Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c682b3e5-17b5-4adf-9196-699549d1127e.roa
File: c682b3e5-17b5-4adf-9196-699549d1127e.roa (raw, json)
Hash identifier: iaAkZLTX8TbrHHxAq6hJ7NBKryXvE5oIHDfB8BDmxLs=
Subject key identifier: 0D:CA:DD:F6:EB:CA:CA:91:4A:15:B6:CD:B7:0A:D7:A3:83:53:3C:B3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0D74CAD325ACA8121347643607D50D23FD8912BD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c682b3e5-17b5-4adf-9196-699549d1127e.roa
Signing time: Sat 11 Jan 2025 00:00:00 +0000
ROA not before: Sat 11 Jan 2025 00:00:00 +0000
ROA not after: Sat 15 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 199.198.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:74:ca:d3:25:ac:a8:12:13:47:64:36:07:d5:0d:23:fd:89:12:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 11 00:00:00 2025 GMT
Not After : Feb 15 23:59:59 2025 GMT
Subject: serialNumber=11dd5f4eed0ccd1badb12e1ce334e2b6356c477551ef1ef1050b73766707a267, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0d:f7:cd:df:0d:64:13:ca:b8:21:27:11:93:
8b:e6:07:fa:d6:c3:2f:39:2c:3b:4e:99:8d:16:34:
44:b3:15:6e:a0:b7:42:6f:03:aa:1e:e9:f1:98:5b:
af:05:0b:4f:0c:0a:97:f6:42:3b:f5:fb:ac:66:95:
e1:8d:55:65:44:82:c5:57:4b:36:c7:49:64:af:70:
0b:7a:85:22:13:7a:6d:d4:d1:0d:97:e2:d2:9b:d9:
ea:a2:9d:ef:6f:b7:dd:25:a4:cc:56:1a:06:5e:59:
3b:3e:ee:59:a3:29:9b:05:be:b7:3a:32:0f:b4:ba:
0b:67:93:06:1f:b6:45:bf:e3:49:f9:16:1e:75:ab:
5c:fd:95:af:ab:87:44:99:ed:33:2e:f3:85:e0:07:
30:85:6c:8c:d0:85:85:e7:74:5f:d3:bc:fb:fb:15:
3d:f6:8d:0f:3c:2a:c5:04:2b:08:00:63:38:d6:82:
3e:6f:da:5e:50:18:ba:2b:4d:eb:6c:d1:3f:9f:17:
de:e6:ba:8f:dc:b4:d8:99:11:1b:34:9a:2b:4a:94:
45:11:b1:d8:1f:2e:15:02:d3:bd:ba:f0:52:37:f2:
d9:b3:4b:58:3b:a8:0d:f3:37:70:0b:49:65:95:8d:
e3:9b:77:2e:0f:25:1b:cf:74:2f:fe:66:f4:a7:fd:
5c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CA:DD:F6:EB:CA:CA:91:4A:15:B6:CD:B7:0A:D7:A3:83:53:3C:B3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c682b3e5-17b5-4adf-9196-699549d1127e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.198.0.0/17
Signature Algorithm: sha256WithRSAEncryption
44:08:f8:d4:0d:26:69:72:de:5c:83:c5:30:18:fb:f6:44:6e:
ef:f0:af:92:1f:c0:5d:3a:54:52:5d:07:a0:c6:60:0a:01:63:
c0:68:ad:e5:42:1f:6d:85:9d:c5:31:60:1f:46:d4:cb:77:7e:
7f:09:61:93:89:a4:f7:63:6a:78:6f:21:4a:74:17:64:63:4a:
93:87:83:0a:b4:0c:70:b3:38:2c:cd:06:06:e8:f5:92:7d:19:
de:51:a1:b1:4f:9a:57:30:71:55:0b:0d:9d:69:93:30:92:36:
fa:d7:2a:11:61:00:e1:e5:7a:e7:9e:d0:ac:6c:e0:ac:f9:75:
d7:07:a8:5a:d8:94:0b:a7:d6:75:c1:44:c9:8c:76:08:da:97:
52:05:83:1a:06:b7:5e:0c:9a:95:b4:ee:3b:f9:f9:83:ac:f4:
49:2a:ff:71:7d:4e:c0:a5:a6:14:e8:26:8f:b5:5c:28:46:fa:
27:0f:96:b9:cc:dd:73:42:a4:47:10:92:df:6a:60:f5:15:49:
f6:b5:28:4e:47:6e:cb:07:a1:53:e9:cc:cc:9a:6d:31:a0:2f:
22:3f:7d:4d:67:ab:bf:4a:3e:b2:17:23:b4:8d:47:21:0a:8b:
f6:8c:34:2d:69:37:c1:cd:0e:ad:b1:44:85:ac:12:78:20:12:
7c:fb:be:62
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDXTK0yWsqBITR2Q2B9UNI/2JEr0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTExMDAwMDAwWhcNMjUwMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMWRkNWY0ZWVkMGNjZDFiYWRiMTJlMWNlMzM0ZTJiNjM1
NmM0Nzc1NTFlZjFlZjEwNTBiNzM3NjY3MDdhMjY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDDffN3w1kE8q4IScRk4vmB/rWwy85LDtOmY0WNESzFW6g
t0JvA6oe6fGYW68FC08MCpf2Qjv1+6xmleGNVWVEgsVXSzbHSWSvcAt6hSITem3U
0Q2X4tKb2eqine9vt90lpMxWGgZeWTs+7lmjKZsFvrc6Mg+0ugtnkwYftkW/40n5
Fh51q1z9la+rh0SZ7TMu84XgBzCFbIzQhYXndF/TvPv7FT32jQ88KsUEKwgAYzjW
gj5v2l5QGLorTets0T+fF97muo/ctNiZERs0mitKlEURsdgfLhUC07268FI38tmz
S1g7qA3zN3ALSWWVjeObdy4PJRvPdC/+ZvSn/Vx7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDcrd9uvKypFKFbbNtwrXo4NTPLMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M2ODJiM2U1LTE3YjUtNGFkZi05MTk2LTY5OTU0OWQxMTI3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAfHxgAwDQYJKoZIhvcNAQELBQADggEBAEQI+NQNJmly3lyDxTAY+/ZEbu/w
r5IfwF06VFJdB6DGYAoBY8BoreVCH22FncUxYB9G1Mt3fn8JYZOJpPdjanhvIUp0
F2RjSpOHgwq0DHCzOCzNBgbo9ZJ9Gd5RobFPmlcwcVULDZ1pkzCSNvrXKhFhAOHl
euee0Kxs4Kz5ddcHqFrYlAun1nXBRMmMdgjal1IFgxoGt14MmpW07jv5+YOs9Ekq
/3F9TsClphToJo+1XChG+icPlrnM3XNCpEcQkt9qYPUVSfa1KE5HbssHoVPpzMya
bTGgLyI/fU1nq79KPrIXI7SNRyEKi/aMNC1pN8HNDq2xRIWsEnggEnz7vmI=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:27 2025 by rpki-client