Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/9aeffebe-1edf-44a7-a4a7-f9ca3344698a.roa
File: 9aeffebe-1edf-44a7-a4a7-f9ca3344698a.roa (raw, json)
Hash identifier: DKxux6sFosURaf94SVUeuS5RaoS22VImHjlAr6+vvnk=
Subject key identifier: 20:D7:06:5C:53:92:A2:8B:C0:58:83:41:07:F1:C5:9C:F5:9C:3E:FE
Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial: 5939617852DEE0833094C2FECB47644943FC3789
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/9aeffebe-1edf-44a7-a4a7-f9ca3344698a.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.96.64.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:39:61:78:52:de:e0:83:30:94:c2:fe:cb:47:64:49:43:fc:37:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: CN=8cd8442f-235f-4171-84e6-8e1007a64c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:89:77:3c:72:ad:7b:43:4c:38:73:37:a3:c6:
96:31:f0:03:53:b1:6b:73:c8:c4:81:7e:dc:c6:7f:
38:3b:a3:95:2b:99:dc:cc:b4:19:f7:f4:db:40:57:
3e:5c:5e:3e:b5:0c:a3:32:69:8f:83:e9:58:db:b6:
1e:fa:a4:be:e8:06:a3:20:b0:6a:ae:a7:4c:6d:ad:
b3:fd:66:0c:f8:89:f4:b1:02:f0:ee:b6:39:2f:a2:
26:22:2f:44:8d:33:6d:84:35:cd:f2:6b:c7:f0:41:
42:0a:e6:aa:19:81:3a:84:37:43:f8:5d:99:de:37:
26:32:62:86:61:ff:79:ef:5f:3d:8b:5b:09:11:41:
be:9a:fd:d1:59:4c:24:fe:f1:55:69:dc:4d:21:82:
79:0e:bf:cf:4e:0b:e8:af:a5:5e:2d:d7:a1:4e:11:
79:a8:56:9b:1b:5e:58:85:d3:70:cf:18:72:3f:69:
4b:55:b3:2e:39:f7:a3:d8:25:bd:16:a6:bd:ca:8c:
38:3b:dc:72:fb:86:ff:e2:b7:4e:22:44:f4:2a:04:
7c:33:cb:b2:79:05:08:64:f3:c6:a6:dc:b6:93:62:
3e:c0:e7:5d:95:4e:41:b0:e0:4e:56:1d:80:f3:ce:
7f:ef:91:8f:3a:15:ee:50:0d:40:6f:79:ec:80:6d:
0f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D7:06:5C:53:92:A2:8B:C0:58:83:41:07:F1:C5:9C:F5:9C:3E:FE
X509v3 Authority Key Identifier:
keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/9aeffebe-1edf-44a7-a4a7-f9ca3344698a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.96.64.0/20
Signature Algorithm: sha256WithRSAEncryption
62:a8:83:1f:b1:d8:aa:28:36:ae:98:cd:1f:8c:4f:4b:30:d2:
f1:94:09:79:ea:96:31:c2:08:3d:c5:fb:c0:38:36:69:91:db:
f9:be:d4:da:25:fc:57:fa:cf:c7:52:83:76:ce:8b:9a:6d:46:
10:c9:08:bd:e1:de:90:0c:a0:bd:cd:63:98:2a:11:a3:63:81:
76:3f:50:3e:88:48:c3:f3:6d:60:32:96:77:1a:3a:34:7b:87:
49:ee:6a:3e:6b:cb:1c:42:57:e1:87:00:8a:85:9e:db:de:0f:
f4:09:1e:15:81:1c:89:aa:61:27:b8:99:aa:bf:d0:6b:10:29:
b2:e4:b9:c7:0c:f8:08:17:b6:cd:ac:75:ee:39:3d:11:a9:24:
d9:0f:6c:82:18:64:b0:cb:93:3b:f4:9e:de:6c:4f:f4:9c:f9:
0e:3b:ab:c8:39:1f:47:ef:02:ed:73:01:cf:1b:9e:31:68:d7:
48:72:3c:2e:8b:8e:bf:ac:9a:28:8f:15:4d:90:73:49:0d:a0:
f6:52:02:1b:e1:d9:cc:06:09:56:73:59:6b:c5:61:d2:cd:32:
3d:ec:fb:54:83:21:75:ef:19:65:d5:44:23:e6:3a:5d:63:dc:
a7:0b:09:17:28:4f:23:87:0c:35:8a:65:41:69:29:82:ae:7f:
ef:ca:31:71
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWTlheFLe4IMwlML+y0dkSUP8N4kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNzFkZGVkYmQ2OGU4YzVmNjEyOWQzMGJlMmE1Nzk5Mjky
ZTZhZmNhYWZkNjcyNTUyODVmYTY4MmU3ZTAzNDc3MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsiXc8cq17Q0w4czejxpYx8ANTsWtzyMSBftzGfzg7o5Ur
mdzMtBn39NtAVz5cXj61DKMyaY+D6Vjbth76pL7oBqMgsGqup0xtrbP9Zgz4ifSx
AvDutjkvoiYiL0SNM22ENc3ya8fwQUIK5qoZgTqEN0P4XZneNyYyYoZh/3nvXz2L
WwkRQb6a/dFZTCT+8VVp3E0hgnkOv89OC+ivpV4t16FOEXmoVpsbXliF03DPGHI/
aUtVsy4596PYJb0Wpr3KjDg73HL7hv/it04iRPQqBHwzy7J5BQhk88am3LaTYj7A
512VTkGw4E5WHYDzzn/vkY86Fe5QDUBveeyAbQ+DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUINcGXFOSoovAWINBB/HFnPWcPv4wHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzlhZWZmZWJlLTFlZGYtNDRhNy1hNGE3LWY5Y2EzMzQ0Njk4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQjYEAwDQYJKoZIhvcNAQELBQADggEBAGKogx+x2KooNq6YzR+MT0sw0vGU
CXnqljHCCD3F+8A4NmmR2/m+1Nol/Ff6z8dSg3bOi5ptRhDJCL3h3pAMoL3NY5gq
EaNjgXY/UD6ISMPzbWAylncaOjR7h0nuaj5ryxxCV+GHAIqFntveD/QJHhWBHImq
YSe4maq/0GsQKbLkuccM+AgXts2sde45PRGpJNkPbIIYZLDLkzv0nt5sT/Sc+Q47
q8g5H0fvAu1zAc8bnjFo10hyPC6Ljr+smiiPFU2Qc0kNoPZSAhvh2cwGCVZzWWvF
YdLNMj3s+1SDIXXvGWXVRCPmOl1j3KcLCRcoTyOHDDWKZUFpKYKuf+/KMXE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:15 2025 by rpki-client