Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a24419c6-a138-4fd2-8875-01dce0af0bc1.roa
File: a24419c6-a138-4fd2-8875-01dce0af0bc1.roa (raw, json)
Hash identifier: 4vXA1VdWie0MgZUf6R7/70twTJILvfmay6Yr7ePudEU=
Subject key identifier: F7:85:79:DF:6D:39:30:57:AC:8B:A7:CE:28:D8:DB:32:25:3D:A1:2C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2DE982AEC93831E410802CBF2D3890C33141C19A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a24419c6-a138-4fd2-8875-01dce0af0bc1.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.150.32.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:e9:82:ae:c9:38:31:e4:10:80:2c:bf:2d:38:90:c3:31:41:c1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=3426934a635bd469273475e45b641796b913d7496f966fa538de48aabfbcd9a3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:62:2e:6b:dc:5f:8c:e8:60:95:3c:db:29:26:
a4:74:c1:01:48:88:47:a0:dc:3f:4b:d1:b5:ab:15:
9a:34:5b:01:32:91:2e:8c:61:0b:35:de:7c:5c:ed:
ff:e6:3e:0e:35:87:2f:c7:12:c1:91:fe:4a:be:6c:
1c:7e:1f:b5:a5:a1:0e:2f:d9:4a:9c:59:28:2f:d8:
bd:6a:4d:f7:e6:71:a0:bf:81:cc:03:e6:88:ff:03:
48:e4:a7:94:49:5d:f4:ca:b8:c0:56:1a:40:bd:12:
b6:84:a1:67:20:02:30:78:0f:4d:2e:11:fd:1b:02:
7e:26:70:3e:09:1c:59:67:bd:ac:f3:04:77:c8:87:
c4:39:ab:0b:ce:29:f1:8d:28:2f:75:61:1d:77:ca:
7d:b8:0c:a5:1f:81:40:e2:35:51:4a:5e:cb:cd:a5:
00:e7:e1:45:70:06:bc:01:b1:ab:d4:28:43:f0:06:
2f:59:d8:8e:35:02:ca:6b:89:f9:13:04:97:75:07:
d7:75:35:83:18:37:b2:e5:83:39:19:2e:d8:49:63:
48:e1:9f:7b:49:db:0a:38:42:76:2a:61:18:69:15:
bb:ac:16:6e:fa:a5:10:6a:a7:d8:be:a0:37:49:26:
54:b0:7d:88:e6:b3:38:e8:4d:d3:87:f4:59:10:88:
40:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:85:79:DF:6D:39:30:57:AC:8B:A7:CE:28:D8:DB:32:25:3D:A1:2C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a24419c6-a138-4fd2-8875-01dce0af0bc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.150.32.0/21
Signature Algorithm: sha256WithRSAEncryption
60:cf:aa:d2:1f:f2:0b:05:c4:01:bd:83:28:65:de:5d:5d:15:
b7:26:18:39:a5:a0:50:f6:86:a6:3b:d6:d8:fb:be:db:51:8b:
5c:40:63:25:d9:54:66:34:71:20:b5:5a:72:c0:d8:07:9b:8f:
4d:45:b8:69:dd:7b:7b:31:6a:e6:fe:c5:41:64:34:ec:35:88:
34:42:15:3b:65:1f:03:d3:be:41:ac:95:b8:54:34:46:f0:d9:
a4:bc:ff:c1:8c:62:a9:57:59:77:3a:8c:32:54:2c:16:75:28:
89:23:ea:d0:f4:ad:24:29:7f:fa:60:dd:64:dc:e5:60:a6:2f:
55:32:46:16:39:7d:56:30:ef:eb:46:d0:3d:f3:9e:19:45:37:
91:60:e2:13:0f:68:63:49:5d:b1:92:7e:6a:95:40:83:30:05:
67:97:1d:20:28:0f:81:25:64:62:8e:1e:9e:58:c1:d0:69:40:
cc:fa:2b:cf:da:97:5f:14:fe:02:e2:b6:d3:bc:f5:d8:e8:2d:
4e:a7:5d:72:dc:be:59:fa:ec:1f:eb:8d:1d:a8:a3:3c:ed:21:
b7:81:05:db:f2:3d:40:a3:8e:1a:49:e4:62:67:ce:62:68:86:
8c:c5:2a:14:09:8f:6f:e5:39:e7:3c:f2:cd:56:21:bb:25:d3:
eb:63:bb:9f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULemCrsk4MeQQgCy/LTiQwzFBwZowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNDI2OTM0YTYzNWJkNDY5MjczNDc1ZTQ1YjY0MTc5NmI5
MTNkNzQ5NmY5NjZmYTUzOGRlNDhhYWJmYmNkOWEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdYi5r3F+M6GCVPNspJqR0wQFIiEeg3D9L0bWrFZo0WwEy
kS6MYQs13nxc7f/mPg41hy/HEsGR/kq+bBx+H7WloQ4v2UqcWSgv2L1qTffmcaC/
gcwD5oj/A0jkp5RJXfTKuMBWGkC9EraEoWcgAjB4D00uEf0bAn4mcD4JHFlnvazz
BHfIh8Q5qwvOKfGNKC91YR13yn24DKUfgUDiNVFKXsvNpQDn4UVwBrwBsavUKEPw
Bi9Z2I41AsprifkTBJd1B9d1NYMYN7LlgzkZLthJY0jhn3tJ2wo4QnYqYRhpFbus
Fm76pRBqp9i+oDdJJlSwfYjmszjoTdOH9FkQiECZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU94V53205MFesi6fOKNjbMiU9oSwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EyNDQxOWM2LWExMzgtNGZkMi04ODc1LTAxZGNlMGFmMGJjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjliAwDQYJKoZIhvcNAQELBQADggEBAGDPqtIf8gsFxAG9gyhl3l1dFbcm
GDmloFD2hqY71tj7vttRi1xAYyXZVGY0cSC1WnLA2Aebj01FuGnde3sxaub+xUFk
NOw1iDRCFTtlHwPTvkGslbhUNEbw2aS8/8GMYqlXWXc6jDJULBZ1KIkj6tD0rSQp
f/pg3WTc5WCmL1UyRhY5fVYw7+tG0D3znhlFN5Fg4hMPaGNJXbGSfmqVQIMwBWeX
HSAoD4ElZGKOHp5YwdBpQMz6K8/al18U/gLittO89djoLU6nXXLcvln67B/rjR2o
ozztIbeBBdvyPUCjjhpJ5GJnzmJohozFKhQJj2/lOec88s1WIbsl0+tju58=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:29 2025 by rpki-client