Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbf4543b-cacd-429e-afa8-304971d8f9e8.roa
File: cbf4543b-cacd-429e-afa8-304971d8f9e8.roa (raw, json)
Hash identifier: iZKI5KG9XYXaALEK3ppTkeKi5Y0G58hBHo41HY+etQk=
Subject key identifier: 5A:C9:CD:D2:56:E1:FA:27:BD:B2:6F:93:1A:E6:40:31:88:65:1E:F3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 417C0C99942AB020D0B49E0F89CE62A052CD31C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbf4543b-cacd-429e-afa8-304971d8f9e8.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 150.103.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:7c:0c:99:94:2a:b0:20:d0:b4:9e:0f:89:ce:62:a0:52:cd:31:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=68de676837feab44e0d104be04653bd2f184f17bcd4337554ac9bbd0d9472d55, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e7:47:5a:f9:37:92:4a:54:64:1f:84:7a:5d:
2b:50:5a:e6:94:67:88:7f:de:52:b8:90:9a:83:38:
ed:1c:5a:33:c9:f2:76:78:93:8d:f7:60:71:af:c4:
52:7c:2b:d5:7f:07:d2:93:3d:48:80:08:7b:76:9e:
5a:3d:f1:19:0f:ad:e0:a1:dd:c0:d9:11:b8:e7:3b:
cc:ec:5c:f3:37:a0:f6:da:8f:dd:ac:2d:ab:07:16:
29:f8:7e:9c:5e:a9:37:95:36:08:aa:89:f4:83:a7:
c7:f3:14:e9:26:e6:80:37:0f:5e:69:ee:b6:35:b9:
1e:9d:6e:1b:75:2c:7a:b3:cc:2b:7a:cb:34:62:2e:
03:a1:3e:e8:3d:91:43:06:f8:3d:d5:8c:e0:95:45:
3c:e2:b5:80:c5:c3:91:00:82:e3:69:4f:73:d9:d3:
6e:59:f0:13:06:b4:90:07:db:17:50:8d:82:94:54:
ae:44:c1:e3:ad:f9:49:6b:09:d4:8c:02:20:80:a9:
df:52:05:d5:0f:4d:d9:cd:b0:f5:e9:94:fa:be:e1:
07:ef:af:0d:4b:40:3b:a3:a7:cd:35:5d:1b:39:0a:
89:08:bc:a0:2f:7f:0a:6a:22:11:77:27:f3:62:53:
d0:df:49:19:ba:95:b5:23:7c:18:c4:5c:07:61:85:
39:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C9:CD:D2:56:E1:FA:27:BD:B2:6F:93:1A:E6:40:31:88:65:1E:F3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbf4543b-cacd-429e-afa8-304971d8f9e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:b1:6e:ba:e0:7c:73:dc:78:d4:df:a8:c8:33:6b:35:41:ed:
f7:52:e3:86:49:b6:79:7e:b7:f4:23:75:cb:1b:69:15:f2:a2:
bb:63:e9:4f:06:d1:e8:8b:2b:24:7f:c2:b9:db:21:69:63:62:
e0:f7:57:0a:9b:8d:a5:4d:94:25:58:80:51:c8:c0:5a:9b:aa:
5a:40:d1:27:4e:02:8e:5f:6e:23:7c:8b:50:9d:7d:f3:6d:bc:
38:a2:b3:51:96:0f:02:ca:01:c1:12:77:86:e3:63:d9:85:f7:
3c:35:31:52:6e:3d:72:d7:0f:64:ea:17:4a:82:ab:da:f9:d3:
52:e2:87:c7:b2:b0:e5:9d:d2:3a:e9:ef:a6:87:75:43:d9:48:
21:8b:0c:c1:ab:99:c9:e3:4a:f9:20:cb:45:1b:d1:07:a3:75:
ab:71:66:16:90:bd:48:fc:c7:57:09:20:4e:42:8e:8b:6d:95:
eb:8e:df:6d:aa:ca:62:87:4d:28:e0:79:4d:07:48:15:ee:0c:
e9:3f:5e:59:ef:63:54:84:fc:5b:c6:78:4f:f3:cc:b9:cd:4c:
74:d3:e8:fd:2b:05:c3:13:8b:80:b3:50:ea:8f:78:79:6b:5f:
67:97:9e:b9:89:da:b8:9a:c4:52:50:e7:24:da:b9:0b:8d:30:
0b:de:57:68
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQXwMmZQqsCDQtJ4Pic5ioFLNMcUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2OGRlNjc2ODM3ZmVhYjQ0ZTBkMTA0YmUwNDY1M2JkMmYx
ODRmMTdiY2Q0MzM3NTU0YWM5YmJkMGQ5NDcyZDU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx50da+TeSSlRkH4R6XStQWuaUZ4h/3lK4kJqDOO0cWjPJ
8nZ4k433YHGvxFJ8K9V/B9KTPUiACHt2nlo98RkPreCh3cDZEbjnO8zsXPM3oPba
j92sLasHFin4fpxeqTeVNgiqifSDp8fzFOkm5oA3D15p7rY1uR6dbht1LHqzzCt6
yzRiLgOhPug9kUMG+D3VjOCVRTzitYDFw5EAguNpT3PZ025Z8BMGtJAH2xdQjYKU
VK5EweOt+UlrCdSMAiCAqd9SBdUPTdnNsPXplPq+4Qfvrw1LQDujp801XRs5CokI
vKAvfwpqIhF3J/NiU9DfSRm6lbUjfBjEXAdhhTnRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWsnN0lbh+ie9sm+TGuZAMYhlHvMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiZjQ1NDNiLWNhY2QtNDI5ZS1hZmE4LTMwNDk3MWQ4ZjllOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCWZzANBgkqhkiG9w0BAQsFAAOCAQEAZ7FuuuB8c9x41N+oyDNrNUHt91Lj
hkm2eX639CN1yxtpFfKiu2PpTwbR6IsrJH/CudshaWNi4PdXCpuNpU2UJViAUcjA
WpuqWkDRJ04Cjl9uI3yLUJ198228OKKzUZYPAsoBwRJ3huNj2YX3PDUxUm49ctcP
ZOoXSoKr2vnTUuKHx7Kw5Z3SOunvpod1Q9lIIYsMwauZyeNK+SDLRRvRB6N1q3Fm
FpC9SPzHVwkgTkKOi22V647fbarKYodNKOB5TQdIFe4M6T9eWe9jVIT8W8Z4T/PM
uc1MdNPo/SsFwxOLgLNQ6o94eWtfZ5eeuYnauJrEUlDnJNq5C40wC95XaA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:46:43 2025 by rpki-client