Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99e8bb44-3025-44e4-9f44-16b97a3d2055.roa
File: 99e8bb44-3025-44e4-9f44-16b97a3d2055.roa (raw, json)
Hash identifier: cgC7HN1RD4kGqgXkn3JGuJJkZuzukO0WXvo/0pZCKWg=
Subject key identifier: FE:E2:02:6B:11:2E:E4:D4:5E:A6:22:92:F7:30:14:F9:EB:1E:0D:40
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 10EB1B6F4D545E91BB8901A435B22C298A5CABF0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99e8bb44-3025-44e4-9f44-16b97a3d2055.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 136.18.132.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:eb:1b:6f:4d:54:5e:91:bb:89:01:a4:35:b2:2c:29:8a:5c:ab:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=a65b42dfcb888b632d666e8bad87a0bd918241799d5459f79641e7abb599d995, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fa:2d:21:73:1d:83:f8:1d:ff:91:72:df:a4:
bb:03:60:f9:62:c8:8d:a4:15:0e:d9:c5:54:0f:c0:
9e:31:5f:b4:fb:0f:ed:e4:37:e6:d9:6b:79:1a:15:
62:a3:20:90:8d:26:a8:58:36:39:5f:b2:47:80:13:
99:83:15:a2:c6:6c:6a:68:50:b1:c3:b8:e9:42:23:
6d:af:7e:f2:b6:c2:8d:35:72:fa:51:eb:77:19:5a:
02:83:05:fa:61:0a:ad:28:83:9c:fc:24:32:21:fb:
11:df:63:96:43:cd:40:32:9f:f7:ea:de:23:5f:3a:
6f:8c:01:69:f9:d6:89:79:16:ac:84:48:ca:8f:08:
4d:4f:dd:2a:50:44:fc:29:4a:bf:a1:c4:16:bb:12:
56:9d:24:49:31:6c:87:33:6c:25:45:1f:ec:fb:9b:
68:d2:1d:56:9b:84:5e:79:5e:f7:be:5c:33:5f:f5:
3d:62:19:47:0b:53:ff:e5:da:f2:98:12:54:5e:d8:
83:5c:71:91:be:12:0d:4e:51:7c:f1:77:3f:46:ac:
bd:57:b7:11:fc:fd:94:4b:5f:94:94:81:76:c8:98:
05:7e:47:0a:64:d3:9a:e0:e3:63:ba:9a:49:a7:17:
db:3a:db:f6:96:ee:d8:79:45:70:fb:0f:af:54:d6:
b0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E2:02:6B:11:2E:E4:D4:5E:A6:22:92:F7:30:14:F9:EB:1E:0D:40
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99e8bb44-3025-44e4-9f44-16b97a3d2055.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.132.0/23
Signature Algorithm: sha256WithRSAEncryption
41:87:8b:a0:ef:49:7d:57:60:63:5e:d0:f2:7a:49:4f:cf:bf:
19:3c:ec:52:5e:8e:f1:5c:23:64:b0:23:65:58:1b:e9:13:e1:
22:86:33:e7:c4:f2:c4:2c:5f:9d:17:f8:2a:96:54:4a:33:2f:
5e:e6:d1:06:12:8f:14:d4:bc:ab:77:4a:ce:81:61:46:4a:3e:
93:f3:36:a0:6f:15:9b:0f:4d:27:38:3c:9a:9c:3d:f0:b6:e3:
cb:98:68:d5:4e:6f:84:2a:ac:21:a0:fb:f3:0b:1d:65:8c:76:
6c:08:16:c4:d1:8a:e3:01:b2:12:36:69:91:9f:c1:03:00:cd:
a6:73:bf:87:e6:e6:64:d4:c3:5d:5c:84:f6:91:99:8e:d3:54:
cc:bf:3a:80:44:60:fa:83:09:b1:4d:c8:80:4a:15:c0:1b:38:
37:aa:8f:63:ba:cf:f4:82:24:33:87:e9:7e:1c:49:28:3a:18:
96:e4:37:cc:c4:c5:14:c7:97:36:48:96:bf:e9:ba:90:06:53:
97:ce:ec:04:92:e5:a5:bc:d7:64:4a:0d:1c:95:6c:58:ac:64:
60:24:2f:c1:3c:ce:4a:26:d6:95:2b:2c:69:01:d2:ad:80:5f:
74:43:18:aa:b1:ef:a7:a8:51:9c:a5:b6:ac:4e:49:f5:3d:ba:
4c:69:8d:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEOsbb01UXpG7iQGkNbIsKYpcq/AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjViNDJkZmNiODg4YjYzMmQ2NjZlOGJhZDg3YTBiZDkx
ODI0MTc5OWQ1NDU5Zjc5NjQxZTdhYmI1OTlkOTk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO+i0hcx2D+B3/kXLfpLsDYPliyI2kFQ7ZxVQPwJ4xX7T7
D+3kN+bZa3kaFWKjIJCNJqhYNjlfskeAE5mDFaLGbGpoULHDuOlCI22vfvK2wo01
cvpR63cZWgKDBfphCq0og5z8JDIh+xHfY5ZDzUAyn/fq3iNfOm+MAWn51ol5FqyE
SMqPCE1P3SpQRPwpSr+hxBa7EladJEkxbIczbCVFH+z7m2jSHVabhF55Xve+XDNf
9T1iGUcLU//l2vKYElRe2INccZG+Eg1OUXzxdz9GrL1XtxH8/ZRLX5SUgXbImAV+
Rwpk05rg42O6mkmnF9s62/aW7th5RXD7D69U1rD9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/uICaxEu5NRepiKS9zAU+eseDUAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5ZThiYjQ0LTMwMjUtNDRlNC05ZjQ0LTE2Yjk3YTNkMjA1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGIEoQwDQYJKoZIhvcNAQELBQADggEBAEGHi6DvSX1XYGNe0PJ6SU/Pvxk8
7FJejvFcI2SwI2VYG+kT4SKGM+fE8sQsX50X+CqWVEozL17m0QYSjxTUvKt3Ss6B
YUZKPpPzNqBvFZsPTSc4PJqcPfC248uYaNVOb4QqrCGg+/MLHWWMdmwIFsTRiuMB
shI2aZGfwQMAzaZzv4fm5mTUw11chPaRmY7TVMy/OoBEYPqDCbFNyIBKFcAbODeq
j2O6z/SCJDOH6X4cSSg6GJbkN8zExRTHlzZIlr/pupAGU5fO7ASS5aW812RKDRyV
bFisZGAkL8E8zkom1pUrLGkB0q2AX3RDGKqx76eoUZyltqxOSfU9ukxpjQc=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:48:28 2025 by rpki-client