Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f4cb9bc4-346b-41e5-97dc-f83cd556c663.roa
File: f4cb9bc4-346b-41e5-97dc-f83cd556c663.roa (raw, json)
Hash identifier: 3aCRzrZftnRvsNUEXt0smmRCHdMHDUjLhMYgCTPt9hk=
Subject key identifier: 86:FE:F9:A0:6F:3C:EA:73:92:9C:7B:01:AA:EF:B5:95:19:4C:1D:A0
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6CB1D6A147595CA171844DFE5DB22FDCC13A88EF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f4cb9bc4-346b-41e5-97dc-f83cd556c663.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 149.116.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:b1:d6:a1:47:59:5c:a1:71:84:4d:fe:5d:b2:2f:dc:c1:3a:88:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=2fbfd946938ed381e9cafb3e2f54fa6260f26c881caa9337e319b63fa885f3fe, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fe:dc:16:9b:37:a7:58:00:75:d0:5c:54:78:
bb:cf:a1:2f:0e:7c:7d:3f:ad:8c:b6:b5:7c:75:23:
88:5a:9a:c4:97:ed:57:49:50:f3:f3:34:90:92:d8:
19:dc:ee:d9:7a:3f:17:51:c5:8f:f2:0d:ed:b8:e4:
86:a7:84:6c:e1:c9:8c:57:86:50:5e:dc:79:b2:a2:
1b:f2:dd:11:b0:81:f9:de:36:da:50:4f:d3:8c:17:
af:1f:e8:17:d6:7b:82:f9:5d:47:a2:52:3c:8b:e8:
22:0b:78:23:79:f0:5a:72:f1:aa:69:d3:5b:98:f1:
03:9b:60:5a:fe:53:57:2d:f1:d8:92:3e:d8:c5:96:
b9:45:05:0c:0c:27:3b:83:1e:3f:5b:2c:f3:b6:5d:
5c:8d:6a:f4:fa:95:36:be:13:f4:28:31:92:2c:4f:
6d:a8:ba:a3:b6:27:1c:5e:22:d3:e6:65:63:df:94:
50:66:80:60:70:1f:19:ae:37:0e:c6:d3:15:af:fe:
93:01:cd:0c:f8:b8:29:39:2d:0f:b7:5e:d7:50:99:
41:5a:d0:34:2b:1c:b5:92:ef:e1:8f:fd:60:25:5d:
0e:7f:36:f8:a9:aa:33:c8:a7:b5:37:c5:50:66:2b:
5d:d8:2c:96:2e:ff:0f:f3:8c:c6:9c:54:8f:d7:2a:
42:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FE:F9:A0:6F:3C:EA:73:92:9C:7B:01:AA:EF:B5:95:19:4C:1D:A0
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f4cb9bc4-346b-41e5-97dc-f83cd556c663.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.116.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:ed:a3:48:30:bb:18:d6:a0:75:bc:95:10:e6:02:8f:20:f7:
41:43:19:0e:1e:31:fa:14:a0:0d:7b:37:0e:01:89:c4:a9:1a:
65:f5:75:75:24:11:1d:d1:36:b4:80:ea:8a:3d:33:ac:f0:34:
05:fb:38:c9:c3:90:e5:43:e7:fc:61:ec:e8:6c:f4:f5:de:10:
ac:40:55:30:04:05:77:4c:23:d8:0e:87:98:7b:7a:3f:ea:7d:
c9:59:0e:df:54:35:49:8b:0d:28:7c:73:87:52:81:6f:09:1a:
a5:65:66:19:a0:06:8a:e9:69:39:f4:58:71:06:c4:59:e7:26:
68:f1:87:89:f6:4c:74:ab:10:31:2b:b4:b4:36:bd:b7:28:97:
51:17:c2:19:07:51:2b:ca:ce:5f:c3:ea:2c:7f:d3:4b:b8:09:
fc:10:ee:c5:58:9b:12:0c:88:75:ca:d3:2c:2d:7d:db:b6:bb:
25:62:06:b9:74:68:a4:6f:89:75:ea:ef:8b:35:27:02:d7:ba:
42:f7:1e:07:76:6a:2a:1d:21:fc:39:a6:e7:ce:84:b8:83:c7:
e7:95:84:c5:70:61:2a:2f:1c:0d:b9:97:27:f0:a0:c3:b6:22:
85:1d:57:34:67:96:fe:e0:09:45:44:06:3a:7f:82:f7:c8:f1:
07:f6:5d:86
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbLHWoUdZXKFxhE3+XbIv3ME6iO8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZmJmZDk0NjkzOGVkMzgxZTljYWZiM2UyZjU0ZmE2MjYw
ZjI2Yzg4MWNhYTkzMzdlMzE5YjYzZmE4ODVmM2ZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCe/twWmzenWAB10FxUeLvPoS8OfH0/rYy2tXx1I4hamsSX
7VdJUPPzNJCS2Bnc7tl6PxdRxY/yDe245IanhGzhyYxXhlBe3Hmyohvy3RGwgfne
NtpQT9OMF68f6BfWe4L5XUeiUjyL6CILeCN58Fpy8app01uY8QObYFr+U1ct8diS
PtjFlrlFBQwMJzuDHj9bLPO2XVyNavT6lTa+E/QoMZIsT22ouqO2JxxeItPmZWPf
lFBmgGBwHxmuNw7G0xWv/pMBzQz4uCk5LQ+3XtdQmUFa0DQrHLWS7+GP/WAlXQ5/
NvipqjPIp7U3xVBmK13YLJYu/w/zjMacVI/XKkKbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhv75oG886nOSnHsBqu+1lRlMHaAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y0Y2I5YmM0LTM0NmItNDFlNS05N2RjLWY4M2NkNTU2YzY2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCVdDANBgkqhkiG9w0BAQsFAAOCAQEAX+2jSDC7GNagdbyVEOYCjyD3QUMZ
Dh4x+hSgDXs3DgGJxKkaZfV1dSQRHdE2tIDqij0zrPA0Bfs4ycOQ5UPn/GHs6Gz0
9d4QrEBVMAQFd0wj2A6HmHt6P+p9yVkO31Q1SYsNKHxzh1KBbwkapWVmGaAGiulp
OfRYcQbEWecmaPGHifZMdKsQMSu0tDa9tyiXURfCGQdRK8rOX8PqLH/TS7gJ/BDu
xVibEgyIdcrTLC1927a7JWIGuXRopG+JdervizUnAte6QvceB3ZqKh0h/Dmm586E
uIPH55WExXBhKi8cDbmXJ/Cgw7YihR1XNGeW/uAJRUQGOn+C98jxB/Zdhg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:48:31 2025 by rpki-client