhXZxP0pe/fW1glIEs2ZXyEUorr+VxdgWw=
Subject key identifier: A1:6C:6E:8A:93:96:3B:95:0F:6B:7F:0F:6A:AF:40:18:E5:E8:7D:68
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 532BEC81A47FC69BE397F16B42BB16A90D05B42A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/990929e7-cb31-4dd9-92e4-740e828fae8f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 147.106.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:2b:ec:81:a4:7f:c6:9b:e3:97:f1:6b:42:bb:16:a9:0d:05:b4:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:16:08:c3:5d:81:66:3c:70:fb:9a:24:95:78:
1e:cd:d3:e1:95:78:e7:50:d0:22:5b:18:4a:61:0a:
83:30:93:a1:c4:bf:07:90:57:a2:fe:00:1f:c6:b0:
22:82:83:36:ea:de:22:f8:bd:57:bd:b6:ab:3a:79:
9c:cb:68:c7:1b:29:2d:76:7d:3a:f4:aa:96:02:2a:
bd:ff:e2:98:26:f4:64:0e:77:12:e1:74:6d:b9:8f:
8c:12:18:95:11:4c:54:03:3a:c8:60:a9:37:14:b7:
78:9b:c0:c7:c3:c0:d0:2e:35:42:94:c3:e1:7d:68:
92:5a:2f:c0:6d:68:fe:96:1a:52:17:c3:01:9c:94:
2d:4c:25:31:7c:e8:38:69:55:2f:0f:b9:b5:e6:88:
30:53:05:12:f3:7b:de:e4:3a:ed:f3:cc:8a:37:34:
01:bd:04:eb:ba:b9:de:19:fc:66:20:7b:2d:65:42:
a1:05:e1:6e:83:23:d5:55:5c:34:b2:36:4a:62:44:
e8:52:63:e8:0b:5f:ab:dc:d1:4a:2d:6c:fe:c1:f8:
36:2a:01:15:0d:f7:07:72:91:c9:f9:c9:a6:cb:b1:
a1:08:86:9e:ef:59:47:50:c0:99:a7:0b:fb:db:c8:
98:2d:93:a7:f1:67:0f:0e:c4:5c:40:9c:8c:eb:82:
89:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6C:6E:8A:93:96:3B:95:0F:6B:7F:0F:6A:AF:40:18:E5:E8:7D:68
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/990929e7-cb31-4dd9-92e4-740e828fae8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.106.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1f:08:75:1e:3b:56:fc:a9:6c:e3:b6:bf:13:ba:74:f8:ca:3f:
8d:f6:c6:d3:bf:84:04:35:71:b3:09:38:90:34:5b:de:af:db:
1b:dd:2d:33:a3:6b:bc:4f:3d:a8:b6:77:f6:2c:42:ea:bb:5a:
35:fd:00:2e:05:05:42:4b:86:5d:ef:15:9c:08:37:cf:bd:cd:
ea:3c:f5:98:0e:a0:05:99:4e:64:91:31:c6:52:94:55:39:82:
96:80:0b:54:cb:5a:c8:29:61:1c:c8:8d:ab:2c:13:d0:47:c6:
16:f8:0a:5e:56:97:ca:b9:30:ef:c1:28:5b:45:fd:31:8c:08:
fd:77:18:61:64:0a:53:2e:d1:60:7f:cc:78:07:79:ed:dd:c8:
95:d4:13:03:83:6b:45:d9:ed:8f:d9:b3:dd:14:8f:7f:fc:fe:
42:0d:cc:5c:66:7e:0c:0e:92:62:ac:a0:4e:96:30:02:00:5d:
67:24:bb:e0:16:55:f9:b7:0d:14:5a:10:84:4e:09:7c:57:1f:
0b:4a:7c:46:39:be:4c:ed:42:52:29:0f:60:7d:22:d3:01:82:
16:4c:ba:cc:a4:20:51:a3:3a:b1:5f:31:42:09:b9:5d:8a:f8:
4b:30:db:af:af:79:ee:8f:a5:a9:55:e4:df:c3:e5:17:d7:9f:
60:57:24:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUyvsgaR/xpvjl/FrQrsWqQ0FtCowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YTA4MzkzMDcyMzM2MmEwZWNiY2MxMWMyYTQ2OTJlNjdk
MWFmMTUyOTU5OGEwNDliMGM4MmRiNGJhZGE3NzZhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxFgjDXYFmPHD7miSVeB7N0+GVeOdQ0CJbGEphCoMwk6HE
vweQV6L+AB/GsCKCgzbq3iL4vVe9tqs6eZzLaMcbKS12fTr0qpYCKr3/4pgm9GQO
dxLhdG25j4wSGJURTFQDOshgqTcUt3ibwMfDwNAuNUKUw+F9aJJaL8BtaP6WGlIX
wwGclC1MJTF86DhpVS8PubXmiDBTBRLze97kOu3zzIo3NAG9BOu6ud4Z/GYgey1l
QqEF4W6DI9VVXDSyNkpiROhSY+gLX6vc0UotbP7B+DYqARUN9wdykcn5yabLsaEI
hp7vWUdQwJmnC/vbyJgtk6fxZw8OxFxAnIzrgomLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoWxuipOWO5UPa38Paq9AGOXofWgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5MDkyOWU3LWNiMzEtNGRkOS05MmU0LTc0MGU4MjhmYWU4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAaTasAwDQYJKoZIhvcNAQELBQADggEBAB8IdR47VvypbOO2vxO6dPjKP432
xtO/hAQ1cbMJOJA0W96v2xvdLTOja7xPPai2d/YsQuq7WjX9AC4FBUJLhl3vFZwI
N8+9zeo89ZgOoAWZTmSRMcZSlFU5gpaAC1TLWsgpYRzIjassE9BHxhb4Cl5Wl8q5
MO/BKFtF/TGMCP13GGFkClMu0WB/zHgHee3dyJXUEwODa0XZ7Y/Zs90Uj3/8/kIN
zFxmfgwOkmKsoE6WMAIAXWcku+AWVfm3DRRaEIROCXxXHwtKfEY5vkztQlIpD2B9
ItMBghZMusykIFGjOrFfMUIJuV2K+Esw26+vee6PpalV5N/D5RfXn2BXJDg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:42 2025 by rpki-client