Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a75e66e8-22d7-423e-ace1-2067e009c37e.roa
File: a75e66e8-22d7-423e-ace1-2067e009c37e.roa (raw, json)
Hash identifier: tvfv+8ORAKc1h7AP51BlzMDmAOH8fm/oni5akPAL2tg=
Subject key identifier: 12:00:AA:BA:E4:02:96:26:08:AE:EC:DF:2B:C6:75:34:0C:C1:B3:C0
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7D34FC607FA1064E4CA6D820A576767C49381498
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a75e66e8-22d7-423e-ace1-2067e009c37e.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 104.194.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:34:fc:60:7f:a1:06:4e:4c:a6:d8:20:a5:76:76:7c:49:38:14:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=ab65cffe8b3bc43e4db5b5f074d90ecb8d2cb24a3b7c080750a9d3c075937c47, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:6b:7e:3f:a4:48:40:1d:15:aa:58:58:a9:
25:39:de:0f:7e:f9:d7:ec:ed:a0:9a:c5:c9:7e:f5:
0f:ee:6e:37:96:c7:6d:cc:12:fe:94:e8:ec:df:1d:
68:4f:3f:7d:51:7d:c7:6b:33:94:8d:9c:94:3a:7a:
af:16:8b:db:56:08:a3:58:aa:c8:ba:fc:00:5a:4d:
23:3f:e5:9b:5a:62:ad:81:f6:73:7d:00:b6:7c:8a:
d6:ca:27:be:39:86:34:b9:40:b2:f0:09:1e:46:94:
fa:c6:a8:12:71:a0:94:d5:11:30:68:6a:40:77:1c:
51:56:55:fd:4b:a1:8c:9f:89:e4:96:c0:21:a9:67:
bf:4b:20:e6:9e:61:c0:54:6c:83:a8:78:3c:6e:e1:
a6:d3:b8:c6:6d:34:d9:71:f2:b1:15:3c:57:f4:3d:
ad:e2:c9:f1:77:22:9a:d0:5b:fc:45:35:64:be:fd:
cb:06:36:42:4e:7b:1f:65:c5:82:53:40:78:23:b4:
1e:8b:bb:68:0a:2b:a7:32:85:42:da:dd:fb:14:db:
d4:2a:e8:4c:fa:1d:02:d4:46:17:7e:51:4d:a0:66:
3c:56:b0:07:2d:74:27:4f:20:c6:f6:fa:40:49:b3:
24:47:c2:cb:e8:87:08:6e:da:d6:23:00:61:37:e9:
ed:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:00:AA:BA:E4:02:96:26:08:AE:EC:DF:2B:C6:75:34:0C:C1:B3:C0
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a75e66e8-22d7-423e-ace1-2067e009c37e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.194.224.0/19
Signature Algorithm: sha256WithRSAEncryption
ac:f7:2d:51:56:98:89:7d:36:f6:0a:71:60:75:ac:06:bc:3b:
a3:37:fe:e7:27:14:fe:09:52:31:9f:25:7e:3e:a6:98:b4:77:
d9:2c:d1:cb:01:eb:3b:67:f3:8f:12:23:d3:99:85:3c:70:ee:
cf:26:43:f3:0b:bc:c3:e5:1e:5f:24:e9:bc:0c:51:2b:75:e4:
76:32:08:3e:81:f1:8f:a2:58:7a:45:84:8c:64:e8:70:a8:38:
a6:5d:9f:73:f4:af:23:cd:aa:5f:2a:c3:51:89:7e:c9:e0:f5:
b4:51:15:89:eb:a8:5b:95:3e:c1:54:50:1c:e5:8f:a1:0d:5c:
a6:c7:05:df:d9:34:38:c2:ad:a4:10:bc:e4:ff:c3:21:d2:ae:
f9:53:f4:21:ea:2a:3f:84:5c:e6:fb:3d:3f:3c:23:4c:c9:d2:
53:76:3f:66:b3:7b:eb:8d:b2:c4:82:3a:cc:47:4e:c6:70:95:
32:04:f5:e6:26:2b:27:55:fa:cb:40:bf:65:33:e2:fc:77:51:
a1:ec:25:7f:ca:c2:71:7c:e5:04:41:39:e7:e1:94:0a:7d:6c:
e3:44:c8:24:5e:ed:b1:3e:a8:17:fc:4e:a8:9f:cc:8e:b1:57:
b9:82:c8:06:5c:7d:a0:f2:7e:1b:65:17:11:65:a6:7f:5e:fd:
4a:5e:81:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfTT8YH+hBk5MptggpXZ2fEk4FJgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjY1Y2ZmZThiM2JjNDNlNGRiNWI1ZjA3NGQ5MGVjYjhk
MmNiMjRhM2I3YzA4MDc1MGE5ZDNjMDc1OTM3YzQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwY2t+P6RIQB0VqlhYqSU53g9++dfs7aCaxcl+9Q/ubjeW
x23MEv6U6OzfHWhPP31RfcdrM5SNnJQ6eq8Wi9tWCKNYqsi6/ABaTSM/5ZtaYq2B
9nN9ALZ8itbKJ745hjS5QLLwCR5GlPrGqBJxoJTVETBoakB3HFFWVf1LoYyfieSW
wCGpZ79LIOaeYcBUbIOoeDxu4abTuMZtNNlx8rEVPFf0Pa3iyfF3IprQW/xFNWS+
/csGNkJOex9lxYJTQHgjtB6Lu2gKK6cyhULa3fsU29Qq6Ez6HQLURhd+UU2gZjxW
sActdCdPIMb2+kBJsyRHwsvohwhu2tYjAGE36e1LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEgCquuQCliYIruzfK8Z1NAzBs8AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3NWU2NmU4LTIyZDctNDIzZS1hY2UxLTIwNjdlMDA5YzM3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVowuAwDQYJKoZIhvcNAQELBQADggEBAKz3LVFWmIl9NvYKcWB1rAa8O6M3
/ucnFP4JUjGfJX4+ppi0d9ks0csB6ztn848SI9OZhTxw7s8mQ/MLvMPlHl8k6bwM
USt15HYyCD6B8Y+iWHpFhIxk6HCoOKZdn3P0ryPNql8qw1GJfsng9bRRFYnrqFuV
PsFUUBzlj6ENXKbHBd/ZNDjCraQQvOT/wyHSrvlT9CHqKj+EXOb7PT88I0zJ0lN2
P2aze+uNssSCOsxHTsZwlTIE9eYmKydV+stAv2Uz4vx3UaHsJX/KwnF85QRBOefh
lAp9bONEyCRe7bE+qBf8TqifzI6xV7mCyAZcfaDyfhtlFxFlpn9e/UpegQc=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:46:56 2025 by rpki-client