Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/d30a92cb-bd13-49ea-aa2c-6d8c9564235d.roa
File: d30a92cb-bd13-49ea-aa2c-6d8c9564235d.roa (raw, json)
Hash identifier: ZfoKBzaxYY2jEvRob9qjiWyj4lnzS7U49IkUyLnz6fk=
Subject key identifier: 66:5A:2B:0E:32:65:7E:75:3C:E6:C7:7D:FB:FA:D5:65:B6:07:BB:75
Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial: 71CFB182AC37EBF931B65E77CA5EEAF1A490F780
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/d30a92cb-bd13-49ea-aa2c-6d8c9564235d.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2606:7b40:1800::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:cf:b1:82:ac:37:eb:f9:31:b6:5e:77:ca:5e:ea:f1:a4:90:f7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: CN=8cd8442f-235f-4171-84e6-8e1007a64c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c7:0b:8f:f6:ab:f4:dd:9f:16:69:a9:5c:d1:
41:b2:a9:e5:76:a0:5c:07:f3:b1:76:69:6b:99:eb:
1b:ce:ac:5d:1c:19:42:7a:7e:c9:2e:4c:2b:c3:a1:
4f:5f:35:77:fe:be:a3:8c:83:0b:69:6c:3c:02:94:
c8:5e:73:df:a3:70:e3:19:ab:0f:e6:27:95:fc:71:
f0:bf:94:75:54:5f:76:16:54:ca:d6:8b:00:72:e5:
8c:ea:b8:db:d1:51:1a:f7:7e:f6:32:7b:6e:3c:1f:
64:8d:78:69:04:da:e2:7d:54:79:85:3d:a1:e5:28:
b4:68:cb:4b:35:87:24:41:f2:0f:bd:ce:b9:5e:82:
2d:68:cc:65:c4:ee:f5:92:30:32:3f:91:c2:6c:6a:
ef:88:88:83:27:0d:42:15:40:bb:f6:f5:f9:f4:6c:
be:5e:b4:8c:34:28:fd:03:cd:5d:b6:61:92:62:91:
5d:db:76:f7:88:4b:bf:60:64:29:bb:29:71:71:9d:
10:90:b0:7f:90:6a:cd:67:36:4e:3a:f3:a1:ba:e8:
5e:1e:b7:e0:3d:4e:6e:f1:ce:09:0d:59:b3:5c:7a:
43:53:00:0e:f7:d1:64:88:17:51:cf:eb:c8:a1:fa:
ca:9d:af:d9:db:69:1a:65:ed:57:8b:26:10:29:6c:
69:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5A:2B:0E:32:65:7E:75:3C:E6:C7:7D:FB:FA:D5:65:B6:07:BB:75
X509v3 Authority Key Identifier:
keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/d30a92cb-bd13-49ea-aa2c-6d8c9564235d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2606:7b40:1800::/48
Signature Algorithm: sha256WithRSAEncryption
24:77:c3:f2:3c:9b:55:10:a8:88:c1:f0:a0:5b:c6:bf:52:05:
e1:03:67:b0:cc:31:67:29:4f:6f:72:e1:97:1c:32:fc:ff:bc:
d4:8e:3e:d3:71:62:3a:7a:b5:1a:3f:12:df:50:3f:9c:47:0f:
61:df:9b:6e:f2:19:57:7e:6a:61:1e:c9:a9:d8:3e:36:f3:2b:
b0:98:ee:0f:f6:62:c6:0e:f5:18:b3:4e:25:a9:db:ec:c6:e8:
d5:93:bf:16:45:75:c9:4c:3f:5e:37:5f:08:a2:cc:58:2a:a9:
c3:42:ca:bc:32:f3:33:44:5e:1d:2f:ef:e0:cf:4b:39:f1:3b:
69:ba:85:e3:bd:82:ad:46:20:57:d7:08:d4:c0:ff:6a:e1:29:
c0:37:ee:06:99:1f:4a:0a:a6:14:4d:03:1b:84:e8:be:3e:06:
f8:cc:60:b9:72:be:5d:59:23:26:5d:58:a1:a4:b5:9b:a2:52:
94:70:ee:d1:2a:0a:cb:56:2f:37:77:32:ad:88:4b:b0:52:5f:
3a:b3:94:38:ec:95:bc:ad:75:eb:9f:4b:45:a9:3d:76:a3:0f:
2b:83:fe:e1:ec:d8:da:95:98:ac:a1:74:c6:03:7e:95:bc:93:
cf:f8:ed:a0:71:81:a4:fd:f0:8d:56:ac:82:b6:f5:bd:32:41:
cc:44:db:7b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUcc+xgqw36/kxtl53yl7q8aSQ94AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZjBhZDRjYWE2ZDVkNGZiNzVhMjA0YmI2YjM4ZTE5ODMz
ZmMyNzAxMDJjYzNjNGQ0NGNjNTYwZDYwODY5NWQ3MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6xwuP9qv03Z8Waalc0UGyqeV2oFwH87F2aWuZ6xvOrF0c
GUJ6fskuTCvDoU9fNXf+vqOMgwtpbDwClMhec9+jcOMZqw/mJ5X8cfC/lHVUX3YW
VMrWiwBy5YzquNvRURr3fvYye248H2SNeGkE2uJ9VHmFPaHlKLRoy0s1hyRB8g+9
zrlegi1ozGXE7vWSMDI/kcJsau+IiIMnDUIVQLv29fn0bL5etIw0KP0DzV22YZJi
kV3bdveIS79gZCm7KXFxnRCQsH+Qas1nNk4686G66F4et+A9Tm7xzgkNWbNcekNT
AA730WSIF1HP68ih+sqdr9nbaRpl7VeLJhApbGm5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZlorDjJlfnU85sd9+/rVZbYHu3UwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2QzMGE5MmNiLWJkMTMtNDllYS1hYTJjLTZkOGM5NTY0MjM1ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBntAGAAwDQYJKoZIhvcNAQELBQADggEBACR3w/I8m1UQqIjB8KBbxr9S
BeEDZ7DMMWcpT29y4ZccMvz/vNSOPtNxYjp6tRo/Et9QP5xHD2Hfm27yGVd+amEe
yanYPjbzK7CY7g/2YsYO9RizTiWp2+zG6NWTvxZFdclMP143XwiizFgqqcNCyrwy
8zNEXh0v7+DPSznxO2m6heO9gq1GIFfXCNTA/2rhKcA37gaZH0oKphRNAxuE6L4+
BvjMYLlyvl1ZIyZdWKGktZuiUpRw7tEqCstWLzd3Mq2IS7BSXzqzlDjslbytdeuf
S0WpPXajDyuD/uHs2NqVmKyhdMYDfpW8k8/47aBxgaT98I1WrIK29b0yQcxE23s=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:52:21 2025 by rpki-client