Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e35df194-4ab3-4686-afd6-3cde09358c2e.roa
File: e35df194-4ab3-4686-afd6-3cde09358c2e.roa (raw, json)
Hash identifier: B3BE6tfXr/zRTiAgbCdVVzNddlQwk+nEvjGJ1ryftZ8=
Subject key identifier: 4A:D7:78:47:FE:6A:75:58:B7:09:63:88:53:DA:E3:C3:4A:D1:0B:95
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6DE8334A6D4E87552EB95B3B25955D4AC6E84FDD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e35df194-4ab3-4686-afd6-3cde09358c2e.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.170.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:e8:33:4a:6d:4e:87:55:2e:b9:5b:3b:25:95:5d:4a:c6:e8:4f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=ac028dbafc3d319b29a88e3f9c23d10a3144815c9114bbfee44487cb770286e4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4c:60:62:7d:da:2d:f8:2b:10:6d:d5:0e:05:
7a:8e:e4:bd:84:a2:a6:27:e7:bb:ba:51:83:09:36:
e6:99:ff:b0:c6:d7:99:82:28:d4:99:72:9f:1a:64:
e5:ba:8d:ae:8c:f5:2e:12:2c:57:33:2b:c6:de:3c:
f6:fc:77:ad:ed:1a:7c:6c:f1:11:38:41:37:0f:31:
78:a5:4a:46:fc:9c:f7:65:1e:ec:63:43:ba:ba:ee:
12:28:26:23:2f:33:05:ce:17:25:b0:cf:e7:6b:66:
bf:e4:15:6f:2a:97:09:a2:52:c4:34:4a:ef:27:7f:
04:4c:25:80:6d:91:e8:2e:de:db:31:b5:62:69:8f:
28:c5:7d:62:f6:42:82:b0:5f:60:ce:b9:41:f2:38:
b7:d7:90:da:d2:dd:86:18:3c:5a:3e:24:db:40:86:
41:d2:71:b5:7f:2a:19:9d:9f:09:e7:ef:90:5c:aa:
7f:ca:88:01:8c:d5:1f:b1:35:fb:8c:c8:0e:a3:07:
d4:51:5b:19:fd:71:dd:2d:a2:2d:78:33:d7:9a:e2:
51:2b:9e:83:e9:20:ef:d9:54:63:ed:f9:b5:94:74:
c6:0e:42:17:8e:92:67:c1:ba:b5:ae:a6:95:9a:4b:
4b:3a:6d:6c:33:73:e7:89:ba:46:78:6b:0c:28:61:
68:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D7:78:47:FE:6A:75:58:B7:09:63:88:53:DA:E3:C3:4A:D1:0B:95
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e35df194-4ab3-4686-afd6-3cde09358c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.170.0.0/15
Signature Algorithm: sha256WithRSAEncryption
39:c2:ba:9d:8d:74:d4:6c:be:1b:ea:42:28:39:4f:93:87:1c:
8e:93:1a:85:98:33:f9:00:a9:ed:f3:91:45:a6:a0:c8:7c:71:
af:03:51:86:60:07:59:b5:59:43:68:aa:0f:eb:25:a2:87:88:
71:83:b3:48:63:49:4a:b5:ce:3c:5d:44:4f:5d:8d:57:cb:50:
f2:40:f8:c4:4b:b4:be:44:21:d6:17:34:79:2f:cf:63:61:60:
2d:4d:05:4e:ca:5a:78:1b:51:0b:3f:bf:16:f7:a3:22:46:f4:
6b:19:7a:8e:c2:52:5f:48:05:bc:2e:17:2c:01:a9:a5:7d:a7:
88:17:df:7e:07:bc:db:c1:fb:23:b5:b1:74:4d:3b:a9:28:ae:
b1:03:9f:fc:a0:82:62:ee:55:05:2f:e4:7c:3e:fd:16:e0:82:
56:ab:e8:b0:5b:e2:83:fb:6c:7e:94:a7:00:dd:ac:fa:6c:d8:
c6:11:27:35:c0:04:c2:1a:2b:4b:48:72:84:70:90:97:7c:75:
49:9f:af:c5:4d:31:1d:5c:32:d1:70:e1:68:72:60:0e:d8:c1:
3b:65:70:fe:8c:b2:5b:3a:6c:5a:69:4e:fd:3d:5d:10:57:ce:
94:e1:bb:d8:3e:f1:b2:67:69:5f:fc:6c:18:95:7d:dc:50:36:
f9:80:cd:05
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbegzSm1Oh1UuuVs7JZVdSsboT90wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzAyOGRiYWZjM2QzMTliMjlhODhlM2Y5YzIzZDEwYTMx
NDQ4MTVjOTExNGJiZmVlNDQ0ODdjYjc3MDI4NmU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcTGBifdot+CsQbdUOBXqO5L2EoqYn57u6UYMJNuaZ/7DG
15mCKNSZcp8aZOW6ja6M9S4SLFczK8bePPb8d63tGnxs8RE4QTcPMXilSkb8nPdl
HuxjQ7q67hIoJiMvMwXOFyWwz+drZr/kFW8qlwmiUsQ0Su8nfwRMJYBtkegu3tsx
tWJpjyjFfWL2QoKwX2DOuUHyOLfXkNrS3YYYPFo+JNtAhkHScbV/Khmdnwnn75Bc
qn/KiAGM1R+xNfuMyA6jB9RRWxn9cd0toi14M9ea4lErnoPpIO/ZVGPt+bWUdMYO
QheOkmfBurWuppWaS0s6bWwzc+eJukZ4awwoYWhlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUStd4R/5qdVi3CWOIU9rjw0rRC5UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UzNWRmMTk0LTRhYjMtNDY4Ni1hZmQ2LTNjZGUwOTM1OGMyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQqjANBgkqhkiG9w0BAQsFAAOCAQEAOcK6nY101Gy+G+pCKDlPk4ccjpMa
hZgz+QCp7fORRaagyHxxrwNRhmAHWbVZQ2iqD+slooeIcYOzSGNJSrXOPF1ET12N
V8tQ8kD4xEu0vkQh1hc0eS/PY2FgLU0FTspaeBtRCz+/FvejIkb0axl6jsJSX0gF
vC4XLAGppX2niBfffge828H7I7WxdE07qSiusQOf/KCCYu5VBS/kfD79FuCCVqvo
sFvig/tsfpSnAN2s+mzYxhEnNcAEwhorS0hyhHCQl3x1SZ+vxU0xHVwy0XDhaHJg
DtjBO2Vw/oyyWzpsWmlO/T1dEFfOlOG72D7xsmdpX/xsGJV93FA2+YDNBQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:24 2025 by rpki-client