Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adb1acaf-d7d9-4e16-883d-5d2b3900c796.roa
File: adb1acaf-d7d9-4e16-883d-5d2b3900c796.roa (raw, json)
Hash identifier: 0jKkyXHtl6QkoVUy1l9GLM/Lur6U7XeUtOTzg7Fkmp0=
Subject key identifier: E6:55:E4:F6:D0:44:9B:AA:31:3D:8D:D1:13:06:29:2F:84:3D:50:99
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2DF07782990246F75966AF652B0BB33666C2DEF4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adb1acaf-d7d9-4e16-883d-5d2b3900c796.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.62.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f0:77:82:99:02:46:f7:59:66:af:65:2b:0b:b3:36:66:c2:de:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=001ced8926748f36a737a09b3fb7d13c9fec0ba284987ac77edb8ee6660058a2, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:06:f3:da:97:27:04:c3:0b:50:71:84:08:3f:
20:e0:48:13:69:9c:b3:c9:f4:c5:f0:f4:a1:50:22:
f6:b8:ac:e8:87:50:a3:bf:ae:71:43:ab:13:be:59:
4a:49:30:6c:59:5d:20:02:f0:dc:9c:4d:5d:6d:d0:
06:65:70:e6:d5:4e:c0:43:a3:65:fa:9f:d1:49:21:
72:13:54:cc:36:10:f6:45:cc:ce:f8:95:79:73:e6:
51:d1:32:b6:bc:34:20:b0:b3:8f:53:ca:04:e8:b9:
b9:5a:53:b3:46:24:f1:1e:80:95:40:6d:be:27:ea:
ec:73:14:38:74:94:31:84:9e:de:53:57:4e:f3:9a:
7e:9a:b8:61:b6:0f:0a:3b:0f:26:94:6c:5b:ce:7d:
1d:12:2b:93:4c:af:3e:01:c7:1f:92:fe:c1:f2:43:
e0:5c:e7:54:18:d8:b1:58:eb:53:a2:8d:71:83:d1:
c5:f4:00:36:d4:82:20:1c:52:fb:a2:3c:77:ad:37:
e3:94:9f:49:93:48:42:56:71:ca:1f:6f:71:01:9b:
b0:d5:80:27:d4:a4:03:46:c9:b6:79:7e:a2:ea:9b:
6a:c3:6e:7c:3c:fe:a8:73:6c:fe:95:b5:c0:fd:5d:
ae:4f:4c:52:9b:64:c7:b4:9e:a6:55:0b:a3:8e:62:
da:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:55:E4:F6:D0:44:9B:AA:31:3D:8D:D1:13:06:29:2F:84:3D:50:99
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adb1acaf-d7d9-4e16-883d-5d2b3900c796.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.62.0.0/15
Signature Algorithm: sha256WithRSAEncryption
af:cf:0e:21:c8:2f:66:29:26:b4:5e:ae:5b:92:b6:06:31:e5:
54:2b:d3:2b:5c:52:6b:23:c1:46:87:0c:8e:3b:c5:45:db:5c:
b4:3d:97:40:a3:33:26:9c:77:d9:01:97:7d:60:e4:fa:1f:57:
24:15:bb:49:65:ab:97:02:5c:08:13:9f:21:da:0c:68:d4:c9:
08:54:94:98:f5:e1:36:30:18:4c:ea:c2:e5:24:bc:32:e0:ac:
d3:dd:af:bc:16:14:7f:0b:21:2f:84:d8:74:30:99:9e:38:2f:
90:41:64:f9:35:ac:89:4b:de:95:6e:b9:21:72:95:9f:f1:c7:
44:f9:3d:6c:07:c5:c6:bf:ae:cf:f7:c9:2d:71:dc:7e:f9:06:
11:42:31:90:6c:c7:5c:ee:03:86:a6:cc:aa:c6:c0:36:65:5a:
1a:1c:9f:9e:5d:be:44:6e:cb:e5:4b:e6:44:1a:06:c9:11:49:
86:88:50:a1:de:24:f3:20:e0:de:a1:5b:ab:e8:87:fb:43:b3:
65:c9:dc:ce:b3:3e:0a:fb:50:54:13:18:4a:60:79:e3:8a:a7:
6e:e1:a2:a8:d1:b3:46:e4:6d:3a:80:5f:6d:c5:ad:97:77:fe:
7c:08:1c:d1:c3:50:42:a8:1b:55:99:e7:6b:70:09:71:1e:68:
ab:62:d7:0a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULfB3gpkCRvdZZq9lKwuzNmbC3vQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDFjZWQ4OTI2NzQ4ZjM2YTczN2EwOWIzZmI3ZDEzYzlm
ZWMwYmEyODQ5ODdhYzc3ZWRiOGVlNjY2MDA1OGEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvBvPalycEwwtQcYQIPyDgSBNpnLPJ9MXw9KFQIva4rOiH
UKO/rnFDqxO+WUpJMGxZXSAC8NycTV1t0AZlcObVTsBDo2X6n9FJIXITVMw2EPZF
zM74lXlz5lHRMra8NCCws49TygToublaU7NGJPEegJVAbb4n6uxzFDh0lDGEnt5T
V07zmn6auGG2Dwo7DyaUbFvOfR0SK5NMrz4Bxx+S/sHyQ+Bc51QY2LFY61OijXGD
0cX0ADbUgiAcUvuiPHetN+OUn0mTSEJWccofb3EBm7DVgCfUpANGybZ5fqLqm2rD
bnw8/qhzbP6VtcD9Xa5PTFKbZMe0nqZVC6OOYtrfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5lXk9tBEm6oxPY3REwYpL4Q9UJkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FkYjFhY2FmLWQ3ZDktNGUxNi04ODNkLTVkMmIzOTAwYzc5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQPjANBgkqhkiG9w0BAQsFAAOCAQEAr88OIcgvZikmtF6uW5K2BjHlVCvT
K1xSayPBRocMjjvFRdtctD2XQKMzJpx32QGXfWDk+h9XJBW7SWWrlwJcCBOfIdoM
aNTJCFSUmPXhNjAYTOrC5SS8MuCs092vvBYUfwshL4TYdDCZnjgvkEFk+TWsiUve
lW65IXKVn/HHRPk9bAfFxr+uz/fJLXHcfvkGEUIxkGzHXO4DhqbMqsbANmVaGhyf
nl2+RG7L5UvmRBoGyRFJhohQod4k8yDg3qFbq+iH+0OzZcnczrM+CvtQVBMYSmB5
44qnbuGiqNGzRuRtOoBfbcWtl3f+fAgc0cNQQqgbVZnna3AJcR5oq2LXCg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:54:27 2025 by rpki-client