Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f1d1dc46-4a3f-466a-9977-5809598cdfe3.roa
File: f1d1dc46-4a3f-466a-9977-5809598cdfe3.roa (raw, json)
Hash identifier: jJLD3eMJpVfyOb4SQzavgLTSlyJdhEhWJMlvUWF1A3E=
Subject key identifier: CD:D4:1F:CF:98:BC:76:DC:77:14:49:64:52:6D:38:37:27:C7:9C:85
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 77EFE0B2E6D033FC4A35FEF1910F1E7E901ACA38
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f1d1dc46-4a3f-466a-9977-5809598cdfe3.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0f0:552f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:ef:e0:b2:e6:d0:33:fc:4a:35:fe:f1:91:0f:1e:7e:90:1a:ca:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a2:97:4e:7d:b2:d8:8d:46:bc:4e:f4:e5:53:
c4:fd:6d:c8:65:33:18:5c:82:b8:59:db:a0:ed:ee:
96:50:99:a9:15:d9:3e:ac:c6:59:7a:1d:2a:c6:1e:
d3:b8:e2:7b:1f:91:40:22:6a:30:b9:65:9d:49:1e:
c0:e1:a6:32:67:18:a9:e0:14:36:3b:1a:97:a7:de:
24:44:f5:54:5b:ae:96:3a:f2:a3:07:5f:b9:d8:9a:
bb:ec:4f:07:76:a3:bb:5d:a0:28:6e:28:00:d0:6a:
a0:98:61:ec:b1:3f:88:2b:58:93:77:6b:09:86:70:
b3:42:f9:3c:b3:ef:df:29:7e:ac:dd:33:0c:fb:a4:
f1:32:83:ef:22:14:d2:17:d3:1a:1d:5d:0a:8d:09:
e6:12:93:37:82:ee:56:e5:a3:01:1f:c8:70:98:fd:
29:3d:79:50:fb:1f:e3:bf:85:c1:53:1c:c1:21:d8:
4e:83:9a:68:78:c7:02:1f:10:65:c6:5a:68:eb:8b:
70:49:85:b7:da:65:9f:f2:61:f2:e4:7b:c1:f9:02:
df:4a:0a:90:8d:04:0a:0c:8b:9a:62:db:ec:97:6d:
24:b3:f1:ce:86:b3:7c:56:9b:d2:17:f5:8d:3d:c9:
93:ea:55:61:3d:3c:7e:2a:e0:46:ce:10:c3:99:c3:
45:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D4:1F:CF:98:BC:76:DC:77:14:49:64:52:6D:38:37:27:C7:9C:85
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f1d1dc46-4a3f-466a-9977-5809598cdfe3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0f0:552f::/48
Signature Algorithm: sha256WithRSAEncryption
9c:e3:f0:a2:09:90:46:c5:bc:ee:b0:cd:d1:e9:80:03:34:f7:
5e:d5:a8:32:eb:78:e7:7e:39:bb:5c:85:7f:04:4b:b5:1d:a3:
67:af:75:22:89:0c:e4:66:6c:17:7a:a1:8d:40:18:cc:4e:dc:
8d:74:9c:c5:a8:25:af:1d:2b:55:bd:12:e9:55:5b:40:d6:59:
f5:ef:ff:c6:01:91:31:58:10:9f:bf:c7:df:9e:ac:88:b6:88:
bf:72:3d:74:19:18:08:84:88:af:40:ab:d3:b7:e4:c5:ff:25:
ba:fd:c3:11:cf:38:87:31:2c:99:00:9e:9b:41:9b:02:02:c5:
72:f0:a1:e7:8b:fe:dc:fb:d5:db:98:1e:e2:e6:7b:44:95:4b:
a7:03:a0:06:97:88:66:5a:af:a3:74:1d:44:ed:40:c2:18:e6:
9d:cc:ca:84:9f:7d:73:2e:ad:51:97:d9:ee:d7:2e:18:28:d4:
25:6a:f0:1a:61:78:3a:98:8a:08:9f:aa:40:86:ad:e4:19:92:
50:c5:4b:37:c2:58:99:cb:8d:2b:85:8c:cf:99:6a:3c:cc:7d:
c2:20:74:76:e0:a0:75:d1:41:f9:b2:e5:13:73:29:8b:9e:97:
77:58:de:1d:8b:35:1f:1c:d6:55:ca:8d:82:57:f6:1b:18:96:
96:b3:25:61
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUd+/gsubQM/xKNf7xkQ8efpAayjgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTMzY2MxMTA4NjlmYjZkMTdhNGNkMWE2ZTI2MmVkZDky
NTFiMWYwZmQ4YTQ0NjMzZDM3MWEzN2FmOTBmMjBiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0opdOfbLYjUa8TvTlU8T9bchlMxhcgrhZ26Dt7pZQmakV
2T6sxll6HSrGHtO44nsfkUAiajC5ZZ1JHsDhpjJnGKngFDY7Gpen3iRE9VRbrpY6
8qMHX7nYmrvsTwd2o7tdoChuKADQaqCYYeyxP4grWJN3awmGcLNC+Tyz798pfqzd
Mwz7pPEyg+8iFNIX0xodXQqNCeYSkzeC7lblowEfyHCY/Sk9eVD7H+O/hcFTHMEh
2E6Dmmh4xwIfEGXGWmjri3BJhbfaZZ/yYfLke8H5At9KCpCNBAoMi5pi2+yXbSSz
8c6Gs3xWm9IX9Y09yZPqVWE9PH4q4EbOEMOZw0VzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUzdQfz5i8dtx3FElkUm04NyfHnIUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2YxZDFkYzQ2LTRhM2YtNDY2YS05OTc3LTU4MDk1OThjZGZlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVS8wDQYJKoZIhvcNAQELBQADggEBAJzj8KIJkEbFvO6wzdHpgAM0
917VqDLreOd+ObtchX8ES7Udo2evdSKJDORmbBd6oY1AGMxO3I10nMWoJa8dK1W9
EulVW0DWWfXv/8YBkTFYEJ+/x9+erIi2iL9yPXQZGAiEiK9Aq9O35MX/Jbr9wxHP
OIcxLJkAnptBmwICxXLwoeeL/tz71duYHuLme0SVS6cDoAaXiGZar6N0HUTtQMIY
5p3MyoSffXMurVGX2e7XLhgo1CVq8BpheDqYigifqkCGreQZklDFSzfCWJnLjSuF
jM+ZajzMfcIgdHbgoHXRQfmy5RNzKYuel3dY3h2LNR8c1lXKjYJX9hsYlpazJWE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:08 2025 by rpki-client