Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb9a9933-8515-4096-9ad7-383e304b497f.roa
File: fb9a9933-8515-4096-9ad7-383e304b497f.roa (raw, json)
Hash identifier: CzBxXvMYQq0o/Ctau4699Icm3eYDU6iBv2z09oltllU=
Subject key identifier: D3:02:D0:0E:96:A8:37:A2:82:86:5E:87:3A:28:2F:FB:7F:8E:A7:50
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1E19B52EF8582F02490D6D4B9E79A201034AC8D9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb9a9933-8515-4096-9ad7-383e304b497f.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.177.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:19:b5:2e:f8:58:2f:02:49:0d:6d:4b:9e:79:a2:01:03:4a:c8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=d94b180729babe50848efb893ab675e7a673b80b9a5970cd43b688a7da5402e2, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a2:3a:c0:90:07:b2:82:1b:8c:3e:11:3c:f3:
8b:28:fe:6e:b6:8d:68:cc:3f:69:94:00:e8:9b:8d:
a7:01:d9:d8:ad:62:2d:26:3a:04:f1:a2:e7:b6:bd:
61:9f:d6:20:41:40:7e:ab:43:e1:8f:69:f8:eb:2a:
f3:0e:b5:c6:44:45:72:9f:56:82:f3:d6:8e:2f:d3:
94:03:3f:ca:dc:d7:68:9a:c2:4b:56:88:57:2d:83:
be:17:13:15:2e:8a:f9:0f:03:fa:84:02:51:d7:18:
74:7c:aa:68:0d:56:ce:df:1b:06:d6:a5:dc:5a:f1:
5a:d0:8f:06:5a:0e:d3:b2:68:ef:3a:ba:81:9c:25:
62:d4:07:00:03:11:b2:a1:95:3f:d5:32:f7:e2:51:
06:7b:dc:94:bb:74:67:b1:03:3a:5c:c8:cf:1e:90:
99:0c:ea:82:4e:31:a1:49:c9:ac:07:54:46:02:e7:
d4:07:88:ea:46:40:fd:a7:4b:1b:a4:a3:d1:31:6c:
ad:b0:05:8f:66:ff:d4:4d:60:95:6b:6b:6c:71:e2:
53:0d:15:d9:30:c0:03:c9:2e:a0:6c:b2:f4:e1:94:
02:8f:a5:d5:5d:31:c3:b1:92:85:b7:8d:99:8e:a0:
f5:aa:58:8f:4b:1b:97:30:14:98:c8:80:82:7a:65:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:02:D0:0E:96:A8:37:A2:82:86:5E:87:3A:28:2F:FB:7F:8E:A7:50
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb9a9933-8515-4096-9ad7-383e304b497f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.177.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d8:54:17:56:3b:1d:cd:70:e2:35:6c:da:0e:e4:55:df:50:b3:
ce:b0:5b:50:41:d2:0c:55:f5:be:0c:91:74:3b:c4:ba:b4:9f:
0e:af:9b:95:e3:5f:4d:a2:35:77:b3:59:4c:f3:e9:34:29:51:
26:73:e9:61:8d:8f:26:be:43:b5:c5:81:d4:90:50:34:12:a9:
32:e0:de:3c:8c:aa:97:98:8b:61:e0:db:22:f2:b5:90:88:22:
95:5b:eb:27:78:9f:11:ab:ed:bf:19:e6:bf:ff:9b:76:8b:e7:
47:ca:be:52:5f:2c:2c:d2:03:41:d5:38:3e:f9:fb:0f:ed:34:
10:16:d0:eb:b2:a4:34:2e:1f:40:cd:10:81:e7:4b:f0:40:57:
d9:6a:fe:91:c2:ad:da:76:cb:54:42:6a:11:ad:e1:ce:49:0f:
5c:15:1c:0a:ec:50:5c:1f:46:44:b9:04:d1:d8:ec:83:7b:a4:
b9:0b:a1:c9:cb:aa:44:5d:e9:89:eb:90:f6:38:ce:1e:aa:e8:
5e:43:77:71:b3:39:87:82:8f:09:41:d7:63:9d:ea:2a:92:53:
42:d1:ca:dd:e3:3d:a5:ed:2e:c6:1c:b8:4d:72:63:65:f8:8d:
44:2c:c9:a1:a5:24:06:c2:57:60:a9:37:db:94:bb:66:49:a9:
cc:3a:7e:cd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHhm1LvhYLwJJDW1LnnmiAQNKyNkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkOTRiMTgwNzI5YmFiZTUwODQ4ZWZiODkzYWI2NzVlN2E2
NzNiODBiOWE1OTcwY2Q0M2I2ODhhN2RhNTQwMmUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOojrAkAeyghuMPhE884so/m62jWjMP2mUAOibjacB2dit
Yi0mOgTxoue2vWGf1iBBQH6rQ+GPafjrKvMOtcZERXKfVoLz1o4v05QDP8rc12ia
wktWiFctg74XExUuivkPA/qEAlHXGHR8qmgNVs7fGwbWpdxa8VrQjwZaDtOyaO86
uoGcJWLUBwADEbKhlT/VMvfiUQZ73JS7dGexAzpcyM8ekJkM6oJOMaFJyawHVEYC
59QHiOpGQP2nSxuko9ExbK2wBY9m/9RNYJVra2xx4lMNFdkwwAPJLqBssvThlAKP
pdVdMcOxkoW3jZmOoPWqWI9LG5cwFJjIgIJ6ZQfHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0wLQDpaoN6KChl6HOigv+3+Op1AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZiOWE5OTMzLTg1MTUtNDA5Ni05YWQ3LTM4M2UzMDRiNDk3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQsTANBgkqhkiG9w0BAQsFAAOCAQEA2FQXVjsdzXDiNWzaDuRV31CzzrBb
UEHSDFX1vgyRdDvEurSfDq+bleNfTaI1d7NZTPPpNClRJnPpYY2PJr5DtcWB1JBQ
NBKpMuDePIyql5iLYeDbIvK1kIgilVvrJ3ifEavtvxnmv/+bdovnR8q+Ul8sLNID
QdU4Pvn7D+00EBbQ67KkNC4fQM0QgedL8EBX2Wr+kcKt2nbLVEJqEa3hzkkPXBUc
CuxQXB9GRLkE0djsg3ukuQuhycuqRF3pieuQ9jjOHqroXkN3cbM5h4KPCUHXY53q
KpJTQtHK3eM9pe0uxhy4TXJjZfiNRCzJoaUkBsJXYKk325S7ZkmpzDp+zQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:11:40 2025 by rpki-client