Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c630ec5e-82c7-4424-8aef-cc7120622a1f.roa
File: c630ec5e-82c7-4424-8aef-cc7120622a1f.roa (raw, json)
Hash identifier: 2PaX36lAhV8UrFJobEJQRnwYdetaYsTB9iCGRpZ1nbA=
Subject key identifier: F7:CB:19:F8:B1:F7:83:C6:32:C6:06:D8:D2:4D:AB:52:70:4C:74:82
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 48960F831198FD8245EC08ADCA1D5A8DA79CC6A6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c630ec5e-82c7-4424-8aef-cc7120622a1f.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 165.113.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:96:0f:83:11:98:fd:82:45:ec:08:ad:ca:1d:5a:8d:a7:9c:c6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=9da267c766502ac3c8a736aa658bfaed9914f6b9b2b72c1622356b5456c5a72c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9e:e8:35:b7:cd:ba:68:8e:54:7e:4c:ed:1f:
96:d7:24:4a:0a:14:2e:02:ae:03:b4:4d:31:e4:5f:
7a:13:22:2d:8a:5a:cc:39:c4:79:53:4c:0e:df:65:
ec:b4:39:90:eb:8d:86:95:0c:b6:44:2d:2d:8e:66:
75:f1:b6:9b:9f:4f:65:41:16:20:73:b2:02:b2:58:
ea:73:d4:dc:34:b1:6a:3a:9c:2e:8b:44:20:23:24:
f2:06:a3:09:ce:62:eb:a5:bd:2f:ee:da:2e:e3:29:
ab:58:9d:dc:32:7c:0b:a2:d3:58:32:cc:f0:d5:1b:
57:1a:62:1d:05:22:a1:b9:be:a3:9b:8c:e6:78:7e:
25:67:d5:eb:46:8e:47:05:1f:bd:3c:19:49:9b:02:
f0:54:e6:28:45:20:66:7f:6b:6e:9b:09:ae:19:3c:
0b:ce:23:3d:cf:de:a7:c8:0a:3c:76:47:aa:33:38:
e8:a4:07:45:9d:24:58:49:fd:61:76:b2:eb:76:f7:
18:58:8f:4a:8a:76:65:87:63:d7:7f:14:bb:3d:61:
b1:0e:5e:87:f8:18:a4:db:1e:4b:db:2a:80:fd:2b:
78:05:5f:5b:fa:2d:3f:2b:1c:0e:27:c8:98:0b:8f:
dc:a1:0c:ec:3c:9a:5d:55:3d:28:ce:d5:0e:cc:8a:
ea:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CB:19:F8:B1:F7:83:C6:32:C6:06:D8:D2:4D:AB:52:70:4C:74:82
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c630ec5e-82c7-4424-8aef-cc7120622a1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
165.113.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:ab:d6:68:c4:39:6d:f3:d1:e7:85:c6:83:8b:b9:e3:32:0d:
af:e1:8b:c1:b2:a2:95:4e:ad:c3:db:62:1a:7d:23:c3:4a:01:
67:74:6c:57:30:21:2a:ad:1f:c8:70:b9:a4:44:b2:cc:60:21:
82:fc:29:83:5d:14:8c:40:1b:29:88:58:5c:1f:c7:44:0d:52:
1b:68:f9:46:c3:99:8e:55:d4:c2:18:f2:39:49:4a:78:4d:c1:
86:6f:44:a0:fa:a7:96:69:94:ed:76:49:e5:7e:ff:ca:cc:79:
26:5a:56:ed:52:ea:ee:a9:e6:29:05:15:73:68:27:a2:52:ed:
39:1a:a3:ad:04:b2:0d:c4:f5:4d:1b:cc:fb:2f:d5:40:28:4e:
2b:fa:f9:05:60:8a:24:33:ff:8e:ee:14:8f:2a:81:7a:9f:a4:
a3:60:ca:13:5f:81:67:38:51:04:97:99:4a:d7:e0:8d:4c:f4:
c4:58:dd:31:fd:1c:a4:75:c9:2f:7d:a9:7a:cb:9c:65:0f:db:
66:cb:19:bf:73:d8:06:56:21:ac:a8:41:8c:90:a2:a6:c4:40:
3e:fb:b1:02:a7:63:75:41:02:c8:35:c5:16:34:36:a2:a3:95:
8e:65:ad:16:69:13:c8:af:f4:53:a9:97:6d:28:69:a3:96:97:
52:65:97:b8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSJYPgxGY/YJF7Aityh1ajaecxqYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZGEyNjdjNzY2NTAyYWMzYzhhNzM2YWE2NThiZmFlZDk5
MTRmNmI5YjJiNzJjMTYyMjM1NmI1NDU2YzVhNzJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4nug1t826aI5UfkztH5bXJEoKFC4CrgO0TTHkX3oTIi2K
Wsw5xHlTTA7fZey0OZDrjYaVDLZELS2OZnXxtpufT2VBFiBzsgKyWOpz1Nw0sWo6
nC6LRCAjJPIGownOYuulvS/u2i7jKatYndwyfAui01gyzPDVG1caYh0FIqG5vqOb
jOZ4fiVn1etGjkcFH708GUmbAvBU5ihFIGZ/a26bCa4ZPAvOIz3P3qfICjx2R6oz
OOikB0WdJFhJ/WF2sut29xhYj0qKdmWHY9d/FLs9YbEOXof4GKTbHkvbKoD9K3gF
X1v6LT8rHA4nyJgLj9yhDOw8ml1VPSjO1Q7MiurpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU98sZ+LH3g8YyxgbY0k2rUnBMdIIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M2MzBlYzVlLTgyYzctNDQyNC04YWVmLWNjNzEyMDYyMmExZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwClcTANBgkqhkiG9w0BAQsFAAOCAQEAbavWaMQ5bfPR54XGg4u54zINr+GL
wbKilU6tw9tiGn0jw0oBZ3RsVzAhKq0fyHC5pESyzGAhgvwpg10UjEAbKYhYXB/H
RA1SG2j5RsOZjlXUwhjyOUlKeE3Bhm9EoPqnlmmU7XZJ5X7/ysx5JlpW7VLq7qnm
KQUVc2gnolLtORqjrQSyDcT1TRvM+y/VQChOK/r5BWCKJDP/ju4UjyqBep+ko2DK
E1+BZzhRBJeZStfgjUz0xFjdMf0cpHXJL32pesucZQ/bZssZv3PYBlYhrKhBjJCi
psRAPvuxAqdjdUECyDXFFjQ2oqOVjmWtFmkTyK/0U6mXbShpo5aXUmWXuA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:17 2025 by rpki-client