Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2bc576d-48c5-49e9-a17e-2f318531bd18.roa
File: e2bc576d-48c5-49e9-a17e-2f318531bd18.roa (raw, json)
Hash identifier: hMnV+m6ajgzSFn8FJ0dl/hSyUeKbAiuwZTbDaCUhuKU=
Subject key identifier: FA:A6:A2:C1:F8:62:4F:1D:16:0A:48:3D:B9:6B:0A:10:8D:F2:34:84
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2C5597AB57577D9B0E8A613EFC2CB823D718E506
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2bc576d-48c5-49e9-a17e-2f318531bd18.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 162.120.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:55:97:ab:57:57:7d:9b:0e:8a:61:3e:fc:2c:b8:23:d7:18:e5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fc:c0:58:da:b6:a7:35:cf:38:9d:7d:75:e1:
53:d1:2c:ba:7a:fb:eb:ef:17:ac:c8:7e:a8:5d:88:
0b:05:73:3f:5a:df:51:b3:89:7e:e8:60:8b:1d:84:
e8:82:11:a7:a8:f5:29:58:ac:43:e9:ee:76:ee:b6:
0a:2a:e1:40:ac:1a:cb:62:06:56:d9:b3:ae:42:80:
26:94:57:35:6e:0c:48:0a:25:8d:4e:97:de:4b:39:
fc:e5:cd:12:a2:8f:3a:16:12:08:52:c4:94:46:07:
89:80:0c:a0:4c:e3:77:a0:21:f1:12:87:66:8b:57:
c7:26:6c:b1:db:ea:6d:cd:4e:46:14:4f:e4:23:50:
a0:41:24:34:bc:9b:6d:6e:c0:0f:0e:ee:67:9e:a0:
f4:b4:bf:f0:35:88:b0:5f:e5:f4:87:9c:62:ca:e5:
d7:3e:76:e9:c4:2e:0e:32:c2:be:c2:23:ca:0b:9a:
9b:88:3e:d1:79:f8:32:ca:06:bc:da:2b:f3:df:1c:
10:90:ac:8f:a2:ee:12:0c:c1:2a:0f:b7:38:c7:fb:
17:c6:c1:be:77:27:69:86:f9:02:34:a9:ec:36:c2:
e5:a6:80:a5:51:cc:d4:25:b5:cb:63:bc:fb:0e:23:
b0:bb:19:d5:44:5b:1b:63:d9:3e:50:9c:65:5e:b0:
f7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A6:A2:C1:F8:62:4F:1D:16:0A:48:3D:B9:6B:0A:10:8D:F2:34:84
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2bc576d-48c5-49e9-a17e-2f318531bd18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.120.52.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:df:83:bd:a9:61:09:77:ad:ee:5a:22:80:12:22:1c:3b:eb:
57:8b:03:59:60:6b:5e:b2:c3:ba:b2:73:e3:71:15:6b:97:14:
8b:dd:69:70:34:93:cc:f4:b2:2a:a3:99:87:19:28:c4:c1:0c:
04:b8:ed:20:b0:92:dd:18:c3:5a:2c:ed:47:68:c3:d9:2d:1c:
01:10:a5:dd:24:5f:5b:6f:bb:72:c9:04:b0:3f:2c:7d:34:df:
42:64:77:d7:91:56:c4:46:59:6b:2e:57:66:eb:26:88:93:00:
b9:70:1d:a9:25:a9:87:e9:51:f9:3b:4c:3d:fc:6b:63:01:ed:
7f:eb:cc:fc:0d:25:30:13:a2:dc:38:b4:f5:9e:3e:33:d8:78:
a3:15:e6:7a:cf:f3:8c:b0:3a:64:29:53:8f:43:0b:b3:42:0e:
74:07:c4:e3:35:20:12:07:db:aa:f7:49:32:4a:94:e4:e1:73:
f4:c1:b8:a2:98:28:36:81:f3:7b:f8:5e:f1:22:25:e0:29:c3:
dd:bc:b9:ad:cc:9f:b3:7e:d3:46:b6:84:1a:e1:f7:96:e2:17:
8c:5d:20:f3:56:b5:83:b1:37:68:1c:18:50:50:70:73:f2:4a:
f0:ee:b7:67:2e:c6:e6:67:49:4a:95:b3:a9:78:e5:fa:0b:14:
9f:c3:4c:25
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULFWXq1dXfZsOimE+/Cy4I9cY5QYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYjZjNDZkZGZhNjU5MTMyOWVjNzJhZDljZTRjMWE3YjA5
YjIwYWQwZDY5NDViNzVlMDJhNjBlZWI3NmEzMjAxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr/MBY2ranNc84nX114VPRLLp6++vvF6zIfqhdiAsFcz9a
31GziX7oYIsdhOiCEaeo9SlYrEPp7nbutgoq4UCsGstiBlbZs65CgCaUVzVuDEgK
JY1Ol95LOfzlzRKijzoWEghSxJRGB4mADKBM43egIfESh2aLV8cmbLHb6m3NTkYU
T+QjUKBBJDS8m21uwA8O7meeoPS0v/A1iLBf5fSHnGLK5dc+dunELg4ywr7CI8oL
mpuIPtF5+DLKBrzaK/PfHBCQrI+i7hIMwSoPtzjH+xfGwb53J2mG+QI0qew2wuWm
gKVRzNQltctjvPsOI7C7GdVEWxtj2T5QnGVesPdnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+qaiwfhiTx0WCkg9uWsKEI3yNIQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyYmM1NzZkLTQ4YzUtNDllOS1hMTdlLTJmMzE4NTMxYmQxOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKieDQwDQYJKoZIhvcNAQELBQADggEBAMLfg72pYQl3re5aIoASIhw761eL
A1lga16yw7qyc+NxFWuXFIvdaXA0k8z0siqjmYcZKMTBDAS47SCwkt0Yw1os7Udo
w9ktHAEQpd0kX1tvu3LJBLA/LH0030Jkd9eRVsRGWWsuV2brJoiTALlwHaklqYfp
Ufk7TD38a2MB7X/rzPwNJTATotw4tPWePjPYeKMV5nrP84ywOmQpU49DC7NCDnQH
xOM1IBIH26r3STJKlOThc/TBuKKYKDaB83v4XvEiJeApw928ua3Mn7N+00a2hBrh
95biF4xdIPNWtYOxN2gcGFBQcHPySvDut2cuxuZnSUqVs6l45foLFJ/DTCU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:12 2025 by rpki-client