Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b225a997-c8e6-4667-b335-df5a2e61ef3c.roa
File: b225a997-c8e6-4667-b335-df5a2e61ef3c.roa (raw, json)
Hash identifier: DD2Uxmz+/t4MOp9fVW7IQtlikeznTCD6x5MbfnF+E80=
Subject key identifier: B9:9D:BE:D2:5C:35:5C:A6:7B:19:B8:5B:A0:7E:2C:F8:C6:41:FC:00
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 783675F95F3D0E16C65AE856EFB9ADB01B805C93
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b225a997-c8e6-4667-b335-df5a2e61ef3c.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 72.21.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:36:75:f9:5f:3d:0e:16:c6:5a:e8:56:ef:b9:ad:b0:1b:80:5c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:b9:53:3f:a2:f6:5a:48:f9:45:59:0d:f2:
71:c5:1e:9f:a0:e4:7f:40:ee:02:d8:69:04:82:25:
bd:de:0c:63:fd:1f:7e:6a:72:3f:a9:fd:10:49:30:
a0:ee:89:56:1f:5a:af:57:18:3c:cc:41:0b:d9:c1:
6c:3b:c0:3c:07:0c:d7:3e:da:e6:46:96:4c:d3:86:
b9:f0:5d:64:1c:21:81:b3:44:cc:e8:2f:18:4f:ab:
3a:4e:24:e2:66:97:be:62:0c:ef:b2:64:62:f3:fe:
1a:65:c2:b1:c9:89:e3:02:5e:7f:11:76:81:d8:f0:
ae:31:53:1e:c3:c6:23:92:3a:b1:b6:eb:39:a6:69:
df:ef:b0:1a:7d:ad:93:b9:18:e3:cf:0e:c7:bf:47:
d7:b1:41:23:bb:88:16:76:14:a8:0a:b5:be:bb:d8:
b6:d2:8a:dc:0b:2d:1b:90:d1:ee:bc:ce:bf:e2:6c:
97:81:b5:d0:21:b1:f9:db:f8:09:ca:81:f9:8a:5e:
d1:f2:e3:5d:f8:d9:d2:5e:2d:ea:29:a3:8a:ab:65:
10:ca:e2:28:8b:d5:ed:92:97:de:90:20:ad:29:dd:
76:04:b3:ed:4f:7a:8a:10:5c:37:c3:fd:d3:d5:7a:
4c:a7:4f:b8:33:cf:70:4f:73:0d:41:bf:cc:ac:49:
43:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9D:BE:D2:5C:35:5C:A6:7B:19:B8:5B:A0:7E:2C:F8:C6:41:FC:00
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b225a997-c8e6-4667-b335-df5a2e61ef3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.21.128.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:9c:dc:7b:ff:e5:aa:e8:c9:70:b8:7e:57:f0:cf:52:a0:3d:
89:96:d6:5b:4a:a4:9b:bf:64:1f:fa:3b:2c:77:d3:f7:47:84:
06:61:35:ce:2b:23:81:2f:01:55:64:7f:98:5a:b3:a6:e6:d2:
06:dd:b7:18:b9:bb:4e:3c:f5:eb:d4:34:7d:03:13:0a:5f:dd:
b5:d9:02:b3:42:6d:7e:c8:16:46:a0:04:3e:e2:d6:9a:6b:b3:
85:01:24:7f:8a:cb:b5:64:01:06:7f:b0:97:2a:8b:9b:8c:58:
94:6c:8f:49:09:2a:ef:78:c0:87:3d:87:7a:ee:9c:60:ac:f1:
33:1b:f4:a6:66:16:c6:fe:70:f9:4b:f6:e5:3f:38:e8:05:77:
44:33:6e:62:10:b6:4b:56:8c:bd:e4:87:75:b3:2e:f8:83:a3:
e1:f8:97:ea:26:01:fe:59:de:54:5e:da:ee:7c:ce:1f:c5:8a:
f7:8b:20:d9:ab:ac:2c:8c:fb:20:15:78:2d:aa:71:0e:5c:14:
c4:45:e2:cc:ea:28:97:d1:bb:f5:8a:f5:e9:0f:f5:34:02:16:
b1:df:d1:e9:a2:c3:ac:f4:74:84:fa:0e:b5:4d:71:5f:f1:1d:
28:7e:28:81:21:b3:13:46:fb:cf:3e:d6:b3:a7:ac:70:e4:6a:
46:73:ef:e6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeDZ1+V89DhbGWuhW77mtsBuAXJMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2M2EzZDZhYWI4ZDExZTdkNzcwZTkxMDhiMjRjNGQ5OTAx
Nzg2YjgxMWNjNTIyZjQ3Y2NmOGNlMzI4NTA1NjE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5jblTP6L2Wkj5RVkN8nHFHp+g5H9A7gLYaQSCJb3eDGP9
H35qcj+p/RBJMKDuiVYfWq9XGDzMQQvZwWw7wDwHDNc+2uZGlkzThrnwXWQcIYGz
RMzoLxhPqzpOJOJml75iDO+yZGLz/hplwrHJieMCXn8RdoHY8K4xUx7DxiOSOrG2
6zmmad/vsBp9rZO5GOPPDse/R9exQSO7iBZ2FKgKtb672LbSitwLLRuQ0e68zr/i
bJeBtdAhsfnb+AnKgfmKXtHy41342dJeLeopo4qrZRDK4iiL1e2Sl96QIK0p3XYE
s+1PeooQXDfD/dPVekynT7gzz3BPcw1Bv8ysSUMPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuZ2+0lw1XKZ7GbhboH4s+MZB/AAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IyMjVhOTk3LWM4ZTYtNDY2Ny1iMzM1LWRmNWEyZTYxZWYzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVIFYAwDQYJKoZIhvcNAQELBQADggEBAEqc3Hv/5aroyXC4flfwz1KgPYmW
1ltKpJu/ZB/6Oyx30/dHhAZhNc4rI4EvAVVkf5has6bm0gbdtxi5u0489evUNH0D
Ewpf3bXZArNCbX7IFkagBD7i1pprs4UBJH+Ky7VkAQZ/sJcqi5uMWJRsj0kJKu94
wIc9h3runGCs8TMb9KZmFsb+cPlL9uU/OOgFd0QzbmIQtktWjL3kh3WzLviDo+H4
l+omAf5Z3lRe2u58zh/FiveLINmrrCyM+yAVeC2qcQ5cFMRF4szqKJfRu/WK9ekP
9TQCFrHf0emiw6z0dIT6DrVNcV/xHSh+KIEhsxNG+88+1rOnrHDkakZz7+Y=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:09 2025 by rpki-client