Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a21d08b-d70b-4b07-bfef-5d7c4aba9943.roa
File: 9a21d08b-d70b-4b07-bfef-5d7c4aba9943.roa (raw, json)
Hash identifier: T8aRqrserUJpgso3ZnGnyT6QvtmjGrciAUcOwuu/mgA=
Subject key identifier: A7:8D:AC:9D:F7:69:9A:46:95:AA:9A:28:D9:5E:0A:1D:9A:56:4B:AE
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6320F3E1FFD2C687ADA5E92201F307B44B281EE5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a21d08b-d70b-4b07-bfef-5d7c4aba9943.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 138.34.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:20:f3:e1:ff:d2:c6:87:ad:a5:e9:22:01:f3:07:b4:4b:28:1e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=2886adfe6699c02439a719b1a120ba2e44ff7c276f570cd11575412d7d5d717f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:55:cf:5e:02:45:6c:2f:98:1c:d9:23:a1:
db:96:ea:04:95:13:7f:5e:8e:a3:62:78:cf:d7:95:
c3:a6:78:74:f8:13:e8:d2:6b:ec:71:3b:db:3d:65:
f2:82:c0:9b:c0:53:46:02:e2:7c:04:d9:bf:0c:48:
ab:03:ea:af:b0:c9:a0:2e:39:d2:27:b4:c7:1c:26:
6d:02:fc:0e:26:dc:0c:cb:22:c7:d4:53:c0:24:4e:
fb:5a:9a:93:6c:b2:84:d7:50:d5:54:76:31:87:80:
6f:a6:d9:d8:71:97:61:ef:66:f6:bf:33:2b:e9:22:
46:ee:bd:f7:cb:09:df:1b:94:c1:db:20:43:17:88:
d9:3b:40:39:40:22:b2:ec:76:7f:e5:31:a6:55:ba:
3d:a0:04:ab:99:16:dd:50:64:d9:8a:c1:e5:fd:72:
6c:b4:42:e8:e8:a7:79:6f:dc:c2:96:c2:d2:c3:43:
95:92:dc:fb:26:70:e6:c2:89:ae:d4:4a:55:a6:5b:
ef:c2:6b:65:f9:4c:ef:cc:c5:1d:47:20:2e:40:92:
b6:60:d0:cc:66:d5:64:38:ce:09:52:22:15:f4:02:
dc:6a:4e:1a:7c:46:c3:94:a9:e5:7e:40:ee:c1:78:
42:6b:e2:7b:ad:05:8a:2b:31:3a:d9:3a:55:b3:f6:
93:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8D:AC:9D:F7:69:9A:46:95:AA:9A:28:D9:5E:0A:1D:9A:56:4B:AE
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a21d08b-d70b-4b07-bfef-5d7c4aba9943.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:31:93:f8:4e:9e:48:9e:20:8c:57:2a:3d:3c:e7:4f:f5:56:
61:85:f7:4c:01:41:a8:6d:03:39:9a:29:4f:e7:71:17:66:1e:
35:1a:25:ef:40:8f:e9:19:fb:12:8b:61:09:bf:e4:ba:fd:bb:
be:ef:e1:99:e8:6c:e7:d0:14:17:54:4a:08:cc:12:14:75:70:
0e:aa:26:65:43:f0:2f:41:f5:dc:2f:cd:1c:70:95:3a:fb:77:
c8:9e:50:46:5f:e8:5a:2a:fe:28:da:ea:d1:6e:68:2a:97:40:
1b:3f:a6:65:4f:7d:2f:4c:7f:a6:6b:0e:72:92:39:59:69:68:
7e:42:e1:90:b3:1e:6d:2f:c6:7e:f2:28:20:c3:fb:69:6d:7a:
02:b6:b2:d3:13:e1:5c:65:b8:18:a5:bb:00:06:8b:a0:a5:10:
35:f9:53:43:11:cb:68:25:a7:09:7b:cb:d6:04:9e:73:20:46:
9f:fa:3a:8f:a3:e4:23:2b:b4:eb:3c:2c:e9:dd:00:14:bb:a8:
ed:ff:a4:a3:69:06:18:6e:56:ce:59:e9:42:b1:5a:78:69:7c:
2f:e7:62:5a:bc:24:5b:5f:f7:76:cc:0d:43:08:26:eb:36:5e:
78:b5:43:d7:38:cd:62:b4:12:d7:74:b8:b9:4a:59:60:6e:c1:
9d:d7:bf:58
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYyDz4f/SxoetpekiAfMHtEsoHuUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyODg2YWRmZTY2OTljMDI0MzlhNzE5YjFhMTIwYmEyZTQ0
ZmY3YzI3NmY1NzBjZDExNTc1NDEyZDdkNWQ3MTdmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4fFXPXgJFbC+YHNkjoduW6gSVE39ejqNieM/XlcOmeHT4
E+jSa+xxO9s9ZfKCwJvAU0YC4nwE2b8MSKsD6q+wyaAuOdIntMccJm0C/A4m3AzL
IsfUU8AkTvtampNssoTXUNVUdjGHgG+m2dhxl2HvZva/MyvpIkbuvffLCd8blMHb
IEMXiNk7QDlAIrLsdn/lMaZVuj2gBKuZFt1QZNmKweX9cmy0Qujop3lv3MKWwtLD
Q5WS3PsmcObCia7USlWmW+/Ca2X5TO/MxR1HIC5AkrZg0Mxm1WQ4zglSIhX0Atxq
Thp8RsOUqeV+QO7BeEJr4nutBYorMTrZOlWz9pM7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUp42snfdpmkaVqpoo2V4KHZpWS64wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhMjFkMDhiLWQ3MGItNGIwNy1iZmVmLTVkN2M0YWJhOTk0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCKIjANBgkqhkiG9w0BAQsFAAOCAQEAYjGT+E6eSJ4gjFcqPTznT/VWYYX3
TAFBqG0DOZopT+dxF2YeNRol70CP6Rn7EothCb/kuv27vu/hmehs59AUF1RKCMwS
FHVwDqomZUPwL0H13C/NHHCVOvt3yJ5QRl/oWir+KNrq0W5oKpdAGz+mZU99L0x/
pmsOcpI5WWlofkLhkLMebS/GfvIoIMP7aW16Aray0xPhXGW4GKW7AAaLoKUQNflT
QxHLaCWnCXvL1gSecyBGn/o6j6PkIyu06zws6d0AFLuo7f+ko2kGGG5WzlnpQrFa
eGl8L+diWrwkW1/3dswNQwgm6zZeeLVD1zjNYrQS13S4uUpZYG7Bnde/WA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:47:04 2025 by rpki-client