Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9e321e9-0909-459c-b9de-353e6d3efe6a.roa
File: d9e321e9-0909-459c-b9de-353e6d3efe6a.roa (raw, json)
Hash identifier: +siqalMDl/zgIy+0EP3I8ZbgZscqyHGPlWH5efltZ7g=
Subject key identifier: A0:0B:39:89:85:00:91:80:88:8B:46:C0:44:E3:8F:D7:8A:60:8E:F1
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3282A5046ABAAADED3211CFC61DA1C50ACF6B4A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9e321e9-0909-459c-b9de-353e6d3efe6a.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 71.141.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:82:a5:04:6a:ba:aa:de:d3:21:1c:fc:61:da:1c:50:ac:f6:b4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:06:a9:6a:04:8f:b6:4e:2a:2e:c9:7e:2f:12:
5c:88:be:32:20:85:8a:7b:63:6e:d6:ad:02:58:d9:
a4:3b:af:10:51:2a:0b:55:16:65:6c:bc:8d:16:d6:
55:46:d1:de:83:dd:c5:11:1a:da:24:b7:cb:7d:55:
3b:a9:3c:ae:80:d9:7a:7a:d5:a9:6b:13:1f:c9:7d:
5e:c8:26:c6:3e:ea:3c:e8:41:36:60:5d:f0:97:b8:
71:ed:c9:85:aa:70:1c:35:81:f0:84:c0:14:b2:dd:
64:19:01:88:0d:93:7e:73:3e:6f:e9:4b:2d:68:14:
6b:7a:cd:67:1f:bb:5f:3d:37:c4:27:ec:de:ab:1e:
37:02:f2:5b:56:4d:ae:2e:31:90:56:51:f1:57:9c:
fa:a2:f9:6e:3a:df:92:69:6e:6e:ee:44:e6:e4:3e:
5d:d2:30:60:f0:8f:64:69:7f:c2:89:fd:06:31:95:
aa:93:e3:e7:03:40:08:7f:05:6e:6b:04:42:0b:a6:
4c:af:f6:f5:90:73:3b:cb:a4:6d:27:2a:cf:c4:cc:
26:5a:b1:33:40:f7:8c:35:da:01:e2:ff:12:f8:06:
f0:6a:dd:3a:59:23:f3:52:90:7d:52:61:a2:ab:19:
11:4b:f3:48:6f:29:74:e0:f8:fd:76:1a:82:7d:7e:
0c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0B:39:89:85:00:91:80:88:8B:46:C0:44:E3:8F:D7:8A:60:8E:F1
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9e321e9-0909-459c-b9de-353e6d3efe6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
71.141.8.0/21
Signature Algorithm: sha256WithRSAEncryption
39:59:74:a0:20:03:37:b8:05:9f:c9:98:6e:0a:6e:dc:90:30:
b4:13:1b:ac:77:0f:2d:af:80:74:a7:e9:e8:00:5c:56:d6:af:
b6:56:17:d9:1c:c9:5a:d5:91:90:54:a1:2e:22:39:73:27:cb:
cf:d0:26:b6:6d:77:e3:7b:04:36:49:40:58:c1:2d:ab:81:44:
b4:7e:3b:2f:80:b0:8d:2b:a3:74:6c:f2:13:c8:e9:68:6b:fc:
4b:00:60:cc:e2:f4:5c:b3:ad:7e:24:46:e0:b1:09:e4:6b:8d:
69:eb:df:dd:45:82:c8:e7:f7:3b:bb:54:cc:ba:e7:f1:c4:53:
0e:09:d4:af:1a:53:d0:21:3a:00:d9:e4:76:bb:62:01:23:8c:
c2:84:f0:c9:87:12:a7:b1:ba:15:a6:58:ce:5b:33:e4:9d:2d:
33:ba:45:6f:17:d0:ab:12:1b:9d:b3:84:6c:49:cf:c0:5e:d8:
79:19:3b:f2:3c:c3:a1:0e:01:a3:7f:77:55:20:42:69:ee:0a:
61:fa:1a:10:77:dd:a6:25:df:32:42:e7:9b:70:d2:31:87:cb:
cf:e9:2b:b5:d3:81:05:d9:1d:c9:e9:5c:44:d0:80:0a:e8:3e:
ce:c8:c3:d8:95:8d:9c:4b:e0:08:b1:09:ea:f0:7a:1e:fc:0e:
8e:52:1b:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMoKlBGq6qt7TIRz8YdocUKz2tKgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNzI1NDgzMTAzNGM2YTA3NjkwNjY1YjAyZjA4NmUwMThm
NTc3MzQ1YTIyNzBhOTlkOTM0ODc5ODY4N2Q0YjM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDwBqlqBI+2TiouyX4vElyIvjIghYp7Y27WrQJY2aQ7rxBR
KgtVFmVsvI0W1lVG0d6D3cURGtokt8t9VTupPK6A2Xp61alrEx/JfV7IJsY+6jzo
QTZgXfCXuHHtyYWqcBw1gfCEwBSy3WQZAYgNk35zPm/pSy1oFGt6zWcfu189N8Qn
7N6rHjcC8ltWTa4uMZBWUfFXnPqi+W4635Jpbm7uRObkPl3SMGDwj2Rpf8KJ/QYx
laqT4+cDQAh/BW5rBEILpkyv9vWQczvLpG0nKs/EzCZasTNA94w12gHi/xL4BvBq
3TpZI/NSkH1SYaKrGRFL80hvKXTg+P12GoJ9fgyvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoAs5iYUAkYCIi0bAROOP14pgjvEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q5ZTMyMWU5LTA5MDktNDU5Yy1iOWRlLTM1M2U2ZDNlZmU2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANHjQgwDQYJKoZIhvcNAQELBQADggEBADlZdKAgAze4BZ/JmG4KbtyQMLQT
G6x3Dy2vgHSn6egAXFbWr7ZWF9kcyVrVkZBUoS4iOXMny8/QJrZtd+N7BDZJQFjB
LauBRLR+Oy+AsI0ro3Rs8hPI6Whr/EsAYMzi9FyzrX4kRuCxCeRrjWnr391Fgsjn
9zu7VMy65/HEUw4J1K8aU9AhOgDZ5Ha7YgEjjMKE8MmHEqexuhWmWM5bM+SdLTO6
RW8X0KsSG52zhGxJz8Be2HkZO/I8w6EOAaN/d1UgQmnuCmH6GhB33aYl3zJC55tw
0jGHy8/pK7XTgQXZHcnpXETQgAroPs7Iw9iVjZxL4AixCerweh78Do5SGw8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:34 2025 by rpki-client