Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c204c245-81a8-4ecc-8710-73a58cce8ccf.roa
File: c204c245-81a8-4ecc-8710-73a58cce8ccf.roa (raw, json)
Hash identifier: kQ4oCklrtiARG/k2swQvS1oWfw7q/jjMfMl5L57hqRw=
Subject key identifier: C1:01:28:15:5E:4C:E9:6B:AE:82:23:1D:F6:05:DE:BD:C1:0D:6F:A1
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6AD60046B4F7390529F1B163DB039A90C533D92A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c204c245-81a8-4ecc-8710-73a58cce8ccf.roa
Signing time: Sat 28 Dec 2024 00:00:00 +0000
ROA not before: Sat 28 Dec 2024 00:00:00 +0000
ROA not after: Sat 01 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.20.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d6:00:46:b4:f7:39:05:29:f1:b1:63:db:03:9a:90:c5:33:d9:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 28 00:00:00 2024 GMT
Not After : Feb 1 23:59:59 2025 GMT
Subject: serialNumber=203e3e6df2916dbae276e2698867ac13615e54a39f1bf16be68cfa9c70750176, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b2:fb:13:c3:4b:f3:75:60:6e:87:99:e7:5f:
b0:0c:bd:92:a2:5b:89:1a:d1:9c:37:86:ca:18:74:
26:ea:2e:a5:a7:e6:12:ab:52:e8:b4:69:da:11:07:
a8:84:2e:31:f7:8f:e2:c8:6d:1a:aa:ce:ff:df:8a:
8d:ed:78:5b:49:8a:76:6f:f2:64:bd:d5:bd:31:08:
63:4a:d7:5e:d7:96:bd:05:3b:d8:86:54:17:04:43:
8c:13:0a:6b:6f:e3:dd:17:d7:0a:13:ad:3f:fd:26:
4c:e4:9a:0d:eb:ce:19:26:58:f1:86:83:1a:57:fc:
34:79:0c:6b:5a:04:a4:85:ae:37:b8:d8:13:38:8a:
d9:e3:80:3f:51:5e:36:76:10:67:b6:8d:7c:9a:c6:
81:79:20:45:f2:ba:eb:bf:2e:c6:01:e0:55:4c:b5:
94:4d:bd:1d:09:81:90:a5:ee:b4:ae:a9:d6:72:99:
dc:43:cc:95:fd:24:f7:27:ff:af:bf:9a:32:86:0d:
93:54:32:e8:d1:42:38:ae:de:88:f8:59:e1:5b:01:
1d:49:de:36:ec:eb:7b:93:3b:72:d1:c1:eb:fb:1d:
6b:73:87:c0:ce:a4:b8:92:2e:57:43:ee:d9:5b:2a:
e1:8a:ad:3a:3a:e7:27:32:4b:b9:59:3a:35:79:25:
62:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:01:28:15:5E:4C:E9:6B:AE:82:23:1D:F6:05:DE:BD:C1:0D:6F:A1
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c204c245-81a8-4ecc-8710-73a58cce8ccf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:39:81:a1:81:54:fd:d5:0b:02:db:e9:15:5b:31:1d:c7:45:
4c:16:a0:f9:cc:f5:49:f4:95:0d:90:5e:63:26:ad:cc:20:a1:
b9:4f:c2:08:22:4d:45:9f:ed:07:1d:ba:95:9c:6e:52:fd:ed:
a5:a8:a5:3c:22:38:b7:3a:96:91:f3:69:28:d4:f8:f4:d8:cd:
e0:a0:f4:74:28:63:91:f1:94:b2:32:7b:ae:bc:48:0b:f6:e9:
f5:78:49:d9:49:99:5f:ca:26:93:52:8b:72:39:15:65:5e:78:
f6:1b:4f:3b:2e:ef:77:c2:15:f6:cb:28:64:80:7a:9c:63:02:
2f:04:bc:28:6e:94:20:79:ca:b4:fc:10:3d:90:49:11:13:14:
2e:49:a7:82:23:0f:6e:05:9b:30:7c:b2:24:56:1c:8c:bc:e9:
e3:85:09:87:01:76:1c:93:18:f6:5c:04:68:d6:1b:08:d7:00:
50:51:c0:8d:16:c1:a6:1b:02:c4:b0:9b:28:ba:c3:64:40:f2:
ac:72:55:ce:d1:3a:9c:35:a9:f9:b9:3a:08:34:e5:9a:88:cd:
7e:b4:22:fc:d6:69:bd:6f:cd:af:da:24:a7:39:6e:55:b7:d9:
b6:06:73:d1:08:18:28:1c:53:c4:c6:23:5f:64:5a:ce:60:e5:
bc:41:72:07
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUatYARrT3OQUp8bFj2wOakMUz2SowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI4MDAwMDAwWhcNMjUwMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDNlM2U2ZGYyOTE2ZGJhZTI3NmUyNjk4ODY3YWMxMzYx
NWU1NGEzOWYxYmYxNmJlNjhjZmE5YzcwNzUwMTc2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDosvsTw0vzdWBuh5nnX7AMvZKiW4ka0Zw3hsoYdCbqLqWn
5hKrUui0adoRB6iELjH3j+LIbRqqzv/fio3teFtJinZv8mS91b0xCGNK117Xlr0F
O9iGVBcEQ4wTCmtv490X1woTrT/9Jkzkmg3rzhkmWPGGgxpX/DR5DGtaBKSFrje4
2BM4itnjgD9RXjZ2EGe2jXyaxoF5IEXyuuu/LsYB4FVMtZRNvR0JgZCl7rSuqdZy
mdxDzJX9JPcn/6+/mjKGDZNUMujRQjiu3oj4WeFbAR1J3jbs63uTO3LRwev7HWtz
h8DOpLiSLldD7tlbKuGKrTo65ycyS7lZOjV5JWL1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwQEoFV5M6WuugiMd9gXevcENb6EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyMDRjMjQ1LTgxYTgtNGVjYy04NzEwLTczYTU4Y2NlOGNjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQFDANBgkqhkiG9w0BAQsFAAOCAQEAgjmBoYFU/dULAtvpFVsxHcdFTBag
+cz1SfSVDZBeYyatzCChuU/CCCJNRZ/tBx26lZxuUv3tpailPCI4tzqWkfNpKNT4
9NjN4KD0dChjkfGUsjJ7rrxIC/bp9XhJ2UmZX8omk1KLcjkVZV549htPOy7vd8IV
9ssoZIB6nGMCLwS8KG6UIHnKtPwQPZBJERMULkmngiMPbgWbMHyyJFYcjLzp44UJ
hwF2HJMY9lwEaNYbCNcAUFHAjRbBphsCxLCbKLrDZEDyrHJVztE6nDWp+bk6CDTl
mojNfrQi/NZpvW/Nr9okpzluVbfZtgZz0QgYKBxTxMYjX2RazmDlvEFyBw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:54:46 2025 by rpki-client