Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f3f208fa-6820-42e5-aaf4-c2e673c83033.roa
File: f3f208fa-6820-42e5-aaf4-c2e673c83033.roa (raw, json)
Hash identifier: 46PWH6oWhs/FfwQLDkWN0WWbouHzgkdPgUr+NH/C0Oo=
Subject key identifier: AC:DC:12:65:72:FF:9C:D6:1A:02:DE:F0:D3:8E:1E:97:CD:7D:F3:D3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5C0F378CFBD9BBF5EB718F749FF3318A15560256
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f3f208fa-6820-42e5-aaf4-c2e673c83033.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 54.25.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:0f:37:8c:fb:d9:bb:f5:eb:71:8f:74:9f:f3:31:8a:15:56:02:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=0fcdc8814562f15044115333e3b4306f610ebbbfccef9a3f1c0c2b95fd89d2ba, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8c:10:6e:fb:c8:d8:67:5e:63:78:05:7b:c2:
a2:c2:d5:f1:18:38:e4:c3:cc:7f:98:aa:db:bd:ad:
7f:c8:76:f2:8d:a8:c3:0b:3d:39:48:41:02:3c:5d:
53:19:7f:61:4a:55:28:5d:59:8b:bf:49:ce:93:06:
6d:ab:56:8e:10:c4:b8:af:23:6c:18:5a:31:4d:3d:
44:0e:5b:00:a1:d8:93:fe:10:1e:31:31:1b:da:0e:
32:cb:46:e9:0c:5a:fc:fb:9b:00:82:77:07:d0:d2:
d1:98:87:30:60:1e:31:a0:fe:61:31:70:a0:50:82:
a3:bb:0e:89:99:bc:fb:a9:ee:a4:21:ef:e6:36:3b:
40:48:c3:b7:17:09:20:4f:9a:bc:75:d2:20:95:18:
68:e9:35:78:cb:cc:ca:20:f1:4d:ff:f9:c9:78:e4:
7d:59:27:80:ad:4d:af:e0:82:1c:de:0b:d1:32:33:
b0:9f:3c:24:a5:27:e0:4f:af:c5:01:50:34:25:c0:
79:91:e9:26:62:f6:33:5f:3c:7a:82:39:6a:44:8b:
6a:cf:65:4b:d6:7b:be:d3:2a:81:0d:5f:80:c9:db:
e1:1f:4b:4d:f1:be:7f:cb:ea:c6:2e:df:72:1b:e7:
0c:bb:68:55:81:ab:7a:52:58:2c:69:72:52:2c:77:
1f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DC:12:65:72:FF:9C:D6:1A:02:DE:F0:D3:8E:1E:97:CD:7D:F3:D3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f3f208fa-6820-42e5-aaf4-c2e673c83033.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
54.25.68.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a2:ee:3f:83:92:d6:d7:29:b5:46:5e:b0:3e:ae:7d:25:ba:
ef:b2:81:ff:37:fb:23:7f:5e:96:2d:d2:4d:b5:33:86:a2:58:
bd:be:40:42:c1:d4:0f:13:40:60:cf:6d:7f:ed:3b:aa:3d:2b:
01:b7:77:37:51:cd:1b:2a:be:d0:2c:94:09:21:bf:b4:97:65:
b9:14:10:e7:b5:5c:20:05:6f:1c:c9:3a:90:a5:3e:cd:70:c4:
5c:2a:3e:72:45:17:be:58:31:e2:95:e3:ed:15:f7:f4:2f:34:
39:54:b0:54:a5:a6:92:1c:4c:53:df:34:43:33:e6:a7:a7:81:
6a:05:a3:df:16:90:aa:7c:70:0a:2f:fc:a6:22:05:f7:9d:07:
bd:5b:df:bd:f9:8a:f3:99:06:90:44:17:e8:79:04:81:80:d6:
35:62:c5:ac:dc:5f:47:bd:12:32:95:f5:45:c6:e3:b7:95:58:
76:ef:21:8c:8a:6f:f0:11:72:11:0f:68:2b:56:24:ae:a6:ba:
43:b2:18:1e:fd:c5:b8:5f:85:08:09:1b:cd:33:54:2e:a1:c4:
18:44:7c:c1:ad:53:b8:98:52:85:04:85:04:ac:08:94:b8:53:
0f:85:dd:5a:b7:80:b2:e2:38:b4:df:ae:24:ad:a0:30:1a:44:
a0:69:e1:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXA83jPvZu/XrcY90n/MxihVWAlYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZmNkYzg4MTQ1NjJmMTUwNDQxMTUzMzNlM2I0MzA2ZjYx
MGViYmJmY2NlZjlhM2YxYzBjMmI5NWZkODlkMmJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqjBBu+8jYZ15jeAV7wqLC1fEYOOTDzH+Yqtu9rX/IdvKN
qMMLPTlIQQI8XVMZf2FKVShdWYu/Sc6TBm2rVo4QxLivI2wYWjFNPUQOWwCh2JP+
EB4xMRvaDjLLRukMWvz7mwCCdwfQ0tGYhzBgHjGg/mExcKBQgqO7DomZvPup7qQh
7+Y2O0BIw7cXCSBPmrx10iCVGGjpNXjLzMog8U3/+cl45H1ZJ4CtTa/gghzeC9Ey
M7CfPCSlJ+BPr8UBUDQlwHmR6SZi9jNfPHqCOWpEi2rPZUvWe77TKoENX4DJ2+Ef
S03xvn/L6sYu33Ib5wy7aFWBq3pSWCxpclIsdx8LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrNwSZXL/nNYaAt7w044el81989MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YzZjIwOGZhLTY4MjAtNDJlNS1hYWY0LWMyZTY3M2M4MzAzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GUQwDQYJKoZIhvcNAQELBQADggEBAJ+i7j+DktbXKbVGXrA+rn0luu+y
gf83+yN/XpYt0k21M4aiWL2+QELB1A8TQGDPbX/tO6o9KwG3dzdRzRsqvtAslAkh
v7SXZbkUEOe1XCAFbxzJOpClPs1wxFwqPnJFF75YMeKV4+0V9/QvNDlUsFSlppIc
TFPfNEMz5qengWoFo98WkKp8cAov/KYiBfedB71b3735ivOZBpBEF+h5BIGA1jVi
xazcX0e9EjKV9UXG47eVWHbvIYyKb/ARchEPaCtWJK6mukOyGB79xbhfhQgJG80z
VC6hxBhEfMGtU7iYUoUEhQSsCJS4Uw+F3Vq3gLLiOLTfriStoDAaRKBp4Xs=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:50:02 2025 by rpki-client