Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9b0f33a-c51f-4a0a-b70c-babe43bf0426.roa
File: e9b0f33a-c51f-4a0a-b70c-babe43bf0426.roa (raw, json)
Hash identifier: 0f23Z1JqB1EC5th7Gl0RfZMEnO19K9BspbOHYAj+2G8=
Subject key identifier: B2:8C:2E:B3:24:FE:51:8B:32:C6:97:F1:02:F5:4D:A8:BD:5E:F2:30
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 340819729E98CFF7CDF861CD52DEF234D9D873FA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9b0f33a-c51f-4a0a-b70c-babe43bf0426.roa
Signing time: Sat 21 Dec 2024 00:00:00 +0000
ROA not before: Sat 21 Dec 2024 00:00:00 +0000
ROA not after: Sat 25 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 20.142.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:08:19:72:9e:98:cf:f7:cd:f8:61:cd:52:de:f2:34:d9:d8:73:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 21 00:00:00 2024 GMT
Not After : Jan 25 23:59:59 2025 GMT
Subject: serialNumber=0dff7f678055002eab849b8ecc785663bedef705c4cf381c6670c29c6234be4c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:a9:34:11:71:69:59:f6:61:45:d7:a6:83:
95:f7:6f:36:b3:37:76:2e:d5:64:3d:78:4e:a4:4b:
1a:72:e7:1e:23:69:e3:11:46:2d:0a:ea:7f:de:a9:
77:dc:a3:db:3d:ac:2f:2c:b2:2b:d0:03:56:ec:7b:
d2:6a:bd:5e:f3:f1:a1:82:09:49:4c:6c:5d:41:51:
9d:70:2a:1d:11:a2:5a:4c:74:c9:83:93:47:6b:57:
8f:e8:2a:20:c7:22:ad:27:c9:4f:c0:3e:58:d5:1c:
08:ed:2f:c0:5c:46:9c:b6:f6:d1:35:16:0d:f6:e2:
d7:fa:0e:13:4c:06:f6:2a:3b:e1:db:62:8a:cf:e9:
a7:72:81:9e:62:d4:25:f0:a1:64:e2:78:a1:37:b5:
05:71:0f:ab:a4:92:45:c1:d6:6d:4e:ca:21:9d:90:
4c:33:f4:dc:17:3b:49:4f:ed:1a:1a:b7:c7:62:6d:
7f:8c:57:77:19:52:59:e5:f8:34:e3:f8:9a:c9:e3:
0d:bf:bc:b5:63:cf:82:ce:bc:62:e8:e5:4e:b4:0e:
1e:fb:94:ba:ed:fc:d1:48:de:76:ab:97:54:b6:4d:
3b:f4:1b:f6:8c:27:c2:0b:ed:62:b3:8a:a7:3b:2c:
ff:1d:d6:61:9d:e9:99:4b:16:c5:e7:7e:d6:09:23:
97:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:8C:2E:B3:24:FE:51:8B:32:C6:97:F1:02:F5:4D:A8:BD:5E:F2:30
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9b0f33a-c51f-4a0a-b70c-babe43bf0426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
20.142.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:71:7a:55:1b:19:e5:6c:b5:d5:df:ad:f6:b1:55:41:85:48:
6b:af:5c:c4:a9:9b:1c:37:6a:89:e3:8e:8d:be:19:99:59:5f:
a4:4e:42:c0:c4:fb:e0:71:b0:2c:03:2d:58:08:d5:0b:02:a9:
89:6c:52:70:db:f8:c0:5d:ff:23:ca:7d:f4:b7:60:bc:6b:0e:
a1:63:eb:17:a1:15:3b:26:b7:1c:7a:cf:7c:77:1f:66:36:ac:
e1:a7:a2:b5:eb:f2:04:07:68:d1:32:6e:bf:db:cb:72:82:d3:
ca:8d:27:ae:6b:a4:10:74:a6:3f:30:05:e3:54:8e:c0:48:4a:
58:b1:0b:68:13:49:73:7b:c7:38:c9:6a:95:5b:ed:af:33:c5:
9d:97:6f:dc:63:ec:ed:f9:12:63:eb:cd:b1:a7:b4:23:2a:94:
b3:6a:06:22:f9:13:8b:46:36:00:0d:99:3c:bf:b1:9e:bc:1e:
2c:9f:e2:ce:80:0b:7f:d0:44:62:5a:28:96:bb:ec:79:d2:89:
61:33:55:a4:34:4d:36:b0:69:36:3d:39:9d:ee:14:02:ed:11:
29:99:f6:ce:4a:f6:7c:3a:46:dd:e8:9c:da:4c:e9:4d:21:7d:
91:2d:ed:ef:cc:d9:85:2a:3e:05:c5:39:60:a4:bc:33:a7:68:
d4:95:01:01
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNAgZcp6Yz/fN+GHNUt7yNNnYc/owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIxMDAwMDAwWhcNMjUwMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZGZmN2Y2NzgwNTUwMDJlYWI4NDliOGVjYzc4NTY2M2Jl
ZGVmNzA1YzRjZjM4MWM2NjcwYzI5YzYyMzRiZTRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq/6k0EXFpWfZhRdemg5X3bzazN3Yu1WQ9eE6kSxpy5x4j
aeMRRi0K6n/eqXfco9s9rC8ssivQA1bse9JqvV7z8aGCCUlMbF1BUZ1wKh0RolpM
dMmDk0drV4/oKiDHIq0nyU/APljVHAjtL8BcRpy29tE1Fg324tf6DhNMBvYqO+Hb
YorP6adygZ5i1CXwoWTieKE3tQVxD6ukkkXB1m1OyiGdkEwz9NwXO0lP7Roat8di
bX+MV3cZUlnl+DTj+JrJ4w2/vLVjz4LOvGLo5U60Dh77lLrt/NFI3narl1S2TTv0
G/aMJ8IL7WKziqc7LP8d1mGd6ZlLFsXnftYJI5eLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUsowusyT+UYsyxpfxAvVNqL1e8jAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U5YjBmMzNhLWM1MWYtNGEwYS1iNzBjLWJhYmU0M2JmMDQyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAUjjANBgkqhkiG9w0BAQsFAAOCAQEAaHF6VRsZ5Wy11d+t9rFVQYVIa69c
xKmbHDdqieOOjb4ZmVlfpE5CwMT74HGwLAMtWAjVCwKpiWxScNv4wF3/I8p99Ldg
vGsOoWPrF6EVOya3HHrPfHcfZjas4aeitevyBAdo0TJuv9vLcoLTyo0nrmukEHSm
PzAF41SOwEhKWLELaBNJc3vHOMlqlVvtrzPFnZdv3GPs7fkSY+vNsae0IyqUs2oG
IvkTi0Y2AA2ZPL+xnrweLJ/izoALf9BEYloolrvsedKJYTNVpDRNNrBpNj05ne4U
Au0RKZn2zkr2fDpG3eic2kzpTSF9kS3t78zZhSo+BcU5YKS8M6do1JUBAQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:48:32 2025 by rpki-client