Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd9cc9e2-3396-44f3-a4e7-769772759f71.roa
File: bd9cc9e2-3396-44f3-a4e7-769772759f71.roa (raw, json)
Hash identifier: j5hTIqS9hRYKZibprftTdfyZ9Icr7ayf6aw+KR8L+eg=
Subject key identifier: 88:3A:69:E6:BA:4F:E6:5B:14:AD:92:F2:B3:B6:46:78:C3:92:5F:20
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4592B9C1D2DDFA814C28CD95E1CFBE2201BB1042
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd9cc9e2-3396-44f3-a4e7-769772759f71.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.78.216.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:92:b9:c1:d2:dd:fa:81:4c:28:cd:95:e1:cf:be:22:01:bb:10:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=0d1c87870bee8dbe8968658cf3418a1f402e5f7d76f923278e431e678fb996d6, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:da:50:7d:1a:fd:a3:c3:01:d0:44:01:ff:b0:
60:4b:79:79:d0:45:a7:ec:91:42:20:14:dd:1e:ac:
8c:56:84:f2:50:02:c5:20:51:8a:ca:c7:bf:ee:44:
f7:9d:3f:86:28:65:54:c1:9b:03:9d:6d:6f:c4:89:
45:1d:d0:4a:54:c8:11:05:3e:2c:54:29:f0:fe:dc:
43:d3:75:98:20:87:ee:24:33:d6:6d:d3:e8:a5:04:
a3:57:ed:d7:87:c2:96:d6:cc:4c:74:c9:a7:bb:9a:
73:dd:47:f5:21:94:cd:8e:e7:2b:ef:68:a1:0b:b8:
69:f3:ed:95:d4:18:10:b9:e5:85:d9:32:3f:d9:7a:
59:2f:5c:05:9e:26:3a:35:d0:b7:5b:b1:5b:62:87:
90:57:f2:19:19:a1:94:6a:76:f0:ae:0c:6c:72:9a:
58:14:3b:be:8c:f8:1f:34:a0:50:de:f1:87:82:a5:
86:db:5b:71:c7:e9:66:90:7f:2c:77:cf:80:60:3e:
5f:05:86:40:b7:49:8d:d1:08:71:1f:c7:77:5c:09:
33:d7:bb:2b:09:dc:a6:40:3e:74:67:b3:13:19:f4:
b8:ea:55:8c:5e:02:5b:55:8a:86:a3:d0:2f:af:0d:
5e:2b:3e:c4:58:59:7c:13:24:c6:01:3d:bd:8b:ad:
67:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3A:69:E6:BA:4F:E6:5B:14:AD:92:F2:B3:B6:46:78:C3:92:5F:20
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd9cc9e2-3396-44f3-a4e7-769772759f71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.78.216.0/22
Signature Algorithm: sha256WithRSAEncryption
43:f7:51:1c:e0:4b:58:de:8f:64:a4:7c:e8:3d:56:e7:fd:3b:
5f:d5:3c:32:96:15:22:22:2b:57:68:f5:8f:71:79:1f:98:1a:
17:06:38:f0:a9:3e:12:b7:ff:05:e2:95:69:2e:a3:9d:a8:de:
30:d1:d0:10:1a:43:b3:5d:f4:a0:1c:0e:79:e3:b5:1a:a8:2d:
d4:b7:06:18:60:29:55:fe:21:82:b8:e2:21:ef:6c:5b:19:cb:
c6:92:13:b9:d0:a2:1a:f1:50:6d:f8:00:17:ff:93:de:5e:fb:
37:09:0f:b0:35:e8:5b:25:07:58:d5:56:d4:87:15:2c:96:19:
91:74:56:14:ca:63:24:60:77:06:70:2a:bd:dd:27:8b:51:ed:
8f:db:a7:8c:b9:6b:b8:89:99:3c:4e:f7:bd:95:b2:76:cd:8e:
29:aa:ed:33:84:31:bf:af:14:b4:62:cf:f6:f4:11:01:6d:6a:
cb:a2:12:00:c2:7c:46:0a:c4:44:9c:14:08:38:c0:d0:b3:8d:
05:84:64:db:35:19:b7:a2:42:27:af:8f:86:14:2a:b5:7a:b5:
8f:5b:35:45:f7:15:a0:5d:a2:03:f6:e4:e8:d7:cd:d5:3b:15:
87:25:5a:8c:fa:8a:f5:a6:40:04:f8:46:cb:db:74:24:32:5b:
70:a4:33:eb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURZK5wdLd+oFMKM2V4c++IgG7EEIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDFjODc4NzBiZWU4ZGJlODk2ODY1OGNmMzQxOGExZjQw
MmU1ZjdkNzZmOTIzMjc4ZTQzMWU2NzhmYjk5NmQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDi2lB9Gv2jwwHQRAH/sGBLeXnQRafskUIgFN0erIxWhPJQ
AsUgUYrKx7/uRPedP4YoZVTBmwOdbW/EiUUd0EpUyBEFPixUKfD+3EPTdZggh+4k
M9Zt0+ilBKNX7deHwpbWzEx0yae7mnPdR/UhlM2O5yvvaKELuGnz7ZXUGBC55YXZ
Mj/ZelkvXAWeJjo10LdbsVtih5BX8hkZoZRqdvCuDGxymlgUO76M+B80oFDe8YeC
pYbbW3HH6WaQfyx3z4BgPl8FhkC3SY3RCHEfx3dcCTPXuysJ3KZAPnRnsxMZ9Ljq
VYxeAltVioaj0C+vDV4rPsRYWXwTJMYBPb2LrWeXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiDpp5rpP5lsUrZLys7ZGeMOSXyAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JkOWNjOWUyLTMzOTYtNDRmMy1hNGU3LTc2OTc3Mjc1OWY3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjTtgwDQYJKoZIhvcNAQELBQADggEBAEP3URzgS1jej2SkfOg9Vuf9O1/V
PDKWFSIiK1do9Y9xeR+YGhcGOPCpPhK3/wXilWkuo52o3jDR0BAaQ7Nd9KAcDnnj
tRqoLdS3BhhgKVX+IYK44iHvbFsZy8aSE7nQohrxUG34ABf/k95e+zcJD7A16Fsl
B1jVVtSHFSyWGZF0VhTKYyRgdwZwKr3dJ4tR7Y/bp4y5a7iJmTxO972VsnbNjimq
7TOEMb+vFLRiz/b0EQFtasuiEgDCfEYKxEScFAg4wNCzjQWEZNs1GbeiQievj4YU
KrV6tY9bNUX3FaBdogP25OjXzdU7FYclWoz6ivWmQAT4RsvbdCQyW3CkM+s=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:11:32 2025 by rpki-client