Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f09b41b9-1746-42a6-a74b-8ab258b99e97.roa
File: f09b41b9-1746-42a6-a74b-8ab258b99e97.roa (raw, json)
Hash identifier: KRpPLNnMhIwS3WZ+fZ8Jvy8SkIMjJ6I72XvnoNvsuXI=
Subject key identifier: E7:9F:4B:12:26:2B:87:79:C4:FD:86:54:28:5A:F3:14:B5:0D:C5:47
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1DF925B42EE04603D9DAE7010F4C9BC4D5CA8159
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f09b41b9-1746-42a6-a74b-8ab258b99e97.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 70.232.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:f9:25:b4:2e:e0:46:03:d9:da:e7:01:0f:4c:9b:c4:d5:ca:81:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=c54714b151b75b66b8354db79cb97699c15d7ae86242af7f7d9801ffe55692b5, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:65:d5:0e:90:f2:9b:5b:db:1e:73:ac:19:6b:
28:da:2b:a8:49:70:88:dd:1b:b1:39:5d:24:46:a4:
32:60:a6:10:d7:3c:7a:47:3f:45:7b:16:29:cd:75:
ee:ae:96:05:d3:26:a4:1c:91:bb:6c:0b:70:3a:7b:
fa:78:d3:fa:27:88:58:04:b8:dd:11:42:1a:35:66:
17:a5:f4:d3:31:d9:a6:a4:64:a1:35:41:9d:96:fa:
09:f0:3e:47:f4:e7:97:bc:8a:0f:29:fd:fe:95:57:
7b:2f:bf:41:c5:36:59:e9:2c:d3:a9:5a:96:d2:f2:
de:65:63:fc:96:9c:50:59:a9:6c:c3:3d:71:94:04:
3b:bf:fd:23:14:24:50:97:bc:1e:99:29:1b:12:6d:
89:28:9e:24:d3:89:e4:4c:e4:2e:d5:19:85:04:c2:
f8:74:35:e3:5d:79:94:d7:99:04:26:04:f0:db:0e:
70:83:90:91:c3:68:38:69:cc:df:b8:f4:97:7e:79:
7c:0c:5f:1b:d2:9b:ea:ba:2f:58:8c:40:09:a6:1d:
84:cd:20:94:bb:68:06:59:c6:a9:59:59:59:1c:c6:
eb:06:72:43:2e:6d:65:04:a6:c2:83:96:fb:8c:46:
08:43:48:72:19:db:53:aa:27:7e:0f:8a:b2:1d:be:
2d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:9F:4B:12:26:2B:87:79:C4:FD:86:54:28:5A:F3:14:B5:0D:C5:47
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f09b41b9-1746-42a6-a74b-8ab258b99e97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.232.64.0/18
Signature Algorithm: sha256WithRSAEncryption
55:a9:08:45:d2:af:10:22:ee:78:3b:a1:91:ce:46:1a:6d:ab:
19:ce:df:6a:89:ea:0a:1a:6e:c8:bf:49:4c:1b:35:e7:4a:3b:
4f:65:6a:87:33:52:9a:8e:dd:62:7a:a6:ab:26:60:b5:b8:6b:
e2:17:cd:2c:66:81:5f:58:03:a1:d7:c0:bf:8f:e2:5e:8d:44:
c0:a0:2e:fa:09:b4:d5:d0:00:e9:1e:c8:12:e6:a6:5e:02:a2:
41:93:20:84:28:3a:c8:44:b3:a5:0e:47:b2:ee:43:47:4f:26:
19:d7:1c:9e:66:25:ef:53:0d:32:76:dc:1e:24:12:fc:d3:65:
66:5d:94:da:7f:5f:30:8f:c9:54:60:87:1c:5d:a2:8f:44:cc:
5b:f7:7b:9c:7c:11:5c:f0:8b:54:83:a7:c8:c4:1b:61:08:b0:
f0:35:a9:94:45:cd:cb:34:b2:52:21:ac:14:a1:ae:70:bd:13:
4c:89:fc:01:46:49:ec:14:9f:aa:e3:f7:4b:0a:54:ed:7f:60:
0a:67:0f:05:c7:ac:06:82:1c:44:5d:62:af:2d:ca:71:da:5c:
5a:9c:e5:56:85:13:cc:18:31:db:ef:07:25:3f:58:ea:e6:ea:
f3:85:53:ee:07:d0:ff:5e:15:32:e9:ec:33:8d:ee:85:e2:17:
8b:f2:47:92
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHfkltC7gRgPZ2ucBD0ybxNXKgVkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNTQ3MTRiMTUxYjc1YjY2YjgzNTRkYjc5Y2I5NzY5OWMx
NWQ3YWU4NjI0MmFmN2Y3ZDk4MDFmZmU1NTY5MmI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaZdUOkPKbW9sec6wZayjaK6hJcIjdG7E5XSRGpDJgphDX
PHpHP0V7FinNde6ulgXTJqQckbtsC3A6e/p40/oniFgEuN0RQho1Zhel9NMx2aak
ZKE1QZ2W+gnwPkf055e8ig8p/f6VV3svv0HFNlnpLNOpWpbS8t5lY/yWnFBZqWzD
PXGUBDu//SMUJFCXvB6ZKRsSbYkoniTTieRM5C7VGYUEwvh0NeNdeZTXmQQmBPDb
DnCDkJHDaDhpzN+49Jd+eXwMXxvSm+q6L1iMQAmmHYTNIJS7aAZZxqlZWVkcxusG
ckMubWUEpsKDlvuMRghDSHIZ21OqJ34PirIdvi23AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU559LEiYrh3nE/YZUKFrzFLUNxUcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwOWI0MWI5LTE3NDYtNDJhNi1hNzRiLThhYjI1OGI5OWU5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZG6EAwDQYJKoZIhvcNAQELBQADggEBAFWpCEXSrxAi7ng7oZHORhptqxnO
32qJ6goabsi/SUwbNedKO09laoczUpqO3WJ6pqsmYLW4a+IXzSxmgV9YA6HXwL+P
4l6NRMCgLvoJtNXQAOkeyBLmpl4CokGTIIQoOshEs6UOR7LuQ0dPJhnXHJ5mJe9T
DTJ23B4kEvzTZWZdlNp/XzCPyVRghxxdoo9EzFv3e5x8EVzwi1SDp8jEG2EIsPA1
qZRFzcs0slIhrBShrnC9E0yJ/AFGSewUn6rj90sKVO1/YApnDwXHrAaCHERdYq8t
ynHaXFqc5VaFE8wYMdvvByU/WOrm6vOFU+4H0P9eFTLp7DON7oXiF4vyR5I=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:47:06 2025 by rpki-client