Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b6ab3625-8983-415d-b4cd-9df051f6a65c.roa
File: b6ab3625-8983-415d-b4cd-9df051f6a65c.roa (raw, json)
Hash identifier: C4mnDrV/bLhImcbk4lSul9psDLHXq4h2UXRRMlqMYD4=
Subject key identifier: 1D:B3:F5:3C:56:23:E8:42:8A:D0:64:CA:C1:2F:02:04:F8:64:7B:3B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 06AF43A8F96C7DCABC267D52D400447B9BFD195F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b6ab3625-8983-415d-b4cd-9df051f6a65c.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 54.109.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:af:43:a8:f9:6c:7d:ca:bc:26:7d:52:d4:00:44:7b:9b:fd:19:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:af:43:b1:17:dc:70:42:9a:11:8a:e0:de:a7:
61:34:8b:bd:83:e3:2e:79:fd:6a:62:eb:95:d0:f5:
8b:ce:ee:d8:b0:60:72:5d:88:d9:55:29:07:e6:82:
d9:6e:90:a5:71:3f:db:8b:f4:6c:60:22:9d:ae:0a:
81:47:20:87:95:01:ec:03:59:5a:0b:d4:f1:57:22:
ee:95:26:f5:7d:b5:21:2b:da:95:e7:f6:c0:a3:d8:
21:ff:dc:5e:b5:d6:6e:a1:7f:6c:58:66:83:89:9c:
86:0b:65:1d:b0:f4:08:04:37:b2:e1:06:d1:e6:39:
07:16:02:ee:67:8d:6a:8d:57:36:ea:27:26:f2:0e:
48:eb:f4:86:46:db:c9:19:ce:3a:f3:fa:92:cd:65:
33:4d:79:bb:c4:97:9f:c6:49:b6:5b:0f:a1:15:65:
62:a2:a2:24:0f:fe:03:1b:9c:34:91:ac:7d:04:ea:
4c:5d:b5:8b:dd:f2:f6:9a:21:41:e4:b9:67:55:e7:
02:ff:0e:a6:1f:4c:a1:8c:2f:f1:34:b1:f6:7e:2a:
8f:04:a1:c2:37:e2:38:ff:78:db:64:09:fc:31:b3:
e1:0a:a1:c9:43:5b:c9:b8:d6:c7:17:7c:89:15:b2:
d1:cb:06:3f:3c:4f:6f:ef:31:40:63:98:56:ff:3b:
ce:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B3:F5:3C:56:23:E8:42:8A:D0:64:CA:C1:2F:02:04:F8:64:7B:3B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b6ab3625-8983-415d-b4cd-9df051f6a65c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
54.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:a5:70:9b:77:b4:93:33:be:da:ec:fd:7b:0c:50:7f:3e:e4:
83:b2:f0:87:28:35:c9:89:9e:a9:25:3e:64:f1:ca:3b:a2:56:
7e:d8:9a:2f:e8:cf:84:68:62:64:b9:6d:f0:3a:07:15:29:54:
c2:d5:a8:04:57:94:72:28:6c:c6:e9:b9:93:f7:9a:88:49:8c:
ef:e3:ca:29:28:5c:48:62:da:35:cb:42:52:7a:6c:a5:9d:60:
01:d0:c6:fa:65:29:a9:c2:ca:f5:e9:5f:6e:04:d3:fa:b2:e4:
80:5e:52:bc:a9:99:a1:47:3d:06:20:5d:95:1d:19:8a:34:6b:
f4:34:f0:a3:b5:30:f9:7a:66:8b:5f:03:3f:7c:eb:69:fb:08:
90:f9:84:9c:59:e5:d2:c1:04:fc:e7:a0:bf:be:b3:0d:cf:ba:
b6:b2:95:5a:d6:7d:f0:ac:bd:ab:d1:91:bd:f2:e8:fb:c0:35:
4d:f1:8b:b5:d2:50:b8:e0:22:8d:99:b1:ac:f7:b3:dc:8b:8c:
8f:54:c7:8b:67:50:e2:77:6d:02:6d:2e:b1:2f:8a:5e:af:8a:
7e:e7:10:35:9e:75:5a:e2:28:b2:da:23:38:74:0b:25:ad:ee:
fa:8f:ae:05:e4:dd:d0:73:87:88:5c:b1:d6:83:97:2f:7a:59:
a6:07:a3:1d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBq9DqPlsfcq8Jn1S1ABEe5v9GV8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyN2MxMWFiN2I1MzE2MjNiYTM2MTgwOGM4Y2UyNTFkMzFh
Y2M5YzUyNzc3OWIwZGQ0YTQwMTlmMzg2NzdmOTRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyr0OxF9xwQpoRiuDep2E0i72D4y55/Wpi65XQ9YvO7tiw
YHJdiNlVKQfmgtlukKVxP9uL9GxgIp2uCoFHIIeVAewDWVoL1PFXIu6VJvV9tSEr
2pXn9sCj2CH/3F611m6hf2xYZoOJnIYLZR2w9AgEN7LhBtHmOQcWAu5njWqNVzbq
JybyDkjr9IZG28kZzjrz+pLNZTNNebvEl5/GSbZbD6EVZWKioiQP/gMbnDSRrH0E
6kxdtYvd8vaaIUHkuWdV5wL/DqYfTKGML/E0sfZ+Ko8EocI34jj/eNtkCfwxs+EK
oclDW8m41scXfIkVstHLBj88T2/vMUBjmFb/O85DAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUHbP1PFYj6EKK0GTKwS8CBPhkezswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I2YWIzNjI1LTg5ODMtNDE1ZC1iNGNkLTlkZjA1MWY2YTY1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2bTANBgkqhkiG9w0BAQsFAAOCAQEAVKVwm3e0kzO+2uz9ewxQfz7kg7Lw
hyg1yYmeqSU+ZPHKO6JWftiaL+jPhGhiZLlt8DoHFSlUwtWoBFeUcihsxum5k/ea
iEmM7+PKKShcSGLaNctCUnpspZ1gAdDG+mUpqcLK9elfbgTT+rLkgF5SvKmZoUc9
BiBdlR0ZijRr9DTwo7Uw+Xpmi18DP3zrafsIkPmEnFnl0sEE/Oegv76zDc+6trKV
WtZ98Ky9q9GRvfLo+8A1TfGLtdJQuOAijZmxrPez3IuMj1THi2dQ4ndtAm0usS+K
Xq+KfucQNZ51WuIostojOHQLJa3u+o+uBeTd0HOHiFyx1oOXL3pZpgejHQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:31 2025 by rpki-client