Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6168394-3be1-443a-877a-2631aa1a9b31.roa
File: e6168394-3be1-443a-877a-2631aa1a9b31.roa (raw, json)
Hash identifier: c3NBJ8tPNh/KisAM0+qE5mFMC9FB1Nq9hIERK2MSAnk=
Subject key identifier: 44:BA:FD:73:87:B7:C6:96:69:7E:43:F0:1A:85:06:B6:B2:AE:EB:3A
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 41470128D027516946D1B0EC7F22139EEF651AA1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6168394-3be1-443a-877a-2631aa1a9b31.roa
Signing time: Sat 04 Jan 2025 00:00:00 +0000
ROA not before: Sat 04 Jan 2025 00:00:00 +0000
ROA not after: Sat 08 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 159.20.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:47:01:28:d0:27:51:69:46:d1:b0:ec:7f:22:13:9e:ef:65:1a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 4 00:00:00 2025 GMT
Not After : Feb 8 23:59:59 2025 GMT
Subject: serialNumber=fec188611453edcb3e6c643b94bd00fae00dd0aa89d960ffd2543ae33b33cb8b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f8:2d:2c:43:01:7c:6f:c3:b3:ec:c0:ea:02:
91:c0:36:8c:51:c3:1c:8b:73:57:14:25:6d:02:7d:
df:ae:35:a7:69:bb:5e:e2:ee:22:02:00:97:2e:07:
46:98:d9:e3:0b:93:df:ed:b1:a2:60:f8:8f:81:8f:
89:73:26:15:a7:8a:55:91:f1:8c:cf:49:5f:e2:3d:
f9:1a:b9:86:8b:f5:67:b3:f6:80:34:04:63:71:30:
4b:41:52:2b:55:19:ad:92:a6:c0:2b:51:7c:70:7d:
0f:4d:9a:e2:42:0a:61:5d:f9:dd:13:db:55:48:2c:
b2:52:6b:b9:cb:3a:a0:9a:77:c7:cd:c1:c5:92:fd:
fc:81:43:61:9d:13:5e:7e:0c:1f:c5:47:87:e1:70:
57:ae:57:5a:0e:89:02:3f:ca:af:9e:1b:28:99:ce:
69:33:bd:bc:0e:41:d7:60:23:e0:76:f0:11:d6:e7:
d3:56:24:b0:b6:ca:9e:19:2d:5b:f0:58:14:39:e3:
d1:c2:a4:b0:84:35:6f:e2:92:6e:6a:bb:a9:9f:fb:
f0:93:62:16:62:57:77:78:85:27:27:fd:ee:ce:30:
ca:0c:21:1e:a4:47:09:d7:1b:94:ae:03:47:5b:5e:
7c:ec:2d:f8:27:fa:c5:88:24:88:56:97:9a:e2:71:
a9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BA:FD:73:87:B7:C6:96:69:7E:43:F0:1A:85:06:B6:B2:AE:EB:3A
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6168394-3be1-443a-877a-2631aa1a9b31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.20.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a0:84:39:d5:e7:cd:88:6e:3d:24:02:bb:68:5f:4f:d4:37:4c:
7d:e0:bc:2d:f3:ea:7a:df:1f:ae:5f:de:93:14:0e:b9:98:d3:
8a:5a:5f:71:74:d6:50:56:2e:8f:65:84:d2:46:70:ee:da:62:
3e:0e:17:ce:e1:33:66:c8:00:a2:ff:24:2d:81:ef:0e:1d:fc:
9f:2a:bd:26:4d:1e:72:d9:c4:26:62:b4:a5:74:86:78:3d:d7:
c8:4f:43:a2:85:df:cc:e8:53:06:4f:29:59:72:b3:5f:49:58:
97:bd:cb:29:82:85:f7:90:1c:9b:02:08:33:5a:cc:67:e3:da:
31:09:c9:ef:f8:f6:cc:0e:d5:97:61:4b:53:0b:4a:ef:31:32:
67:bb:2a:a3:79:e4:90:34:27:f1:67:63:26:f2:22:24:68:92:
f6:df:e7:34:1b:0f:68:67:50:2a:49:93:8d:89:61:d0:e2:c8:
99:08:eb:8f:3d:ec:7c:0d:23:be:c2:d7:23:5a:26:17:eb:aa:
dd:5e:84:07:e8:08:71:04:28:ee:e1:2f:d1:8a:65:b8:d9:24:
c0:bf:8e:b0:bc:cc:87:a3:7c:02:7e:35:94:19:33:ff:2d:fc:
a0:64:2e:18:02:e4:ff:54:77:3c:ff:ad:f6:29:d4:a2:00:88:
f2:a1:3f:dd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQUcBKNAnUWlG0bDsfyITnu9lGqEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZWMxODg2MTE0NTNlZGNiM2U2YzY0M2I5NGJkMDBmYWUw
MGRkMGFhODlkOTYwZmZkMjU0M2FlMzNiMzNjYjhiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCw+C0sQwF8b8Oz7MDqApHANoxRwxyLc1cUJW0Cfd+uNadp
u17i7iICAJcuB0aY2eMLk9/tsaJg+I+Bj4lzJhWnilWR8YzPSV/iPfkauYaL9Wez
9oA0BGNxMEtBUitVGa2SpsArUXxwfQ9NmuJCCmFd+d0T21VILLJSa7nLOqCad8fN
wcWS/fyBQ2GdE15+DB/FR4fhcFeuV1oOiQI/yq+eGyiZzmkzvbwOQddgI+B28BHW
59NWJLC2yp4ZLVvwWBQ549HCpLCENW/ikm5qu6mf+/CTYhZiV3d4hScn/e7OMMoM
IR6kRwnXG5SuA0dbXnzsLfgn+sWIJIhWl5ricalLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURLr9c4e3xpZpfkPwGoUGtrKu6zowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U2MTY4Mzk0LTNiZTEtNDQzYS04NzdhLTI2MzFhYTFhOWIzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAefFIAwDQYJKoZIhvcNAQELBQADggEBAKCEOdXnzYhuPSQCu2hfT9Q3TH3g
vC3z6nrfH65f3pMUDrmY04paX3F01lBWLo9lhNJGcO7aYj4OF87hM2bIAKL/JC2B
7w4d/J8qvSZNHnLZxCZitKV0hng918hPQ6KF38zoUwZPKVlys19JWJe9yymChfeQ
HJsCCDNazGfj2jEJye/49swO1ZdhS1MLSu8xMme7KqN55JA0J/FnYybyIiRokvbf
5zQbD2hnUCpJk42JYdDiyJkI64897HwNI77C1yNaJhfrqt1ehAfoCHEEKO7hL9GK
ZbjZJMC/jrC8zIejfAJ+NZQZM/8t/KBkLhgC5P9Udzz/rfYp1KIAiPKhP90=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:18:00 2025 by rpki-client