Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a339597e-b365-4c5c-be3c-0f0f1c679a69.roa
File: a339597e-b365-4c5c-be3c-0f0f1c679a69.roa (raw, json)
Hash identifier: gpHCct4bAn160Ss8o8X2YZM9x5L3ib66Ia7G7nOW3TQ=
Subject key identifier: 72:41:16:7E:C9:15:AE:61:5E:6F:8A:CC:40:F6:5B:02:CB:3B:D9:B8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3CA5E92ABD2F170A98C7D0999FB7747CB09A3168
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a339597e-b365-4c5c-be3c-0f0f1c679a69.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 56.69.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a5:e9:2a:bd:2f:17:0a:98:c7:d0:99:9f:b7:74:7c:b0:9a:31:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c3:7c:fb:32:34:61:64:f5:bb:4e:17:3b:0e:
a3:9d:83:4b:e0:5c:f1:f3:06:34:1f:b1:b3:d5:f4:
dd:b1:79:80:6a:bc:07:ae:cb:13:13:68:c2:88:d2:
44:53:ee:e1:cd:6b:d4:18:43:d9:62:28:7b:f4:12:
a4:da:a6:07:6e:d5:97:e3:5f:74:96:03:5d:e1:e3:
27:45:15:40:0b:fc:69:49:6e:88:24:aa:00:0a:b6:
49:42:9a:e7:1b:e3:93:c3:9a:a1:f1:66:50:26:cd:
10:3a:1a:cc:56:6d:f6:b1:0f:a6:21:3b:ab:fd:6b:
36:a9:66:2f:34:d8:b8:93:bb:8c:f7:7c:30:5b:42:
de:35:13:4d:aa:4c:c0:36:9c:30:1b:55:93:d2:39:
8f:2f:87:2d:42:de:ca:c7:08:61:e9:5d:70:31:3e:
7f:fd:7c:89:4b:0f:44:05:61:c2:1f:78:df:aa:98:
ac:07:6d:4b:18:be:57:e2:bb:3f:51:70:4f:05:70:
e5:dc:3d:e8:e6:d7:63:11:9c:5e:60:83:2d:e1:84:
61:27:9b:70:a6:04:ca:d3:e7:89:c6:63:ec:6c:c9:
90:b0:1c:d2:b2:78:16:67:36:40:23:a2:89:ab:8d:
5f:dd:d5:c3:b7:14:fb:2e:e6:89:8c:29:8d:3d:37:
33:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:41:16:7E:C9:15:AE:61:5E:6F:8A:CC:40:F6:5B:02:CB:3B:D9:B8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a339597e-b365-4c5c-be3c-0f0f1c679a69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:8c:07:4e:a8:0d:09:9e:f2:69:d4:8f:12:44:c1:2a:2a:e6:
45:9a:94:45:f8:b6:b9:71:9b:49:02:ec:f1:20:05:8f:27:99:
fa:aa:83:91:40:16:6d:8c:e4:03:45:5d:11:39:2e:9b:c0:46:
d4:a9:90:ef:5c:17:b9:6e:d2:57:26:e1:2a:c7:b9:e0:88:d9:
97:74:24:fa:6b:15:37:1c:e1:68:85:34:fe:66:39:18:0e:d4:
a2:91:1f:1c:88:c2:15:21:cd:0b:2d:80:f9:d2:13:33:71:a7:
7c:a9:0e:41:2e:5e:a7:32:32:e9:7f:ac:01:50:d9:c2:f1:b0:
65:5f:07:de:13:77:ad:76:a6:a3:20:aa:01:80:52:d8:6d:3a:
85:86:04:65:c1:94:a3:b9:58:91:6d:fc:b1:84:c2:79:6f:5f:
38:73:ef:53:23:1d:70:26:53:7b:b9:5b:78:4d:25:bc:10:7b:
d7:3d:45:a4:3f:84:84:40:37:68:a6:34:a3:41:4b:32:c8:eb:
68:40:3e:dc:e1:d3:6b:7f:a5:f2:60:05:90:f8:ab:e9:3d:8a:
50:ed:16:1d:0a:5a:21:c0:8e:21:63:5f:61:4e:75:bf:b0:1f:
fb:87:a7:87:e4:05:fc:b8:c4:44:c0:93:96:1e:22:1c:92:f0:
3e:37:b7:8c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPKXpKr0vFwqYx9CZn7d0fLCaMWgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNTkwZjMxMDUxYmUyODMzMGU0YTRlNzY5ZjIyYmM5MWI3
YmU5YWZiMDEwOTRhZTQwNTFiMGUzM2JjMWM5YThlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVw3z7MjRhZPW7Thc7DqOdg0vgXPHzBjQfsbPV9N2xeYBq
vAeuyxMTaMKI0kRT7uHNa9QYQ9liKHv0EqTapgdu1ZfjX3SWA13h4ydFFUAL/GlJ
bogkqgAKtklCmucb45PDmqHxZlAmzRA6GsxWbfaxD6YhO6v9azapZi802LiTu4z3
fDBbQt41E02qTMA2nDAbVZPSOY8vhy1C3srHCGHpXXAxPn/9fIlLD0QFYcIfeN+q
mKwHbUsYvlfiuz9RcE8FcOXcPejm12MRnF5ggy3hhGEnm3CmBMrT54nGY+xsyZCw
HNKyeBZnNkAjoomrjV/d1cO3FPsu5omMKY09NzMBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUckEWfskVrmFeb4rMQPZbAss72bgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EzMzk1OTdlLWIzNjUtNGM1Yy1iZTNjLTBmMGYxYzY3OWE2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4RTANBgkqhkiG9w0BAQsFAAOCAQEAm4wHTqgNCZ7yadSPEkTBKirmRZqU
Rfi2uXGbSQLs8SAFjyeZ+qqDkUAWbYzkA0VdETkum8BG1KmQ71wXuW7SVybhKse5
4IjZl3Qk+msVNxzhaIU0/mY5GA7UopEfHIjCFSHNCy2A+dITM3GnfKkOQS5epzIy
6X+sAVDZwvGwZV8H3hN3rXamoyCqAYBS2G06hYYEZcGUo7lYkW38sYTCeW9fOHPv
UyMdcCZTe7lbeE0lvBB71z1FpD+EhEA3aKY0o0FLMsjraEA+3OHTa3+l8mAFkPir
6T2KUO0WHQpaIcCOIWNfYU51v7Af+4enh+QF/LjERMCTlh4iHJLwPje3jA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:40 2025 by rpki-client