Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9971109a-e18f-4075-acd9-c1e07b482511.roa
File: 9971109a-e18f-4075-acd9-c1e07b482511.roa (raw, json)
Hash identifier: 5dPKXCtY9vEfcB9n8Il8NJI0gndMnSjWzKbyZVgN3o0=
Subject key identifier: 90:69:D7:E1:BC:ED:AE:1E:2A:C1:62:D1:D6:AB:DC:CD:8E:DE:96:58
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7D6977D580C9D339B60D21957259CC2E5EAD80E2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9971109a-e18f-4075-acd9-c1e07b482511.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ff0:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:69:77:d5:80:c9:d3:39:b6:0d:21:95:72:59:cc:2e:5e:ad:80:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=deab86bc440f3ccc32a365aa4e0e0f822c42cddb3ab3eb29fff6c23bd4df237f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:5e:7b:b7:40:91:11:32:10:92:a4:7b:e2:
ab:d5:57:13:f2:52:3e:cd:81:d1:30:78:f7:fe:38:
6e:9c:41:d3:eb:69:1f:26:73:41:39:5a:a0:eb:08:
5d:1c:77:23:ca:5a:84:d8:0e:2c:89:03:44:6d:ea:
40:00:a8:5d:d4:48:0d:21:5b:94:9a:d7:a1:ac:18:
14:4e:7b:8e:64:a1:bf:9c:3c:30:e5:e0:6a:e3:1d:
d9:24:b4:82:59:a6:8d:4b:c6:85:8a:16:22:b8:bb:
4d:d6:65:ba:43:7f:1a:6b:d2:c5:3e:20:61:54:39:
0f:c7:d1:c0:de:29:57:1c:ff:97:9a:3a:a0:73:c4:
2e:30:ba:21:e1:13:69:76:1a:65:24:64:71:3f:42:
af:2f:94:2f:64:3f:00:05:f6:83:84:d7:91:ec:95:
cf:b4:81:85:db:c5:c9:9e:32:29:db:d2:c1:b7:13:
30:84:63:a3:94:e3:6d:b0:b7:c7:a5:9a:18:d9:62:
04:c2:be:35:74:5b:0a:3d:96:a3:7f:83:17:e3:23:
9d:9d:31:a4:69:f7:b7:7b:17:ad:b4:67:08:74:12:
8b:5a:7c:20:fc:52:f8:38:44:b5:09:5f:4e:c9:bc:
48:fb:4d:0a:11:d5:19:94:03:f0:07:ee:fd:20:c5:
80:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:69:D7:E1:BC:ED:AE:1E:2A:C1:62:D1:D6:AB:DC:CD:8E:DE:96:58
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9971109a-e18f-4075-acd9-c1e07b482511.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff0:4000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:e5:f6:ec:f0:bf:24:5f:fd:66:51:dd:12:1b:f0:d9:b3:1d:
9c:bc:37:3f:d3:27:b2:05:51:67:6c:03:85:fb:b4:14:28:23:
df:af:97:c1:b3:77:ef:f5:f8:54:b0:3f:9f:e7:bb:69:67:65:
3d:4f:33:96:b6:b4:e6:c9:de:41:f9:11:5a:0e:00:86:44:7a:
96:69:eb:40:2f:78:1e:25:f7:5e:f6:a7:8e:b3:a1:86:12:f9:
49:1f:d1:10:52:6f:44:bf:91:3e:68:a4:ca:8a:c3:84:fe:d9:
e6:a6:6e:ce:96:4c:49:b6:3d:a6:6c:3b:37:24:15:73:12:96:
9e:41:3e:f0:4b:50:f6:db:ad:07:55:f3:43:a4:1a:da:88:ab:
51:d0:78:24:22:2a:27:6a:bb:c1:27:50:a1:52:05:3e:a8:ec:
c0:97:c1:42:19:a9:d6:0c:d1:e8:23:7d:7e:59:11:5f:d3:2e:
4b:2c:64:b7:11:f9:2f:5b:a8:20:d4:53:ae:70:ef:cb:0f:7f:
26:75:c6:63:97:a0:5f:4e:67:99:eb:39:4b:9a:6a:52:d8:97:
97:f5:cc:16:d8:90:8d:5f:30:99:f0:61:72:38:be:a8:c1:51:
7e:f7:44:24:55:a0:30:17:59:ba:56:60:60:88:e6:29:f9:eb:
6c:73:ac:c5
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUfWl31YDJ0zm2DSGVclnMLl6tgOIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZWFiODZiYzQ0MGYzY2NjMzJhMzY1YWE0ZTBlMGY4MjJj
NDJjZGRiM2FiM2ViMjlmZmY2YzIzYmQ0ZGYyMzdmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF9l57t0CRETIQkqR74qvVVxPyUj7NgdEwePf+OG6cQdPr
aR8mc0E5WqDrCF0cdyPKWoTYDiyJA0Rt6kAAqF3USA0hW5Sa16GsGBROe45kob+c
PDDl4GrjHdkktIJZpo1LxoWKFiK4u03WZbpDfxpr0sU+IGFUOQ/H0cDeKVcc/5ea
OqBzxC4wuiHhE2l2GmUkZHE/Qq8vlC9kPwAF9oOE15Hslc+0gYXbxcmeMinb0sG3
EzCEY6OU422wt8elmhjZYgTCvjV0Wwo9lqN/gxfjI52dMaRp97d7F620Zwh0Eota
fCD8Uvg4RLUJX07JvEj7TQoR1RmUA/AH7v0gxYDLAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUkGnX4bztrh4qwWLR1qvczY7ellgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5NzExMDlhLWUxOGYtNDA3NS1hY2Q5LWMxZTA3YjQ4MjUxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/wQDANBgkqhkiG9w0BAQsFAAOCAQEAeuX27PC/JF/9ZlHdEhvw2bMd
nLw3P9MnsgVRZ2wDhfu0FCgj36+XwbN37/X4VLA/n+e7aWdlPU8zlra05sneQfkR
Wg4AhkR6lmnrQC94HiX3XvanjrOhhhL5SR/REFJvRL+RPmikyorDhP7Z5qZuzpZM
SbY9pmw7NyQVcxKWnkE+8EtQ9tutB1XzQ6Qa2oirUdB4JCIqJ2q7wSdQoVIFPqjs
wJfBQhmp1gzR6CN9flkRX9MuSyxktxH5L1uoINRTrnDvyw9/JnXGY5egX05nmes5
S5pqUtiXl/XMFtiQjV8wmfBhcji+qMFRfvdEJFWgMBdZulZgYIjmKfnrbHOsxQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:29 2025 by rpki-client