Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1ec8f96-4d98-4f77-8779-9e1c5c72b28c.roa
File: d1ec8f96-4d98-4f77-8779-9e1c5c72b28c.roa (raw, json)
Hash identifier: BkthehAObFwYVo12uxtikQsz0xtBFl9D6QKQkrwlOv8=
Subject key identifier: 63:4F:77:C7:DD:16:42:E5:ED:A8:D8:46:71:78:6B:7D:07:82:02:79
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 026588200F23606A7367F617601B6276DEBC0A1F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1ec8f96-4d98-4f77-8779-9e1c5c72b28c.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 75.2.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:65:88:20:0f:23:60:6a:73:67:f6:17:60:1b:62:76:de:bc:0a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=f3a663eb1c3e8a9cff37ef27b4011c0d7bc6dc52e121169d1935d1af872f8a36, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0d:e2:77:53:6b:6b:08:d1:ce:a9:28:73:db:
b0:3a:5d:ab:04:db:e1:fe:7b:e5:c2:07:f6:1f:e2:
ee:ee:20:65:7a:dc:2e:33:46:9f:89:4b:d0:f5:98:
93:bf:e5:d8:93:58:1a:ae:a6:6b:a7:17:7f:db:9e:
14:82:ed:03:b3:2a:d5:37:3d:0c:36:fb:0b:09:0f:
02:50:84:1d:ea:b8:8b:2e:ee:bf:86:5a:16:92:ae:
aa:57:92:40:e5:d8:14:eb:5f:a2:ef:3f:47:da:00:
ed:d3:7a:a6:37:76:fb:85:31:e2:59:9f:71:95:44:
4e:81:92:22:bb:3d:da:80:aa:56:2b:e3:a9:83:30:
6b:72:fb:d6:11:5c:e3:31:d9:22:b1:a5:45:8e:c9:
1d:1d:ae:ae:01:16:9b:1a:15:4d:0c:4e:61:eb:d0:
cc:1b:20:ad:6e:66:d4:f9:c3:b1:81:b4:97:28:93:
3e:a8:59:03:1b:4a:26:da:51:4c:c3:93:82:4d:d5:
37:f9:fd:56:62:45:a8:26:25:4e:73:0e:27:bb:b5:
ee:4a:8e:94:36:9a:90:d8:8b:40:6b:e2:0d:8f:a4:
2d:04:4b:8c:cd:74:6e:02:1c:a6:4d:36:62:b2:7a:
a3:20:5f:3d:6d:b6:ae:34:47:ef:70:9a:e3:52:c5:
1d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4F:77:C7:DD:16:42:E5:ED:A8:D8:46:71:78:6B:7D:07:82:02:79
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1ec8f96-4d98-4f77-8779-9e1c5c72b28c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
75.2.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a2:f7:ab:bd:8a:1e:06:16:a8:e3:28:5c:97:2d:84:dd:92:54:
fe:88:97:96:0c:1f:74:77:bc:fc:9b:5f:45:41:ef:44:ac:d3:
32:af:b9:1f:a1:c9:12:5d:1b:33:9c:3c:44:9b:20:2f:15:6c:
7a:00:64:51:43:11:37:85:7e:d0:d5:87:08:df:8d:5c:0a:48:
78:58:ab:e0:67:ce:27:64:72:ed:f3:7f:79:1e:c1:ea:3d:1e:
8a:02:43:3f:40:c0:20:ad:9a:5d:49:7a:e1:6c:a0:75:4f:11:
60:cd:df:16:59:f2:ff:22:0d:45:39:94:1f:fb:ba:ef:4b:61:
34:de:ba:d0:e6:f0:24:e8:1e:9f:52:32:71:08:ca:f5:fe:16:
82:6f:05:e4:20:5a:d1:ba:d6:47:06:b2:c3:b9:db:2f:2f:ed:
91:22:83:55:f7:3f:a8:07:24:8a:00:4c:3f:ce:81:60:5f:66:
24:3d:64:4d:4c:f2:88:52:08:c2:ec:71:84:66:22:01:18:1e:
a6:e4:9f:78:50:7a:ee:10:4f:8d:27:d0:0d:7a:e5:37:34:95:
40:86:e8:bf:54:1c:18:98:7d:fb:e8:29:7b:ae:4c:c2:34:eb:
49:8f:1d:dd:bc:46:f0:e0:3d:01:ef:ca:25:20:68:9e:50:b1:
c6:ca:a8:6e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAmWIIA8jYGpzZ/YXYBtidt68Ch8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2E2NjNlYjFjM2U4YTljZmYzN2VmMjdiNDAxMWMwZDdi
YzZkYzUyZTEyMTE2OWQxOTM1ZDFhZjg3MmY4YTM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkDeJ3U2trCNHOqShz27A6XasE2+H+e+XCB/Yf4u7uIGV6
3C4zRp+JS9D1mJO/5diTWBqupmunF3/bnhSC7QOzKtU3PQw2+wsJDwJQhB3quIsu
7r+GWhaSrqpXkkDl2BTrX6LvP0faAO3TeqY3dvuFMeJZn3GVRE6BkiK7PdqAqlYr
46mDMGty+9YRXOMx2SKxpUWOyR0drq4BFpsaFU0MTmHr0MwbIK1uZtT5w7GBtJco
kz6oWQMbSibaUUzDk4JN1Tf5/VZiRagmJU5zDie7te5KjpQ2mpDYi0Br4g2PpC0E
S4zNdG4CHKZNNmKyeqMgXz1ttq40R+9wmuNSxR2PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUY093x90WQuXtqNhGcXhrfQeCAnkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxZWM4Zjk2LTRkOTgtNGY3Ny04Nzc5LTllMWM1YzcyYjI4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdLAgAwDQYJKoZIhvcNAQELBQADggEBAKL3q72KHgYWqOMoXJcthN2SVP6I
l5YMH3R3vPybX0VB70Ss0zKvuR+hyRJdGzOcPESbIC8VbHoAZFFDETeFftDVhwjf
jVwKSHhYq+Bnzidkcu3zf3keweo9HooCQz9AwCCtml1JeuFsoHVPEWDN3xZZ8v8i
DUU5lB/7uu9LYTTeutDm8CToHp9SMnEIyvX+FoJvBeQgWtG61kcGssO52y8v7ZEi
g1X3P6gHJIoATD/OgWBfZiQ9ZE1M8ohSCMLscYRmIgEYHqbkn3hQeu4QT40n0A16
5Tc0lUCG6L9UHBiYffvoKXuuTMI060mPHd28RvDgPQHvyiUgaJ5QscbKqG4=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:52:16 2025 by rpki-client