Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b972674e-333d-473a-8df0-763a2479adc6.roa
File: b972674e-333d-473a-8df0-763a2479adc6.roa (raw, json)
Hash identifier: gVtphnCASLk2G1HFRm5Pfl8TH9MssOLxlpmgmS8Xgtc=
Subject key identifier: DE:E9:2F:BC:5C:F1:CE:5B:E3:11:CD:86:3C:BC:B1:50:C1:A7:7F:7E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 12EEE724C88B1B692348AE31001D079634787864
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b972674e-333d-473a-8df0-763a2479adc6.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 16.17.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ee:e7:24:c8:8b:1b:69:23:48:ae:31:00:1d:07:96:34:78:78:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=d6385102fa54b0c56e20f283940bc0390b9468f4bd8a40dc20e2e43fc661f883, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:68:38:87:82:e5:cf:a1:cf:97:e6:d1:67:e3:
6c:0e:1f:cf:ee:ae:fc:3a:a7:aa:84:0f:b3:c7:97:
33:a0:47:5e:88:25:73:2f:15:21:27:12:5a:38:0c:
9e:51:49:25:c4:48:f4:7a:07:a2:8a:03:cf:8b:28:
91:e6:50:39:55:00:68:86:0b:81:7f:9a:2f:03:5e:
ea:5b:70:d2:79:c6:10:12:ae:e0:f0:ee:a4:f2:dd:
da:81:48:a5:06:25:44:2c:c3:19:78:38:08:57:15:
d8:34:9c:5f:9a:c0:48:f7:7e:06:ab:5d:95:74:d3:
ee:3e:4c:cd:c1:77:b8:49:2c:a9:65:8f:26:68:40:
9d:3d:8f:c5:6c:ee:d9:68:bf:b9:d3:c1:38:52:ce:
16:dc:9f:1a:cc:00:26:3d:0b:21:91:27:7a:59:f1:
05:23:08:07:31:12:62:68:d2:ad:e5:c4:42:30:7d:
2b:ed:46:22:9b:1b:2e:bc:a3:68:cc:63:1b:41:3d:
07:a2:7a:b7:3a:57:86:c8:ac:e3:36:75:8b:f2:81:
f0:bf:a9:af:cd:f5:af:69:62:93:30:b1:28:1c:ae:
7e:d6:09:81:cc:a9:c7:8f:8c:bc:34:93:e2:99:5f:
66:71:56:df:ee:d4:1a:f5:a7:d8:8d:a1:97:f7:c3:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E9:2F:BC:5C:F1:CE:5B:E3:11:CD:86:3C:BC:B1:50:C1:A7:7F:7E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b972674e-333d-473a-8df0-763a2479adc6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:e0:dc:97:46:f1:8f:f0:14:af:21:ce:51:bf:e7:11:f9:f1:
6d:45:de:21:d7:81:a1:55:6b:fc:22:45:ac:39:b4:2a:a6:dc:
65:1f:7c:3b:5b:0d:cd:f4:5b:04:98:f8:61:f6:a0:63:a9:76:
b6:93:b0:9c:33:de:f7:be:7b:5d:48:5f:58:df:7d:89:00:db:
ac:e8:2b:71:fc:29:3b:3d:5c:80:20:df:69:65:60:80:d1:dd:
88:78:24:0a:9f:84:05:98:c5:0f:29:5a:a6:82:46:f6:23:a0:
b3:57:f6:49:98:00:da:1a:5e:96:44:c1:b0:c5:d1:92:52:af:
ec:d5:12:c7:c5:f8:b2:40:75:bf:98:4d:76:fd:d8:8e:1d:47:
d7:14:46:c5:e6:49:99:f9:28:9e:05:1a:04:e5:3b:b4:21:ad:
3a:6b:7b:a8:66:b9:84:b2:1b:d9:7a:37:87:ca:a7:5b:da:94:
bc:a2:a6:10:1c:0d:49:b1:b3:c6:b6:c1:a2:59:9b:0a:cc:97:
43:34:5f:ee:3d:31:2c:94:14:58:da:9d:0e:49:50:02:d1:35:
90:e7:62:bc:67:d8:3c:32:72:84:ce:0f:05:52:38:20:22:56:
5e:e7:85:62:d9:28:76:f5:5d:b5:0b:d8:68:d7:60:3c:70:45:
62:7a:3c:60
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEu7nJMiLG2kjSK4xAB0HljR4eGQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNjM4NTEwMmZhNTRiMGM1NmUyMGYyODM5NDBiYzAzOTBi
OTQ2OGY0YmQ4YTQwZGMyMGUyZTQzZmM2NjFmODgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtaDiHguXPoc+X5tFn42wOH8/urvw6p6qED7PHlzOgR16I
JXMvFSEnElo4DJ5RSSXESPR6B6KKA8+LKJHmUDlVAGiGC4F/mi8DXupbcNJ5xhAS
ruDw7qTy3dqBSKUGJUQswxl4OAhXFdg0nF+awEj3fgarXZV00+4+TM3Bd7hJLKll
jyZoQJ09j8Vs7tlov7nTwThSzhbcnxrMACY9CyGRJ3pZ8QUjCAcxEmJo0q3lxEIw
fSvtRiKbGy68o2jMYxtBPQeierc6V4bIrOM2dYvygfC/qa/N9a9pYpMwsSgcrn7W
CYHMqcePjLw0k+KZX2ZxVt/u1Br1p9iNoZf3wwH9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3ukvvFzxzlvjEc2GPLyxUMGnf34wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I5NzI2NzRlLTMzM2QtNDczYS04ZGYwLTc2M2EyNDc5YWRjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQETANBgkqhkiG9w0BAQsFAAOCAQEAjuDcl0bxj/AUryHOUb/nEfnxbUXe
IdeBoVVr/CJFrDm0KqbcZR98O1sNzfRbBJj4YfagY6l2tpOwnDPe9757XUhfWN99
iQDbrOgrcfwpOz1cgCDfaWVggNHdiHgkCp+EBZjFDylapoJG9iOgs1f2SZgA2hpe
lkTBsMXRklKv7NUSx8X4skB1v5hNdv3Yjh1H1xRGxeZJmfkongUaBOU7tCGtOmt7
qGa5hLIb2Xo3h8qnW9qUvKKmEBwNSbGzxrbBolmbCsyXQzRf7j0xLJQUWNqdDklQ
AtE1kOdivGfYPDJyhM4PBVI4ICJWXueFYtkodvVdtQvYaNdgPHBFYno8YA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:12:31 2025 by rpki-client