Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ccb04f37-eff7-4e67-b76f-0e9fea5e465a.roa
File: ccb04f37-eff7-4e67-b76f-0e9fea5e465a.roa (raw, json)
Hash identifier: D2a0+9WXKpzo+w1WG47IgbKYc9ttoYxGL4SfkOt4y+s=
Subject key identifier: 34:AB:29:9B:43:02:00:A3:0F:C1:E6:22:F7:D0:BA:DB:E8:9B:C3:CB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 348E65A2259D366DDEE84824CC065DCEE05ADC71
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ccb04f37-eff7-4e67-b76f-0e9fea5e465a.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 64.59.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8e:65:a2:25:9d:36:6d:de:e8:48:24:cc:06:5d:ce:e0:5a:dc:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=c3dcc8c3893ef1200002c0978a452dcf0dff49fdc8648db68af105aa638302ec, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7e:af:cc:49:22:7a:47:34:07:3f:d6:ef:45:
60:5f:59:d2:26:53:b8:f9:b4:ac:5c:8d:50:28:78:
b8:05:20:2d:2f:c4:7f:7a:2a:aa:d8:24:9f:d8:ab:
61:e6:6e:04:da:0d:8d:fd:e9:6e:e5:5b:3f:49:b0:
74:5d:d2:0f:fb:3f:da:f5:59:01:1e:a6:3c:28:2b:
61:b6:72:b1:ee:5e:18:d6:98:d7:79:7c:00:cc:91:
dc:6c:58:d9:4c:41:ac:c0:05:f0:e6:98:c4:0a:78:
70:0a:33:aa:fe:6f:9b:84:8b:8d:65:c3:14:7b:6d:
54:1e:75:85:48:ef:04:1d:8c:7d:5c:a3:ad:a2:e4:
37:7d:bf:8b:a0:5c:91:5f:dc:73:5e:c6:63:09:af:
24:69:de:67:65:85:66:a5:22:63:06:ab:d7:0d:5c:
b0:ed:6b:aa:f1:1e:b6:89:1e:35:2b:8a:92:ad:a5:
73:42:50:ec:9f:73:4b:d2:a3:53:86:66:47:62:a9:
df:52:69:92:e5:19:8e:74:a1:02:fc:e5:f9:25:2d:
de:24:5e:f1:2a:1b:b8:80:47:47:5a:6f:10:42:7e:
2d:94:36:8e:ad:8e:af:0d:1c:51:20:2f:07:be:48:
79:6c:ac:5c:ba:d0:34:25:7b:33:cf:d1:e7:39:26:
db:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AB:29:9B:43:02:00:A3:0F:C1:E6:22:F7:D0:BA:DB:E8:9B:C3:CB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ccb04f37-eff7-4e67-b76f-0e9fea5e465a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.59.0.0/18
Signature Algorithm: sha256WithRSAEncryption
1b:50:5c:f5:bd:a7:2d:5e:ea:b2:85:e4:5f:61:a5:1f:b5:5e:
17:ae:d0:00:50:08:df:02:ac:c7:66:30:69:fc:40:0c:97:23:
a1:cf:90:59:f8:3d:bc:65:69:16:f5:38:32:37:ca:3a:c2:f4:
30:68:96:b5:38:38:d8:58:fc:96:65:eb:c2:2b:67:be:80:c2:
6d:2a:61:fe:d6:82:ec:27:40:7f:b1:0e:28:6a:37:d6:01:96:
98:7d:0d:6b:ca:2f:c2:bf:c0:32:f1:e4:cc:7d:9a:7c:41:ac:
1c:24:1d:4b:61:32:4b:de:dd:23:ef:b5:f4:db:1c:9a:35:24:
01:5b:74:89:5d:d7:25:8c:6f:f1:6b:82:36:ef:f2:0e:5d:01:
13:a5:2d:37:db:86:bb:7e:e9:ee:85:a6:9b:2d:70:b6:a7:4b:
9c:e9:3e:8a:8a:25:bc:b0:5a:20:d0:4f:00:d5:6c:e3:03:65:
9b:71:7a:f8:e1:c5:16:f8:ad:b9:40:65:f6:83:84:73:18:f7:
5b:19:1d:e0:c1:e6:df:f8:0c:92:fc:e3:a5:82:15:40:64:bb:
ee:11:bf:c6:db:d7:6b:71:b5:d1:9f:b0:27:a5:ea:81:52:4c:
c0:e5:6f:fa:1c:2b:c5:36:92:08:71:8f:ba:16:5e:8e:3b:cb:
00:e7:97:89
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNI5loiWdNm3e6EgkzAZdzuBa3HEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjM2RjYzhjMzg5M2VmMTIwMDAwMmMwOTc4YTQ1MmRjZjBk
ZmY0OWZkYzg2NDhkYjY4YWYxMDVhYTYzODMwMmVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzfq/MSSJ6RzQHP9bvRWBfWdImU7j5tKxcjVAoeLgFIC0v
xH96KqrYJJ/Yq2HmbgTaDY396W7lWz9JsHRd0g/7P9r1WQEepjwoK2G2crHuXhjW
mNd5fADMkdxsWNlMQazABfDmmMQKeHAKM6r+b5uEi41lwxR7bVQedYVI7wQdjH1c
o62i5Dd9v4ugXJFf3HNexmMJryRp3mdlhWalImMGq9cNXLDta6rxHraJHjUripKt
pXNCUOyfc0vSo1OGZkdiqd9SaZLlGY50oQL85fklLd4kXvEqG7iAR0dabxBCfi2U
No6tjq8NHFEgLwe+SHlsrFy60DQlezPP0ec5JtvvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNKspm0MCAKMPweYi99C62+ibw8swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NjYjA0ZjM3LWVmZjctNGU2Ny1iNzZmLTBlOWZlYTVlNDY1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZAOwAwDQYJKoZIhvcNAQELBQADggEBABtQXPW9py1e6rKF5F9hpR+1Xheu
0ABQCN8CrMdmMGn8QAyXI6HPkFn4PbxlaRb1ODI3yjrC9DBolrU4ONhY/JZl68Ir
Z76Awm0qYf7WguwnQH+xDihqN9YBlph9DWvKL8K/wDLx5Mx9mnxBrBwkHUthMkve
3SPvtfTbHJo1JAFbdIld1yWMb/Frgjbv8g5dAROlLTfbhrt+6e6FppstcLanS5zp
PoqKJbywWiDQTwDVbOMDZZtxevjhxRb4rblAZfaDhHMY91sZHeDB5t/4DJL846WC
FUBku+4Rv8bb12txtdGfsCel6oFSTMDlb/ocK8U2kghxj7oWXo47ywDnl4k=
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:23:24 2025 by rpki-client