Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da1bf172-6d7a-4583-b263-a73e53091135.roa
File: da1bf172-6d7a-4583-b263-a73e53091135.roa (raw, json)
Hash identifier: 3SVZVkZ/S4vp+9iRk70KDqYOPJ8ZAIsufWVb4KythDE=
Subject key identifier: 53:27:EC:25:5A:A2:65:CE:25:99:61:2C:17:23:D4:D0:98:CA:A7:82
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7032606F78DA7D00548038CE7340573EAF0B94B1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da1bf172-6d7a-4583-b263-a73e53091135.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 209.128.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:32:60:6f:78:da:7d:00:54:80:38:ce:73:40:57:3e:af:0b:94:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=59d195d9f57a5128d9f1f7f56795c15f73f77e61782bb3a9f5552ab5a54b105f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3b:ae:cb:4b:5a:bc:28:7e:8f:1d:4d:20:e7:
9e:e5:92:27:2e:b1:bc:c0:86:c2:07:8c:26:98:e5:
0c:a1:fe:c9:49:5f:66:59:c7:c2:00:48:2d:fd:b9:
b0:3f:22:55:3b:7d:26:56:42:8e:82:6a:11:08:b6:
00:83:69:74:f6:ef:eb:cb:1a:78:5e:28:88:50:a4:
a7:aa:3e:a1:ae:6e:cf:31:20:6a:b3:33:77:0e:f0:
40:00:30:2a:b4:fe:b4:4a:1b:54:10:89:6c:e7:79:
95:fa:ad:75:ac:b3:bd:05:52:d8:8b:76:e2:1d:df:
eb:6a:c4:56:6d:c2:ea:ae:e3:f7:cf:0f:02:a3:a4:
63:2a:c3:ba:18:62:ef:65:ea:cf:ac:4c:63:a1:88:
5c:02:7c:dc:99:84:23:63:d5:9d:bf:a2:c4:86:e3:
9c:78:a9:ad:df:70:db:3d:34:23:d4:d9:3e:59:13:
eb:e7:61:4a:eb:8b:a5:60:7f:b3:a8:90:ae:a1:db:
35:ad:54:fb:35:18:c0:03:b4:12:8b:26:ab:81:b4:
14:8c:78:00:cc:02:75:74:93:b7:56:ea:8d:75:03:
d1:31:c9:8c:e0:33:cb:ed:f2:04:1d:e5:6e:64:a2:
bf:a7:0d:b4:75:18:d5:20:b3:5e:5e:94:96:c9:01:
82:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:27:EC:25:5A:A2:65:CE:25:99:61:2C:17:23:D4:D0:98:CA:A7:82
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da1bf172-6d7a-4583-b263-a73e53091135.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.128.128.0/18
Signature Algorithm: sha256WithRSAEncryption
c0:dd:e8:b4:a4:6d:75:ea:d3:51:13:47:04:db:39:8b:31:a0:
64:35:77:aa:b8:69:d7:0f:fb:07:09:04:a3:c8:a2:7e:c6:f3:
f5:c4:d6:38:f1:e4:00:b4:c0:5b:99:76:71:ed:90:e5:d6:f0:
f0:06:bc:4a:2b:bb:7c:02:4a:0e:d8:0b:0a:46:91:3c:64:b2:
ff:0a:ec:b8:b3:94:56:22:e0:44:b6:c3:d2:c7:3d:d0:db:3a:
d7:1a:3d:11:6f:b5:f4:ef:7d:21:ef:a3:b5:6f:3b:53:64:a2:
e2:dc:26:19:46:27:4a:b3:41:7c:1c:68:89:eb:ca:eb:e7:45:
74:fb:34:9e:1e:35:e1:b8:fb:87:c5:da:02:71:03:9b:48:7f:
ce:6c:fc:f6:62:76:62:78:f8:35:47:e6:33:93:0d:53:76:f1:
a9:b8:4c:4d:d1:c2:e2:25:fe:b9:01:04:bb:f0:f6:73:e3:40:
c2:70:78:8d:26:84:af:7e:6f:29:ca:26:8a:f3:c5:06:6a:20:
c5:30:56:30:24:21:26:4e:3b:3e:eb:c2:a4:1d:6b:35:8a:d8:
00:3f:99:7d:dd:38:5c:5b:61:4f:5e:ab:f8:54:20:56:de:40:
b4:d9:14:59:cb:14:2c:b5:a5:e7:63:da:9d:90:c8:7a:4c:7e:
45:d4:fa:dd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcDJgb3jafQBUgDjOc0BXPq8LlLEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OWQxOTVkOWY1N2E1MTI4ZDlmMWY3ZjU2Nzk1YzE1Zjcz
Zjc3ZTYxNzgyYmIzYTlmNTU1MmFiNWE1NGIxMDVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/O67LS1q8KH6PHU0g557lkicusbzAhsIHjCaY5Qyh/slJ
X2ZZx8IASC39ubA/IlU7fSZWQo6CahEItgCDaXT27+vLGnheKIhQpKeqPqGubs8x
IGqzM3cO8EAAMCq0/rRKG1QQiWzneZX6rXWss70FUtiLduId3+tqxFZtwuqu4/fP
DwKjpGMqw7oYYu9l6s+sTGOhiFwCfNyZhCNj1Z2/osSG45x4qa3fcNs9NCPU2T5Z
E+vnYUrri6Vgf7OokK6h2zWtVPs1GMADtBKLJquBtBSMeADMAnV0k7dW6o11A9Ex
yYzgM8vt8gQd5W5kor+nDbR1GNUgs15elJbJAYKDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUyfsJVqiZc4lmWEsFyPU0JjKp4IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhMWJmMTcyLTZkN2EtNDU4My1iMjYzLWE3M2U1MzA5MTEzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbRgIAwDQYJKoZIhvcNAQELBQADggEBAMDd6LSkbXXq01ETRwTbOYsxoGQ1
d6q4adcP+wcJBKPIon7G8/XE1jjx5AC0wFuZdnHtkOXW8PAGvEoru3wCSg7YCwpG
kTxksv8K7LizlFYi4ES2w9LHPdDbOtcaPRFvtfTvfSHvo7VvO1NkouLcJhlGJ0qz
QXwcaInryuvnRXT7NJ4eNeG4+4fF2gJxA5tIf85s/PZidmJ4+DVH5jOTDVN28am4
TE3RwuIl/rkBBLvw9nPjQMJweI0mhK9+bynKJorzxQZqIMUwVjAkISZOOz7rwqQd
azWK2AA/mX3dOFxbYU9eq/hUIFbeQLTZFFnLFCy1pedj2p2QyHpMfkXU+t0=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:17:59 2025 by rpki-client