Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
File: 5eadccc1-2a48-4240-972e-4e5473a01e2e.roa (raw, json)
Hash identifier: 0ySfS/EIdfLNbawTrnPZ0pfyGOMYZuxjUnctR5G/L+I=
Subject key identifier: 38:64:E5:CC:14:47:C2:96:64:46:04:6B:C9:4B:EE:B9:44:AD:AF:61
Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial: 3A60B0D346FBE0756B370B1CD2870020906E1855
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
Signing time: Fri 06 Dec 2024 00:00:00 +0000
ROA not before: Fri 06 Dec 2024 00:00:00 +0000
ROA not after: Fri 10 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.249.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:60:b0:d3:46:fb:e0:75:6b:37:0b:1c:d2:87:00:20:90:6e:18:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Validity
Not Before: Dec 6 00:00:00 2024 GMT
Not After : Jan 10 23:59:59 2025 GMT
Subject: serialNumber=b7f66700c7111f1f5554554c625f68dda93f6799fec1a7034782749f06373c55, CN=42519eb9-9579-4979-bdaf-164abd0e290e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:11:73:47:4f:b8:39:30:54:77:64:cd:cf:06:
5d:fa:c8:e2:24:a4:23:c9:f0:db:72:e8:3c:c9:f7:
84:24:9c:12:5a:5f:81:a3:c2:b2:e6:20:3c:34:25:
26:a3:11:f3:6b:d3:e5:fa:da:36:83:f3:31:fd:01:
84:ff:f3:d0:23:d1:97:bb:db:40:42:31:7d:66:3f:
3e:75:23:83:57:41:ee:6d:ed:35:45:74:72:cb:44:
ce:41:e0:c0:9c:94:1f:c8:6d:c5:5f:fd:0d:77:95:
83:07:cf:1f:cb:3d:91:bd:5d:dc:d9:8d:ee:33:d3:
7a:7d:05:3b:a4:17:0d:1e:54:ae:63:9f:ef:c9:49:
69:9c:74:ee:6b:ca:b5:a5:6a:3b:e2:1e:a7:4b:5a:
5e:95:fd:05:c3:83:d6:98:dd:b7:0f:a9:75:7c:ed:
c9:d5:c3:13:7a:0b:cc:94:1b:7e:e8:73:94:77:66:
9e:24:62:53:f0:aa:1a:7f:bf:31:6c:ac:b6:9e:dd:
df:da:a0:15:d5:c1:3c:33:2a:a9:00:b8:e0:a3:74:
d0:e1:bb:61:a4:b2:a6:42:65:93:dd:0f:ec:87:63:
e9:48:de:38:f7:ce:14:f2:b8:c4:b0:bd:9d:1b:fa:
dd:e6:60:b4:08:65:ab:02:d3:b9:a4:50:98:a0:0a:
f0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:64:E5:CC:14:47:C2:96:64:46:04:6B:C9:4B:EE:B9:44:AD:AF:61
X509v3 Authority Key Identifier:
keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.249.208.0/20
Signature Algorithm: sha256WithRSAEncryption
74:27:4b:5a:0f:84:9b:ee:1f:d6:50:07:36:bf:0a:01:74:cb:
11:2e:80:38:48:55:26:6e:23:05:27:64:cb:a7:bc:4c:40:98:
d3:f5:61:00:9e:cc:39:38:fc:40:b6:c5:06:21:86:c4:5d:cc:
37:7a:e1:56:ce:6e:ff:e3:47:5a:90:02:ee:20:58:6f:ea:30:
80:81:28:11:40:cf:a6:87:34:6e:bd:37:42:1b:96:00:52:e2:
96:fe:ba:cc:06:84:3f:77:cf:a5:84:2b:04:4a:99:5f:a5:b4:
88:ca:0c:3d:d9:6f:c2:20:21:f6:9a:1c:e5:00:d5:d9:b7:4e:
41:98:2f:1c:63:e5:97:a0:b6:59:b2:d1:ec:2a:2e:20:05:38:
20:99:d3:21:9c:37:e3:f3:85:ed:43:ed:59:4d:37:01:ad:2e:
b3:aa:89:0c:8d:3c:30:58:26:42:6a:a6:47:7a:24:c3:fa:1c:
ad:b0:61:30:5a:6e:66:9f:3a:51:a6:76:82:91:7e:97:0c:6c:
c0:4c:d2:91:93:47:a3:04:30:19:bc:c2:2e:df:62:17:a0:46:
27:55:ab:d5:34:a0:42:ed:58:00:d2:28:3f:86:6c:8d:c9:e9:
cf:8f:01:cc:24:9e:66:75:06:1e:b6:4f:22:32:65:c9:a8:56:
bc:30:64:94
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOmCw00b74HVrNwsc0ocAIJBuGFUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMjA2MDAwMDAwWhcNMjUwMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiN2Y2NjcwMGM3MTExZjFmNTU1NDU1NGM2MjVmNjhkZGE5
M2Y2Nzk5ZmVjMWE3MDM0NzgyNzQ5ZjA2MzczYzU1MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTEXNHT7g5MFR3ZM3PBl36yOIkpCPJ8Nty6DzJ94QknBJa
X4GjwrLmIDw0JSajEfNr0+X62jaD8zH9AYT/89Aj0Ze720BCMX1mPz51I4NXQe5t
7TVFdHLLRM5B4MCclB/IbcVf/Q13lYMHzx/LPZG9XdzZje4z03p9BTukFw0eVK5j
n+/JSWmcdO5ryrWlajviHqdLWl6V/QXDg9aY3bcPqXV87cnVwxN6C8yUG37oc5R3
Zp4kYlPwqhp/vzFsrLae3d/aoBXVwTwzKqkAuOCjdNDhu2GksqZCZZPdD+yHY+lI
3jj3zhTyuMSwvZ0b+t3mYLQIZasC07mkUJigCvA9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOGTlzBRHwpZkRgRryUvuuUStr2EwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzVlYWRjY2MxLTJhNDgtNDI0MC05NzJlLTRlNTQ3M2EwMWUyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQX+dAwDQYJKoZIhvcNAQELBQADggEBAHQnS1oPhJvuH9ZQBza/CgF0yxEu
gDhIVSZuIwUnZMunvExAmNP1YQCezDk4/EC2xQYhhsRdzDd64VbObv/jR1qQAu4g
WG/qMICBKBFAz6aHNG69N0IblgBS4pb+uswGhD93z6WEKwRKmV+ltIjKDD3Zb8Ig
IfaaHOUA1dm3TkGYLxxj5Zegtlmy0ewqLiAFOCCZ0yGcN+Pzhe1D7VlNNwGtLrOq
iQyNPDBYJkJqpkd6JMP6HK2wYTBabmafOlGmdoKRfpcMbMBM0pGTR6MEMBm8wi7f
YhegRidVq9U0oELtWADSKD+GbI3J6c+PAcwknmZ1Bh62TyIyZcmoVrwwZJQ=
-----END CERTIFICATE-----
Generated at Fri May 9 09:18:25 2025 by rpki-client