Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d63125d6-5f8b-4149-bd4f-34863b30f5b9.roa
File: d63125d6-5f8b-4149-bd4f-34863b30f5b9.roa (raw, json)
Hash identifier: ODaf6cATlbzJo3sE1b9IJUPt/+ns2D6kDC1jFvppEeM=
Subject key identifier: D8:B1:CB:0E:0C:11:59:54:28:9D:2D:BC:B0:54:E3:52:8A:E9:E2:D5
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 253525EA9F430F7880E47D09FA1221CF93A5D390
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d63125d6-5f8b-4149-bd4f-34863b30f5b9.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0fb:ec00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:35:25:ea:9f:43:0f:78:80:e4:7d:09:fa:12:21:cf:93:a5:d3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0a:bb:76:c0:78:4e:74:a4:66:e3:f9:fe:8d:
48:ea:12:90:cb:3a:6e:72:ab:94:3f:42:95:3f:a4:
d3:dd:51:ec:99:5d:7d:7a:73:db:58:89:59:24:7a:
d4:6d:9a:55:55:89:8d:7c:4c:be:e3:8d:63:d1:9f:
cc:4f:d1:a3:38:8f:6f:a6:23:d7:cb:cb:8b:0d:dd:
8e:6c:c2:a7:6b:b6:ee:a1:89:93:72:f2:9d:c9:67:
cc:39:49:27:43:d1:3a:a0:24:79:86:33:47:a1:c5:
26:c5:c1:71:27:8f:90:94:fe:e8:dc:18:a7:45:68:
d7:a5:bb:9a:aa:e5:55:2e:11:43:25:ce:c1:fe:8f:
8c:d6:83:1c:79:14:e1:55:cb:7d:bc:da:dc:2e:14:
54:c4:49:93:91:85:7a:e7:fd:16:ba:2b:27:9e:fd:
78:4a:b5:97:11:78:7a:79:ce:c0:8a:aa:51:a1:68:
95:1b:66:27:b5:8f:c6:f1:fb:67:bf:93:e0:f7:3e:
2c:ed:a7:96:4c:70:d7:3d:d5:c0:2f:6c:f5:6d:f0:
09:46:b6:32:00:82:15:bd:4f:d0:37:c8:71:1f:56:
eb:a6:2d:a9:6e:42:62:d6:62:2c:46:6e:f3:5c:26:
12:ae:d5:66:87:8b:08:c4:bb:3a:f5:b5:32:85:9e:
23:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B1:CB:0E:0C:11:59:54:28:9D:2D:BC:B0:54:E3:52:8A:E9:E2:D5
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d63125d6-5f8b-4149-bd4f-34863b30f5b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0fb:ec00::/40
Signature Algorithm: sha256WithRSAEncryption
8f:9b:54:a5:14:0c:37:f1:52:fc:88:d3:52:b4:c0:6e:69:86:
5a:7a:42:97:3c:28:ab:42:09:3a:d6:a6:2b:9e:26:25:4a:6f:
ec:3a:78:cd:40:c7:96:eb:42:c5:ea:28:f7:68:ec:18:af:27:
b2:03:fb:56:3d:f6:6c:b6:a1:44:22:4a:44:b2:35:a9:8e:74:
1b:21:be:d1:68:2c:ec:2e:a5:5b:3b:34:c2:47:70:3a:34:0b:
c4:23:b8:1a:e5:68:f8:0d:78:37:35:89:27:f0:30:40:cd:37:
56:3b:fa:20:14:e1:8e:19:d5:6f:d1:0c:09:9f:f9:a9:24:2a:
45:d9:8f:00:78:65:51:59:1e:53:74:f1:ee:ba:69:24:36:d6:
06:f1:03:46:af:e0:65:c9:44:67:6d:11:21:3e:a9:8a:3b:73:
4d:ce:1b:96:1b:cf:27:3f:cc:84:7d:88:53:6c:96:99:84:17:
9a:fe:79:3c:d9:b5:cf:ba:01:4a:ed:20:d3:0d:a1:79:9b:c1:
78:7a:8d:14:46:a2:ff:86:eb:9d:c8:8f:f9:1a:d2:b2:c1:b6:
73:fd:27:00:cb:17:dc:30:98:b0:47:42:b5:79:ba:5d:e7:6d:
32:ff:2c:71:70:23:5c:da:ab:5d:3a:f8:f9:b1:b0:54:03:08:
1f:1d:43:58
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJTUl6p9DD3iA5H0J+hIhz5Ol05AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjlkZGZmYTJmNzhiMWM4YTZkYzNiZWY3MWZlMjhjNWE4
M2MyMzNiOTA3ZmU4NjE0ZDhlNGRmNjAwYWNkOGRiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrCrt2wHhOdKRm4/n+jUjqEpDLOm5yq5Q/QpU/pNPdUeyZ
XX16c9tYiVkketRtmlVViY18TL7jjWPRn8xP0aM4j2+mI9fLy4sN3Y5swqdrtu6h
iZNy8p3JZ8w5SSdD0TqgJHmGM0ehxSbFwXEnj5CU/ujcGKdFaNelu5qq5VUuEUMl
zsH+j4zWgxx5FOFVy3282twuFFTESZORhXrn/Ra6Kyee/XhKtZcReHp5zsCKqlGh
aJUbZie1j8bx+2e/k+D3Piztp5ZMcNc91cAvbPVt8AlGtjIAghW9T9A3yHEfVuum
LaluQmLWYixGbvNcJhKu1WaHiwjEuzr1tTKFniM/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2LHLDgwRWVQonS28sFTjUorp4tUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Q2MzEyNWQ2LTVmOGItNDE0OS1iZDRmLTM0ODYzYjMwZjViOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD77DANBgkqhkiG9w0BAQsFAAOCAQEAj5tUpRQMN/FS/IjTUrTAbmmG
WnpClzwoq0IJOtamK54mJUpv7Dp4zUDHlutCxeoo92jsGK8nsgP7Vj32bLahRCJK
RLI1qY50GyG+0Wgs7C6lWzs0wkdwOjQLxCO4GuVo+A14NzWJJ/AwQM03Vjv6IBTh
jhnVb9EMCZ/5qSQqRdmPAHhlUVkeU3Tx7rppJDbWBvEDRq/gZclEZ20RIT6pijtz
Tc4blhvPJz/MhH2IU2yWmYQXmv55PNm1z7oBSu0g0w2heZvBeHqNFEai/4brnciP
+RrSssG2c/0nAMsX3DCYsEdCtXm6XedtMv8scXAjXNqrXTr4+bGwVAMIHx1DWA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:50 2025 by rpki-client