Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa
File: b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa (raw, json)
Hash identifier: HME2KsKa3/SY+R/gkPqrSLmDvbzoeNzf9uLfCF8YV64=
Subject key identifier: 0C:17:66:39:46:9C:78:BA:32:83:99:BA:CF:2C:D7:24:24:9C:8B:75
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2579E0CE692FC0B6E8D6FC762B55362C10A7170F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa
Signing time: Tue 08 Jul 2025 16:12:04 +0000
ROA not before: Tue 08 Jul 2025 16:12:04 +0000
ROA not after: Tue 12 Aug 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1ffb:2000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:79:e0:ce:69:2f:c0:b6:e8:d6:fc:76:2b:55:36:2c:10:a7:17:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jul 8 16:12:04 2025 GMT
Not After : Aug 12 23:59:59 2025 GMT
Subject: serialNumber=70736a956c675a5d4709fc2912e81e6214b7d25a9512ca858aaa6ed024c2f812, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:59:ca:17:cf:6e:c8:c2:1a:a1:a5:b1:b1:70:
b7:fe:8f:9e:f5:34:4a:96:2b:b0:49:94:91:f1:f1:
2a:5b:36:85:30:5f:de:15:51:d8:4b:3e:06:d5:38:
9e:16:df:20:5b:dd:51:86:9a:91:53:1f:f7:f2:01:
0c:84:fb:56:bc:38:71:d2:13:a2:68:1e:52:f9:50:
e6:d9:ea:36:9f:6d:e6:15:b0:73:5a:10:7b:bc:35:
c4:9d:cc:55:b2:29:fc:21:48:3e:7f:f7:ba:e8:a1:
ea:58:2b:e1:5a:fc:32:39:b9:4a:9c:13:67:42:c4:
95:52:c3:ef:18:96:43:8a:cd:67:02:0e:53:84:b1:
e2:eb:97:e6:66:67:7c:fa:99:1d:21:74:28:c0:e5:
d1:5c:3b:b1:2e:17:da:a5:99:5f:f6:72:ae:b6:b7:
4f:f8:a0:58:81:57:ca:83:1c:fd:df:24:e9:6e:1b:
1d:f3:ae:e5:2d:ec:1d:8c:8a:2d:10:f6:a0:31:40:
89:e4:e6:ec:f8:74:76:8a:72:aa:2f:ab:72:83:0f:
fc:a6:c3:cf:e1:a0:db:ed:3a:99:fb:ed:a1:9a:41:
de:74:18:fa:44:d1:9c:65:26:6e:42:d7:9f:db:7d:
17:a7:62:ef:f5:ed:85:07:a4:8f:1a:a7:6f:28:73:
43:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:17:66:39:46:9C:78:BA:32:83:99:BA:CF:2C:D7:24:24:9C:8B:75
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ffb:2000::/40
Signature Algorithm: sha256WithRSAEncryption
73:e2:e3:6b:dd:79:cb:c3:1b:d1:58:34:9c:24:53:fc:0c:01:
dd:31:9a:de:7a:bd:24:ea:ee:44:28:2c:8e:8e:7c:04:aa:4f:
c2:ec:17:1b:c5:4c:d3:89:27:3a:42:cc:e7:77:28:bc:81:08:
b3:ae:7d:d3:f5:a0:01:2c:9c:e6:d9:44:a1:30:d0:df:e7:26:
c6:71:7c:12:65:96:ce:a5:b9:47:cd:15:76:78:ae:ab:96:e6:
7d:32:c8:90:5d:03:12:f3:0c:f2:58:1d:94:63:e7:d7:87:ca:
5c:38:a9:16:42:a0:2f:67:78:2f:57:84:11:e1:6e:cc:c3:ad:
f1:cd:ce:bd:43:ed:04:cc:6b:50:44:5d:49:e9:66:1a:18:f6:
11:98:df:88:9a:40:59:c4:2f:41:d9:85:de:e9:2c:dc:81:ed:
cd:c0:01:29:c8:f5:7b:14:51:05:a9:4e:ac:53:23:b9:05:02:
87:ed:77:d2:85:2a:b9:21:47:e0:7f:48:7e:c1:a2:db:63:65:
17:b2:50:5b:d9:c5:88:52:88:a9:e3:36:91:3f:43:60:ad:d1:
c3:90:aa:8a:e9:11:d4:fc:76:73:9c:d4:8c:20:1c:2a:53:5f:
01:9e:06:19:ea:cf:e7:8e:0a:c5:13:fb:a6:71:8f:32:55:80:
fe:30:2d:7f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJXngzmkvwLbo1vx2K1U2LBCnFw8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYxMjA0WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDczNmE5NTZjNjc1YTVkNDcwOWZjMjkxMmU4MWU2MjE0
YjdkMjVhOTUxMmNhODU4YWFhNmVkMDI0YzJmODEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdWcoXz27IwhqhpbGxcLf+j571NEqWK7BJlJHx8SpbNoUw
X94VUdhLPgbVOJ4W3yBb3VGGmpFTH/fyAQyE+1a8OHHSE6JoHlL5UObZ6jafbeYV
sHNaEHu8NcSdzFWyKfwhSD5/97rooepYK+Fa/DI5uUqcE2dCxJVSw+8YlkOKzWcC
DlOEseLrl+ZmZ3z6mR0hdCjA5dFcO7EuF9qlmV/2cq62t0/4oFiBV8qDHP3fJOlu
Gx3zruUt7B2Mii0Q9qAxQInk5uz4dHaKcqovq3KDD/ymw8/hoNvtOpn77aGaQd50
GPpE0ZxlJm5C15/bfRenYu/17YUHpI8ap28oc0OBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUDBdmOUaceLoyg5m6zyzXJCSci3UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I1ZDVlOWQyLWNkYTctNGExYi05N2E5LTNkYjA1OTY3NmIxNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/7IDANBgkqhkiG9w0BAQsFAAOCAQEAc+Lja915y8Mb0Vg0nCRT/AwB
3TGa3nq9JOruRCgsjo58BKpPwuwXG8VM04knOkLM53covIEIs6590/WgASyc5tlE
oTDQ3+cmxnF8EmWWzqW5R80Vdniuq5bmfTLIkF0DEvMM8lgdlGPn14fKXDipFkKg
L2d4L1eEEeFuzMOt8c3OvUPtBMxrUERdSelmGhj2EZjfiJpAWcQvQdmF3uks3IHt
zcABKcj1exRRBalOrFMjuQUCh+130oUquSFH4H9IfsGi22NlF7JQW9nFiFKIqeM2
kT9DYK3Rw5CqiukR1Px2c5zUjCAcKlNfAZ4GGerP544KxRP7pnGPMlWA/jAtfw==
-----END CERTIFICATE-----
Generated at Thu Sep 18 10:39:26 2025 by rpki-client