Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a4a0f84e-6c7f-4ea6-ae50-ccb0347d3b06.roa
File: a4a0f84e-6c7f-4ea6-ae50-ccb0347d3b06.roa (raw, json)
Hash identifier: 7xVC/aVTcngaZpBhj3b9RidrF71a+BjvDo+6PUNsYiI=
Subject key identifier: F8:FA:9B:4A:7B:A3:8F:6A:42:AF:4D:05:D1:03:CE:7E:96:CD:AD:1C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 68712B83787B55032A509ACEFC0A58F5EB8D468E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a4a0f84e-6c7f-4ea6-ae50-ccb0347d3b06.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 23.20.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:71:2b:83:78:7b:55:03:2a:50:9a:ce:fc:0a:58:f5:eb:8d:46:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=3f36021fa0df72f87790db1c58d1e7c53d3e93ee17c1d23c07924af8efc41594, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4d:55:d7:4d:89:78:16:6f:d0:5e:64:48:db:
f6:9a:ce:a8:78:19:b2:40:28:6f:f0:e7:fa:e8:60:
72:ce:6a:a9:44:e2:50:13:79:72:df:3b:1a:40:6c:
01:07:13:91:85:76:d2:1c:3d:d3:93:30:1b:dd:02:
45:b2:63:0e:a5:94:2a:ca:37:c1:09:28:64:d9:55:
55:d4:82:30:ea:f2:be:6d:9f:37:f1:8d:36:93:4d:
e8:ed:dd:5a:cc:81:5a:7b:b0:3b:bf:87:db:81:8d:
a9:bf:2c:16:dd:e4:ff:f2:6b:e5:aa:4f:e6:0c:1b:
71:38:e3:93:dc:b7:2c:f1:50:9d:29:d5:47:a7:b5:
84:03:5b:0f:5e:3d:99:53:c2:08:de:8d:3f:e7:0e:
2e:22:b9:95:13:4d:47:a5:68:c4:70:52:5d:41:7a:
9e:84:d4:d5:33:7e:1a:ab:41:e7:82:cd:c3:91:38:
6d:b8:12:41:53:47:00:59:2a:2f:78:fe:ce:15:cf:
3d:86:c5:9f:6d:0b:a7:c1:f5:18:3d:0e:2e:d1:c6:
5a:06:03:bf:46:84:c1:5c:8a:98:a8:b7:c7:5a:8d:
cc:e6:93:5c:60:f2:99:66:2e:1c:3b:04:60:7d:55:
2f:3d:ad:87:be:15:b7:30:57:8e:59:20:57:3d:d9:
d4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FA:9B:4A:7B:A3:8F:6A:42:AF:4D:05:D1:03:CE:7E:96:CD:AD:1C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a4a0f84e-6c7f-4ea6-ae50-ccb0347d3b06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
30:f1:d6:14:b5:d3:60:21:2d:b6:d1:1a:df:4b:cd:ac:d3:6c:
63:53:c3:2e:81:18:bc:48:0b:0f:cf:23:79:19:ec:42:b1:b3:
9d:54:42:a2:db:df:fa:ba:79:70:58:cc:9b:cd:2c:8f:29:30:
27:67:d9:01:75:88:91:eb:ec:82:ed:c7:a7:b4:47:15:d6:b2:
eb:21:7c:bd:7f:86:e1:5f:ea:ca:a0:e6:5f:f0:73:f0:d4:2a:
f8:8c:5d:8b:bb:8f:1a:93:65:a3:15:16:bf:3c:4b:87:bc:ce:
5a:ac:b1:a8:2c:e7:e7:0c:b2:d6:0b:53:b7:05:9e:66:b3:95:
b8:5c:99:c2:61:f8:e1:ca:79:5f:cf:55:2c:c9:f2:b4:c9:19:
ed:f6:f0:70:35:89:2c:80:20:27:c0:b1:a1:47:f0:e0:2f:0f:
51:b4:ef:d6:86:d4:c3:17:3a:b1:4a:2b:b9:3a:51:05:6d:39:
00:93:0a:cd:28:76:f8:e0:e3:c3:34:e0:8c:e5:5d:32:b7:e9:
5c:83:55:32:6e:08:41:e1:11:eb:6d:d8:36:ef:3c:5d:e6:2c:
66:9b:a1:ec:82:76:0d:49:7e:b2:51:a3:eb:2d:f4:ea:b4:a5:
8b:5e:88:bd:4f:f7:43:7d:e1:7e:ed:c7:3f:07:70:d9:a1:e9:
1e:56:8b:92
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaHErg3h7VQMqUJrO/ApY9euNRo4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZjM2MDIxZmEwZGY3MmY4Nzc5MGRiMWM1OGQxZTdjNTNk
M2U5M2VlMTdjMWQyM2MwNzkyNGFmOGVmYzQxNTk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgTVXXTYl4Fm/QXmRI2/aazqh4GbJAKG/w5/roYHLOaqlE
4lATeXLfOxpAbAEHE5GFdtIcPdOTMBvdAkWyYw6llCrKN8EJKGTZVVXUgjDq8r5t
nzfxjTaTTejt3VrMgVp7sDu/h9uBjam/LBbd5P/ya+WqT+YMG3E445PctyzxUJ0p
1UentYQDWw9ePZlTwgjejT/nDi4iuZUTTUelaMRwUl1Bep6E1NUzfhqrQeeCzcOR
OG24EkFTRwBZKi94/s4Vzz2GxZ9tC6fB9Rg9Di7RxloGA79GhMFcipiot8dajczm
k1xg8plmLhw7BGB9VS89rYe+FbcwV45ZIFc92dRVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+PqbSnujj2pCr00F0QPOfpbNrRwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E0YTBmODRlLTZjN2YtNGVhNi1hZTUwLWNjYjAzNDdkM2IwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIXFDANBgkqhkiG9w0BAQsFAAOCAQEAMPHWFLXTYCEtttEa30vNrNNsY1PD
LoEYvEgLD88jeRnsQrGznVRCotvf+rp5cFjMm80sjykwJ2fZAXWIkevsgu3Hp7RH
Fday6yF8vX+G4V/qyqDmX/Bz8NQq+Ixdi7uPGpNloxUWvzxLh7zOWqyxqCzn5wyy
1gtTtwWeZrOVuFyZwmH44cp5X89VLMnytMkZ7fbwcDWJLIAgJ8CxoUfw4C8PUbTv
1obUwxc6sUoruTpRBW05AJMKzSh2+ODjwzTgjOVdMrfpXINVMm4IQeER623YNu88
XeYsZpuh7IJ2DUl+slGj6y306rSli16IvU/3Q33hfu3HPwdw2aHpHlaLkg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:46:42 2025 by rpki-client