Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/588d785a-ae9e-40a3-910c-2e1c98f56f86.roa
File: 588d785a-ae9e-40a3-910c-2e1c98f56f86.roa (raw, json)
Hash identifier: lh2aXXSSQIdYo4TQeGSgL4RiPmtUsL/srXnSyCdIWSs=
Subject key identifier: 63:8F:40:DF:34:18:46:2F:52:B5:0E:15:42:49:88:08:B4:F0:F9:A1
Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial: 2B689F6050AF1DF6EAC5FCBAE12E68E4D3FACA7A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/588d785a-ae9e-40a3-910c-2e1c98f56f86.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 18.96.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:68:9f:60:50:af:1d:f6:ea:c5:fc:ba:e1:2e:68:e4:d3:fa:ca:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:0f:bd:40:6a:84:ed:31:89:d4:38:a3:67:
78:ed:5a:23:1c:10:aa:be:1a:13:07:a5:40:db:87:
bc:cd:d0:29:94:94:2d:05:e8:19:76:40:ca:69:76:
b3:49:3b:03:9a:69:c3:5e:84:c3:64:94:38:12:e4:
2f:c0:52:28:01:e2:26:b0:b1:49:ce:89:14:91:8c:
f2:f6:ae:15:37:60:f5:bb:be:bc:5b:37:6a:ea:8c:
38:db:8c:74:20:22:96:a7:b2:1d:f2:44:c1:07:1a:
1b:87:3b:22:bd:b2:68:62:fb:ba:5a:85:1f:af:ac:
7e:33:88:1d:fe:f5:e6:bb:37:96:9f:ba:1a:56:16:
0a:31:15:d4:4b:31:3d:4c:af:b1:24:d2:71:3c:8b:
a9:f8:4b:f8:2e:77:88:be:d6:9f:52:92:d4:58:e5:
e6:09:26:08:f9:f2:c2:d4:21:07:bd:4d:8c:27:dd:
c7:e9:af:50:69:a0:53:f2:df:d4:5f:ef:bb:50:32:
49:79:87:10:60:7a:af:12:8f:d7:df:d6:60:9a:da:
03:bd:9c:0f:b1:3d:d7:97:be:67:be:20:47:41:98:
14:7d:cb:7a:62:4d:92:5a:a0:dc:0d:22:dd:e9:2d:
9c:53:1c:b7:1d:43:2e:93:2a:af:9f:b4:10:e1:a7:
62:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8F:40:DF:34:18:46:2F:52:B5:0E:15:42:49:88:08:B4:F0:F9:A1
X509v3 Authority Key Identifier:
keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/588d785a-ae9e-40a3-910c-2e1c98f56f86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
18.96.128.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:03:1e:9f:9f:a7:f9:4b:23:ff:88:c6:75:1f:37:1f:ed:86:
e1:49:b1:62:30:78:6b:38:b6:c2:51:18:18:6d:c3:6f:74:d0:
6a:f9:89:1b:2a:5c:7f:34:9f:f8:04:fb:12:4f:0f:2f:f6:50:
c2:02:62:49:cf:0b:e9:77:f2:4f:fd:e6:25:b5:9e:66:48:5a:
9a:3e:19:9f:75:8e:6b:79:6d:17:f2:3a:3d:c7:8b:d6:4b:a8:
d1:14:8f:46:e8:0e:0c:d1:87:3c:dd:51:a0:d7:98:fd:16:82:
6e:72:0c:2e:9f:4d:0c:e8:b4:c3:83:10:13:27:f3:70:7d:96:
2f:c4:62:08:00:e1:15:20:16:c8:e7:3a:98:c5:4b:f6:0d:05:
09:4b:0c:ca:ba:13:51:18:bf:dd:b9:d2:db:c9:a0:14:a0:d5:
d9:72:4b:6d:f0:37:fc:4b:0a:b6:1f:cf:14:8b:60:94:41:bb:
d9:6f:8a:d4:92:30:fb:c8:1d:03:76:25:98:37:15:26:b8:fd:
f1:dd:9d:04:db:14:53:c8:58:ef:ee:e8:45:c1:f3:56:2b:eb:
1a:fd:80:c8:a3:2a:62:26:1c:62:f7:c1:98:b9:58:58:55:6b:
0d:c8:b3:5d:e5:dd:e9:78:23:f0:7c:f4:67:67:2c:1f:bb:30:
4c:99:bf:e7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK2ifYFCvHfbqxfy64S5o5NP6ynowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZWEzZmNlMzZhOWY2OTgwOWUxYzgzODE5N2IzYmZhMTFm
OGRiYTg3ZWQxMDZhMTQ5OGU0OWJlMzBkOTIwOTcyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjuA+9QGqE7TGJ1DijZ3jtWiMcEKq+GhMHpUDbh7zN0CmU
lC0F6Bl2QMppdrNJOwOaacNehMNklDgS5C/AUigB4iawsUnOiRSRjPL2rhU3YPW7
vrxbN2rqjDjbjHQgIpansh3yRMEHGhuHOyK9smhi+7pahR+vrH4ziB3+9ea7N5af
uhpWFgoxFdRLMT1Mr7Ek0nE8i6n4S/gud4i+1p9SktRY5eYJJgj58sLUIQe9TYwn
3cfpr1BpoFPy39Rf77tQMkl5hxBgeq8Sj9ff1mCa2gO9nA+xPdeXvme+IEdBmBR9
y3piTZJaoNwNIt3pLZxTHLcdQy6TKq+ftBDhp2IxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUY49A3zQYRi9StQ4VQkmICLTw+aEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU4OGQ3ODVhLWFlOWUtNDBhMy05MTBjLTJlMWM5OGY1NmY4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUSYIAwDQYJKoZIhvcNAQELBQADggEBAHwDHp+fp/lLI/+IxnUfNx/thuFJ
sWIweGs4tsJRGBhtw2900Gr5iRsqXH80n/gE+xJPDy/2UMICYknPC+l38k/95iW1
nmZIWpo+GZ91jmt5bRfyOj3Hi9ZLqNEUj0boDgzRhzzdUaDXmP0Wgm5yDC6fTQzo
tMODEBMn83B9li/EYggA4RUgFsjnOpjFS/YNBQlLDMq6E1EYv9250tvJoBSg1dly
S23wN/xLCrYfzxSLYJRBu9lvitSSMPvIHQN2JZg3FSa4/fHdnQTbFFPIWO/u6EXB
81Yr6xr9gMijKmImHGL3wZi5WFhVaw3Is13l3el4I/B89GdnLB+7MEyZv+c=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:07 2025 by rpki-client