Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9afc3648-e743-4071-9537-63054bbb0cc3.roa
File: 9afc3648-e743-4071-9537-63054bbb0cc3.roa (raw, json)
Hash identifier: 5kzmJBq1lFTH6TZ0tZvGuahRa6kf+mTjaGokeQx4wrc=
Subject key identifier: F2:05:51:60:62:76:8B:D4:A8:AB:8D:8D:5A:FD:71:70:82:72:E6:EB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3FB7D4C21C14B629707DA81672F46BAC01B8A41F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9afc3648-e743-4071-9537-63054bbb0cc3.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 56.130.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:b7:d4:c2:1c:14:b6:29:70:7d:a8:16:72:f4:6b:ac:01:b8:a4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: serialNumber=e9f229ce051f96c1ac26c43471f550cfbfd60ffa66aa3e8861821fd2334c8d31, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:a3:ef:14:85:b5:6f:69:82:34:fe:d6:29:
35:6b:95:63:98:b6:6b:3f:3b:fb:64:3f:26:c5:26:
18:22:c0:07:f2:49:58:1e:30:ed:dd:d3:1a:45:ab:
9c:90:a4:81:e4:73:0b:80:c4:11:7c:19:79:df:73:
e3:83:2e:b3:00:5d:93:5b:32:47:af:65:8a:e5:64:
8b:ea:aa:ff:b7:e6:c6:cf:b0:e6:ca:03:b0:e2:d3:
97:a4:10:64:95:f9:42:f8:c0:d3:6d:a0:a5:44:64:
45:22:c1:aa:f0:ee:38:3f:97:8a:87:92:8c:a1:c4:
b5:fd:18:9f:f9:2f:87:7a:35:79:59:bd:fb:68:69:
23:c2:09:4d:10:ba:8b:94:36:32:87:24:53:f0:fb:
25:e0:f7:43:f7:21:fe:a7:a5:c8:69:13:60:ef:63:
4f:7c:82:69:04:fe:a3:93:fc:8c:ee:13:8c:75:9d:
b4:f0:18:a4:db:d2:29:16:cf:40:68:d5:65:85:90:
36:f3:2e:13:d9:bb:72:f1:58:7a:19:72:8c:7e:b2:
c3:1b:fb:4a:d7:ff:ed:24:7f:4f:9c:2c:07:8c:de:
54:ab:7e:69:70:6b:ba:5e:93:26:e1:9d:b0:d3:b0:
7e:18:11:25:0f:e0:01:41:33:b5:e6:e2:c7:67:7f:
db:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:05:51:60:62:76:8B:D4:A8:AB:8D:8D:5A:FD:71:70:82:72:E6:EB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9afc3648-e743-4071-9537-63054bbb0cc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:9b:9a:65:d0:a5:b9:45:ff:17:51:87:b7:84:89:bb:ad:13:
3a:0c:1b:1f:ba:f4:99:7a:98:9c:79:c4:93:4a:d2:0d:4a:7e:
82:9b:61:64:ed:10:f3:83:3e:dc:02:62:02:f8:34:aa:ae:1b:
14:99:25:de:0f:19:32:7d:ff:04:15:03:3b:33:14:98:0e:3d:
80:60:01:12:5d:bd:61:b9:ed:14:bf:6a:33:1b:7c:9b:ab:49:
36:8b:72:90:e8:c3:c8:a5:97:08:62:a6:9e:ea:88:83:5b:a9:
a4:9e:07:e8:58:2e:00:cf:b0:d2:eb:97:71:76:48:c9:b3:73:
2a:c6:3d:5e:9c:00:d0:69:f0:a7:34:dc:79:06:1b:7b:95:9b:
e2:fa:eb:c0:1a:05:34:16:b4:32:44:83:a9:ba:65:47:e3:92:
c1:a8:57:06:17:9e:40:a1:b7:cd:e2:a4:a4:6a:3b:a6:7d:fe:
4b:ce:be:a5:63:b4:42:3a:d8:67:af:15:2b:64:c9:7e:b0:00:
fa:0a:a3:17:64:af:76:cc:b7:05:59:92:ec:26:5e:0e:98:20:
8e:a4:96:29:dc:e0:14:4c:a7:4c:f4:cf:09:76:8b:02:88:bf:
a5:ce:98:a7:ff:4a:df:84:4b:bd:30:7e:d1:03:b3:4e:3d:b9:
50:4f:0c:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUP7fUwhwUtilwfagWcvRrrAG4pB8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAxMDAwMDAwWhcNMjUwMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOWYyMjljZTA1MWY5NmMxYWMyNmM0MzQ3MWY1NTBjZmJm
ZDYwZmZhNjZhYTNlODg2MTgyMWZkMjMzNGM4ZDMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvk6PvFIW1b2mCNP7WKTVrlWOYtms/O/tkPybFJhgiwAfy
SVgeMO3d0xpFq5yQpIHkcwuAxBF8GXnfc+ODLrMAXZNbMkevZYrlZIvqqv+35sbP
sObKA7Di05ekEGSV+UL4wNNtoKVEZEUiwarw7jg/l4qHkoyhxLX9GJ/5L4d6NXlZ
vftoaSPCCU0QuouUNjKHJFPw+yXg90P3If6npchpE2DvY098gmkE/qOT/IzuE4x1
nbTwGKTb0ikWz0Bo1WWFkDbzLhPZu3LxWHoZcox+ssMb+0rX/+0kf0+cLAeM3lSr
fmlwa7pekybhnbDTsH4YESUP4AFBM7Xm4sdnf9sbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8gVRYGJ2i9Soq42NWv1xcIJy5uswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhZmMzNjQ4LWU3NDMtNDA3MS05NTM3LTYzMDU0YmJiMGNjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4gjANBgkqhkiG9w0BAQsFAAOCAQEAGpuaZdCluUX/F1GHt4SJu60TOgwb
H7r0mXqYnHnEk0rSDUp+gpthZO0Q84M+3AJiAvg0qq4bFJkl3g8ZMn3/BBUDOzMU
mA49gGABEl29YbntFL9qMxt8m6tJNotykOjDyKWXCGKmnuqIg1uppJ4H6FguAM+w
0uuXcXZIybNzKsY9XpwA0GnwpzTceQYbe5Wb4vrrwBoFNBa0MkSDqbplR+OSwahX
BheeQKG3zeKkpGo7pn3+S86+pWO0QjrYZ68VK2TJfrAA+gqjF2Svdsy3BVmS7CZe
DpggjqSWKdzgFEynTPTPCXaLAoi/pc6Yp/9K34RLvTB+0QOzTj25UE8MPg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:17:57 2025 by rpki-client