Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c150e7f4-181f-445e-802b-e1f3b4d4acd5.roa
File: c150e7f4-181f-445e-802b-e1f3b4d4acd5.roa (raw, json)
Hash identifier: Y2qqIaSHJ/H/cehtG5v9O5kGeTp3mdMrsq6uSF1mHKw=
Subject key identifier: 5D:D8:87:67:61:76:76:38:13:30:56:04:27:84:D8:58:11:E1:E2:FD
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7D61211526E51D37456E646424D0790E2C471AEA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c150e7f4-181f-445e-802b-e1f3b4d4acd5.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 128.21.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:61:21:15:26:e5:1d:37:45:6e:64:64:24:d0:79:0e:2c:47:1a:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=f6873f46c689123f345524fe76fe3aa8545706bb43c0982ffe926c68ac3a3d8a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:94:94:dc:99:ad:1c:4b:69:3f:9c:42:7e:82:
8c:66:8b:71:25:01:81:23:d6:0d:10:10:66:6a:c7:
02:9e:98:11:87:92:a7:18:81:eb:90:b1:91:d7:d9:
de:59:27:2a:7d:86:96:f1:83:fd:bf:60:d9:58:3c:
cb:32:2a:e5:4f:fa:b9:5c:a5:19:61:1a:d1:1e:5a:
e8:26:6c:46:bd:29:1e:fa:bf:ed:f9:eb:2a:4d:f6:
a3:99:f9:00:23:30:88:29:63:62:84:72:8b:e9:a0:
2c:da:7b:59:0d:cc:32:91:e4:ab:a2:dd:90:cf:a8:
52:08:c0:c8:d0:00:07:88:63:e1:a1:20:8a:66:97:
06:a9:34:fd:32:05:f2:42:db:4f:02:83:5c:74:7d:
72:55:dd:f5:9d:5b:fb:63:35:64:4c:fe:1e:bf:48:
b7:03:d3:81:65:3d:ea:cb:46:66:7c:b2:71:0b:b6:
75:dc:b0:54:14:b5:56:34:25:04:99:50:d4:37:9b:
38:aa:b7:b6:c9:2c:02:e6:85:b7:b1:0e:18:7b:2a:
99:2d:3c:c4:6f:b5:7b:ef:7b:6a:06:d2:26:82:7c:
ed:74:bc:88:f5:f2:16:45:79:8c:eb:94:b9:b1:95:
a9:03:d3:7f:fd:92:ce:78:a9:49:ac:1b:d6:98:36:
32:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D8:87:67:61:76:76:38:13:30:56:04:27:84:D8:58:11:E1:E2:FD
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c150e7f4-181f-445e-802b-e1f3b4d4acd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:76:cc:f4:32:18:30:ba:1b:db:61:39:57:94:59:1e:aa:c7:
f8:98:e4:c3:41:d5:83:96:6c:b4:a7:18:ef:2b:48:82:5d:31:
83:e1:69:b7:43:7c:78:a0:3a:07:76:02:5b:d6:e5:65:93:9c:
8c:b1:d2:97:25:ab:a0:2d:e1:cc:0e:ef:90:07:53:a6:f7:16:
9c:34:2a:02:9d:b3:0b:1e:d5:e4:b1:85:04:1a:49:c4:ef:22:
82:ef:ee:5e:e2:f8:4a:23:c4:5c:b5:d3:a7:01:8c:52:2d:fe:
e3:71:b3:0a:9f:f4:96:5b:2b:6e:60:73:7c:f1:47:51:81:de:
4d:ce:cd:35:ea:22:34:81:50:10:e1:58:95:33:7e:42:0b:02:
7b:62:91:3c:ed:7b:1a:e4:62:73:4a:12:bd:5d:69:58:2a:73:
cd:ae:1e:30:88:1b:56:1c:1f:a0:6b:c6:d0:8a:f0:bf:17:5a:
25:c2:87:f8:66:d7:ae:0f:fd:2b:7f:04:e7:87:46:ca:6b:a2:
b6:b4:8f:72:a2:03:71:ff:15:18:d9:a9:4e:c6:51:c8:68:31:
29:d6:6d:12:4e:42:99:14:ac:13:6f:df:72:93:1c:da:7b:3c:
af:2f:1e:4d:9e:a7:d0:d0:d3:ba:ee:81:a3:93:ff:1f:dc:20:
d3:38:7c:1b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfWEhFSblHTdFbmRkJNB5DixHGuowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjg3M2Y0NmM2ODkxMjNmMzQ1NTI0ZmU3NmZlM2FhODU0
NTcwNmJiNDNjMDk4MmZmZTkyNmM2OGFjM2EzZDhhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/lJTcma0cS2k/nEJ+goxmi3ElAYEj1g0QEGZqxwKemBGH
kqcYgeuQsZHX2d5ZJyp9hpbxg/2/YNlYPMsyKuVP+rlcpRlhGtEeWugmbEa9KR76
v+356ypN9qOZ+QAjMIgpY2KEcovpoCzae1kNzDKR5Kui3ZDPqFIIwMjQAAeIY+Gh
IIpmlwapNP0yBfJC208Cg1x0fXJV3fWdW/tjNWRM/h6/SLcD04FlPerLRmZ8snEL
tnXcsFQUtVY0JQSZUNQ3mziqt7bJLALmhbexDhh7KpktPMRvtXvve2oG0iaCfO10
vIj18hZFeYzrlLmxlakD03/9ks54qUmsG9aYNjIVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUXdiHZ2F2djgTMFYEJ4TYWBHh4v0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxNTBlN2Y0LTE4MWYtNDQ1ZS04MDJiLWUxZjNiNGQ0YWNkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCAFTANBgkqhkiG9w0BAQsFAAOCAQEAcXbM9DIYMLob22E5V5RZHqrH+Jjk
w0HVg5ZstKcY7ytIgl0xg+Fpt0N8eKA6B3YCW9blZZOcjLHSlyWroC3hzA7vkAdT
pvcWnDQqAp2zCx7V5LGFBBpJxO8igu/uXuL4SiPEXLXTpwGMUi3+43GzCp/0llsr
bmBzfPFHUYHeTc7NNeoiNIFQEOFYlTN+QgsCe2KRPO17GuRic0oSvV1pWCpzza4e
MIgbVhwfoGvG0IrwvxdaJcKH+GbXrg/9K38E54dGymuitrSPcqIDcf8VGNmpTsZR
yGgxKdZtEk5CmRSsE2/fcpMc2ns8ry8eTZ6n0NDTuu6Bo5P/H9wg0zh8Gw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:42:40 2025 by rpki-client