Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dd1fe956-aaed-411d-9093-88449b6e454d.roa
File: dd1fe956-aaed-411d-9093-88449b6e454d.roa (raw, json)
Hash identifier: fqcj+2BCcoHSVX5cKEdXvH0EwmD9yI+H/Gl0Ahh/tMs=
Subject key identifier: E6:56:A2:A2:96:68:C3:97:18:63:F9:D2:42:33:22:EE:D1:70:F8:BF
Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial: 6F5184556C82E6EDA61C651E4E67C8125FB88D24
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dd1fe956-aaed-411d-9093-88449b6e454d.roa
Signing time: Fri 06 Dec 2024 00:00:00 +0000
ROA not before: Fri 06 Dec 2024 00:00:00 +0000
ROA not after: Fri 10 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 23.251.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:51:84:55:6c:82:e6:ed:a6:1c:65:1e:4e:67:c8:12:5f:b8:8d:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Validity
Not Before: Dec 6 00:00:00 2024 GMT
Not After : Jan 10 23:59:59 2025 GMT
Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:af:f9:a6:b0:a6:0a:d8:9c:5a:e4:ea:07:a1:
c6:23:5b:2f:ab:82:aa:44:34:30:90:a0:93:09:d4:
b4:ec:5a:ee:47:d4:98:ed:ee:1d:e4:73:fb:f9:68:
72:7d:b3:eb:bc:07:97:cf:6f:42:1d:20:06:b3:fa:
35:4e:5a:51:63:dd:89:5c:a5:ac:f6:2f:4c:8b:e0:
44:0b:8b:78:02:bc:9e:77:0b:1e:87:8d:f5:c8:51:
71:4d:58:88:58:6e:29:23:6f:8c:2e:e5:0f:dc:96:
3e:fe:7f:63:c3:6a:47:8e:43:d5:83:a0:ce:35:7b:
19:ff:8f:62:2d:9d:a2:5c:0e:88:82:39:f6:a4:ae:
a5:55:3a:8b:bd:42:d4:72:d0:76:16:59:1e:87:ae:
2d:00:2c:1c:12:5a:67:0a:9d:94:c9:eb:89:7f:1c:
d5:a2:99:7c:55:f0:05:1a:b5:a0:12:66:3a:db:31:
eb:d6:d4:5e:74:98:b7:47:a4:50:6c:68:e1:fd:8f:
21:60:68:4b:c2:9a:9a:b3:4a:21:10:78:19:42:ee:
22:7b:4d:d9:bc:e0:df:8c:9c:18:aa:a1:06:81:2e:
b5:f3:36:45:6b:d9:14:f5:68:43:ac:ff:e2:48:c5:
b1:9f:66:02:b7:05:e4:1b:91:1e:19:e5:ef:b9:18:
03:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:56:A2:A2:96:68:C3:97:18:63:F9:D2:42:33:22:EE:D1:70:F8:BF
X509v3 Authority Key Identifier:
keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dd1fe956-aaed-411d-9093-88449b6e454d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.251.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:a0:3c:0a:5e:26:77:5d:84:ba:57:c6:76:d6:fd:dd:64:a0:
dc:f9:f3:1a:38:38:c9:20:dd:be:4d:b7:aa:ec:7e:6b:a4:fb:
01:c4:3b:f0:5a:29:c4:ad:d3:a4:f4:7b:6b:0b:99:92:97:16:
c4:aa:2c:f4:82:ff:13:09:3e:43:09:a5:0f:0d:79:86:9b:41:
c5:e8:4e:14:cb:3a:84:49:6a:ab:7c:c8:15:bd:1a:68:93:55:
02:c3:79:c8:59:d2:60:4f:e4:31:42:16:ad:bb:93:ff:d0:17:
27:f2:df:42:ef:f1:fc:34:2d:b5:12:7f:37:f3:d3:43:cb:26:
80:21:49:96:14:1f:d8:8c:b2:d5:cb:0a:bb:dc:7a:01:e5:5f:
ea:3b:48:08:6f:0e:e6:59:fc:a7:f6:2c:28:ca:98:e6:21:dd:
02:9e:c7:18:e5:11:f0:ed:3f:ad:aa:a5:47:d7:f5:fa:fe:e5:
c9:55:8b:bf:7d:f4:63:61:36:62:1b:ff:c4:6b:5e:77:4d:e6:
15:83:c2:91:6e:38:ac:58:b6:c2:68:9c:e9:fb:e8:f1:1e:d0:
21:cd:7d:a0:ad:08:ad:54:c1:d1:34:fd:08:00:15:ee:d7:cd:
50:27:ba:38:f2:0c:0a:d2:14:e1:aa:0d:ba:0e:a7:96:9f:66:
67:e0:54:fb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUb1GEVWyC5u2mHGUeTmfIEl+4jSQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMjA2MDAwMDAwWhcNMjUwMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTE2YWUzZjA2ZjcwZDYwZmFlYWQ4NGIwMjQ4ZWE0MzYw
YjI2YWZhNzEzMzYxY2I4YWNiMmE2ZWQ3Nzg5YjQ5MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZr/mmsKYK2Jxa5OoHocYjWy+rgqpENDCQoJMJ1LTsWu5H
1Jjt7h3kc/v5aHJ9s+u8B5fPb0IdIAaz+jVOWlFj3Ylcpaz2L0yL4EQLi3gCvJ53
Cx6HjfXIUXFNWIhYbikjb4wu5Q/clj7+f2PDakeOQ9WDoM41exn/j2ItnaJcDoiC
OfakrqVVOou9QtRy0HYWWR6Hri0ALBwSWmcKnZTJ64l/HNWimXxV8AUataASZjrb
MevW1F50mLdHpFBsaOH9jyFgaEvCmpqzSiEQeBlC7iJ7Tdm84N+MnBiqoQaBLrXz
NkVr2RT1aEOs/+JIxbGfZgK3BeQbkR4Z5e+5GAMLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5laiopZow5cYY/nSQjMi7tFw+L8wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2RkMWZlOTU2LWFhZWQtNDExZC05MDkzLTg4NDQ5YjZlNDU0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUX++AwDQYJKoZIhvcNAQELBQADggEBAAugPApeJnddhLpXxnbW/d1koNz5
8xo4OMkg3b5Nt6rsfmuk+wHEO/BaKcSt06T0e2sLmZKXFsSqLPSC/xMJPkMJpQ8N
eYabQcXoThTLOoRJaqt8yBW9GmiTVQLDechZ0mBP5DFCFq27k//QFyfy30Lv8fw0
LbUSfzfz00PLJoAhSZYUH9iMstXLCrvcegHlX+o7SAhvDuZZ/Kf2LCjKmOYh3QKe
xxjlEfDtP62qpUfX9fr+5clVi7999GNhNmIb/8RrXndN5hWDwpFuOKxYtsJonOn7
6PEe0CHNfaCtCK1UwdE0/QgAFe7XzVAnujjyDArSFOGqDboOp5afZmfgVPs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:30 2025 by rpki-client