Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8bdedf7-a352-4f45-887b-82548dfa395f.roa
File: c8bdedf7-a352-4f45-887b-82548dfa395f.roa (raw, json)
Hash identifier: N9reWatWVpdlyKP4ov+MTGBxsdJM6MiCXVASypF59X4=
Subject key identifier: 17:19:8F:0C:38:6D:55:52:3C:E7:03:27:68:4B:FE:6B:FC:73:50:68
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3E4BE9BADBBB9527914503AAA83D22D1F663DE8D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8bdedf7-a352-4f45-887b-82548dfa395f.roa
Signing time: Sat 11 Jan 2025 00:00:00 +0000
ROA not before: Sat 11 Jan 2025 00:00:00 +0000
ROA not after: Sat 15 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.195.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:4b:e9:ba:db:bb:95:27:91:45:03:aa:a8:3d:22:d1:f6:63:de:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 11 00:00:00 2025 GMT
Not After : Feb 15 23:59:59 2025 GMT
Subject: serialNumber=8cd80f4d11eab7ff446750479a5c24d6ed0d43c6962c6b1f1051dceb1eb92232, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:09:5f:aa:9d:7d:80:53:d1:24:de:25:50:
4c:6b:c0:9b:c0:5c:62:1c:90:17:d1:40:41:5d:01:
71:e7:f2:ed:85:64:b1:b0:ee:ef:16:d9:05:de:2a:
3e:cb:b8:11:21:f1:46:7c:df:30:4c:4a:0e:bf:fb:
f9:02:07:01:54:df:1c:90:66:2b:65:fd:00:f0:d9:
ea:21:1f:b5:bc:59:4d:dc:99:fc:8c:dc:86:0b:b6:
b2:89:27:96:f8:08:bc:6f:7a:cf:38:b5:55:69:1c:
2b:e8:02:72:06:12:38:ef:70:26:4c:7b:a2:81:0f:
4b:92:10:98:6f:15:5e:a4:5c:29:cf:b6:1c:cb:eb:
53:14:a0:95:67:26:4b:ab:02:5a:a3:10:70:be:ff:
29:b3:fc:77:f4:cb:b6:99:00:5d:1c:42:a2:ac:fb:
c6:25:fb:db:53:52:00:d4:dc:e3:09:11:b7:be:ad:
20:72:0f:2e:cc:a0:b5:05:f2:c0:8c:43:63:46:1e:
76:92:c5:13:23:47:b1:f7:28:36:be:f0:1d:9d:6a:
2f:ea:45:ac:48:9f:46:c5:f2:e3:2e:7d:06:fb:a6:
00:1d:3b:90:cd:62:96:b1:00:55:b4:ed:63:3f:7c:
db:35:9a:59:88:6a:c8:a6:80:d9:cd:c7:a2:f8:e6:
53:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:19:8F:0C:38:6D:55:52:3C:E7:03:27:68:4B:FE:6B:FC:73:50:68
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8bdedf7-a352-4f45-887b-82548dfa395f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.195.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:ad:73:0c:b9:9e:73:04:2b:e8:a3:f0:1a:be:d1:49:5b:e5:
1f:41:51:89:8f:f8:b3:8b:91:dd:6b:ac:40:d4:b5:f6:cb:01:
60:c7:e6:09:cb:9e:d7:50:b6:aa:e3:56:49:e8:f9:73:7b:6b:
3e:db:4f:7b:eb:70:27:b6:18:b2:1b:c1:e5:0e:a8:73:eb:64:
08:4d:81:ea:75:59:fe:3c:65:10:3e:c3:5a:9e:46:de:de:84:
5d:4f:d5:7f:3e:28:bd:51:df:52:61:c8:86:5a:7a:ec:c4:44:
16:18:84:26:75:90:b6:3e:89:4d:97:a7:ac:27:ac:73:48:1a:
82:7e:a6:5b:8f:ba:89:90:2c:02:e5:25:b3:9f:ad:61:1c:6b:
fb:0c:65:0b:75:77:c0:d6:c9:b2:a1:47:8b:20:04:aa:30:81:
46:4c:ae:1d:84:a6:0e:6a:92:4b:07:41:fa:f3:70:b0:b8:ab:
2d:76:a4:43:f9:c9:20:89:4b:57:d6:82:9d:00:a0:1e:c7:ec:
b2:a4:11:1d:63:ba:0a:02:51:ea:79:a0:d9:dc:41:2f:13:e0:
1a:55:35:7e:81:ed:f0:05:4e:b6:1e:7b:05:eb:6b:93:78:57:
53:ec:a9:a5:97:8e:cd:48:7e:a8:a5:b5:4d:c9:21:66:c5:18:
7e:22:b7:a4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPkvputu7lSeRRQOqqD0i0fZj3o0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTExMDAwMDAwWhcNMjUwMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4Y2Q4MGY0ZDExZWFiN2ZmNDQ2NzUwNDc5YTVjMjRkNmVk
MGQ0M2M2OTYyYzZiMWYxMDUxZGNlYjFlYjkyMjMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3oAlfqp19gFPRJN4lUExrwJvAXGIckBfRQEFdAXHn8u2F
ZLGw7u8W2QXeKj7LuBEh8UZ83zBMSg6/+/kCBwFU3xyQZitl/QDw2eohH7W8WU3c
mfyM3IYLtrKJJ5b4CLxves84tVVpHCvoAnIGEjjvcCZMe6KBD0uSEJhvFV6kXCnP
thzL61MUoJVnJkurAlqjEHC+/ymz/Hf0y7aZAF0cQqKs+8Yl+9tTUgDU3OMJEbe+
rSByDy7MoLUF8sCMQ2NGHnaSxRMjR7H3KDa+8B2dai/qRaxIn0bF8uMufQb7pgAd
O5DNYpaxAFW07WM/fNs1mlmIasimgNnNx6L45lMbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUFxmPDDhtVVI85wMnaEv+a/xzUGgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4YmRlZGY3LWEzNTItNGY0NS04ODdiLTgyNTQ4ZGZhMzk1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQwzANBgkqhkiG9w0BAQsFAAOCAQEAcK1zDLmecwQr6KPwGr7RSVvlH0FR
iY/4s4uR3WusQNS19ssBYMfmCcue11C2quNWSej5c3trPttPe+twJ7YYshvB5Q6o
c+tkCE2B6nVZ/jxlED7DWp5G3t6EXU/Vfz4ovVHfUmHIhlp67MREFhiEJnWQtj6J
TZenrCesc0gagn6mW4+6iZAsAuUls5+tYRxr+wxlC3V3wNbJsqFHiyAEqjCBRkyu
HYSmDmqSSwdB+vNwsLirLXakQ/nJIIlLV9aCnQCgHsfssqQRHWO6CgJR6nmg2dxB
LxPgGlU1foHt8AVOth57Betrk3hXU+yppZeOzUh+qKW1TckhZsUYfiK3pA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:54:25 2025 by rpki-client