Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/56b09d9d-868d-43ad-b16b-6687797ed0a4.roa
File: 56b09d9d-868d-43ad-b16b-6687797ed0a4.roa (raw, json)
Hash identifier: ySBa2MZ89LyXGaXIUPY927fAKOC6jh3EhEt2d05/lcQ=
Subject key identifier: 96:17:5F:51:52:BA:75:61:0C:59:9B:10:51:7F:DC:59:71:46:AF:97
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 25BD032820FDF27332294519FFBD01C224C91621
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/56b09d9d-868d-43ad-b16b-6687797ed0a4.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 5.60.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:bd:03:28:20:fd:f2:73:32:29:45:19:ff:bd:01:c2:24:c9:16:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=e5215b6f2e4f9db5b1000a05cc812eeca7a81d41d3c023ccf1695258f7004ed6, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c1:75:86:2c:a3:73:54:d1:ee:2f:8d:d3:cf:
a4:ff:12:bd:e7:ec:5e:94:dd:d7:14:6d:db:56:34:
71:87:7e:0b:0c:bb:47:ec:59:af:bc:7a:52:71:1f:
a8:81:cb:21:82:c2:ea:20:77:45:f3:b4:79:a6:b8:
98:8b:5c:51:90:ce:a3:40:f8:25:83:da:67:cd:84:
72:78:ac:a8:cf:f1:09:6d:9c:5b:62:df:62:76:5b:
86:98:0f:f2:55:5e:42:a3:55:4a:85:c1:b2:6a:c8:
ae:e1:3d:3c:7b:6c:e7:10:d8:24:d9:90:42:dc:6d:
2e:72:5c:c1:ca:1b:27:fd:33:04:db:2e:af:d2:0a:
df:81:0e:17:0e:33:e4:db:dd:b9:ff:f5:76:4b:4a:
ca:61:a8:03:44:68:d7:84:db:63:de:d6:aa:48:31:
dc:47:4d:3c:13:4f:85:fe:15:99:01:5b:45:c0:30:
a2:92:bc:72:8a:41:aa:42:c5:7a:d9:ea:39:15:dc:
7e:d8:65:99:22:d3:4e:d6:87:19:25:05:04:13:a4:
2e:a6:bf:42:3c:1a:95:8d:4a:01:c6:dc:da:99:55:
55:b6:b2:b7:d3:14:74:af:2c:5a:5f:5a:9c:57:13:
da:33:eb:21:94:cd:d3:e0:a8:db:90:76:28:a5:37:
cb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:17:5F:51:52:BA:75:61:0C:59:9B:10:51:7F:DC:59:71:46:AF:97
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/56b09d9d-868d-43ad-b16b-6687797ed0a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:ec:7f:e8:a9:97:96:1f:e7:7e:c3:8f:4f:1f:ad:f3:5b:68:
88:e2:6c:b1:64:47:f2:61:c9:c7:da:13:1a:de:87:b6:f9:38:
59:82:1f:0d:c6:12:07:b6:97:67:46:f4:f5:bb:b8:c5:0d:34:
07:97:4b:a6:f6:86:ec:5a:de:9e:7f:45:73:69:35:f1:36:f5:
24:a6:22:37:a0:10:dd:02:a5:b9:8b:51:a5:02:33:e2:e9:3f:
ec:9c:b4:1e:9d:63:f4:22:1b:66:ed:55:1f:93:9d:4f:0a:63:
16:f2:d9:81:d2:e0:0b:43:61:5a:6a:a3:64:a9:7a:57:e6:48:
c2:60:ca:52:e6:5c:74:a5:f1:34:6a:94:de:d0:f2:f1:83:1f:
c8:8a:9d:e2:b8:73:36:72:3f:15:f6:0c:1c:62:d7:64:10:b8:
e7:2a:e3:03:30:94:f9:3a:15:e1:a5:f8:1f:58:e6:fa:13:8f:
5a:cc:5b:3a:4b:79:86:91:9d:3d:b1:a7:8e:f0:f4:29:4e:c7:
c0:0c:f7:91:cb:16:42:b0:1d:35:f5:e4:80:ec:a3:ac:4a:cc:
61:07:5f:5f:67:f0:cf:d2:53:a0:e0:53:5d:c2:28:26:42:ec:
a7:d3:48:9d:eb:3f:a2:ef:4a:46:b7:6e:c5:01:df:cb:41:35:
9d:16:15:88
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJb0DKCD98nMyKUUZ/70BwiTJFiEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNTIxNWI2ZjJlNGY5ZGI1YjEwMDBhMDVjYzgxMmVlY2E3
YTgxZDQxZDNjMDIzY2NmMTY5NTI1OGY3MDA0ZWQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOwXWGLKNzVNHuL43Tz6T/Er3n7F6U3dcUbdtWNHGHfgsM
u0fsWa+8elJxH6iByyGCwuogd0XztHmmuJiLXFGQzqNA+CWD2mfNhHJ4rKjP8Qlt
nFti32J2W4aYD/JVXkKjVUqFwbJqyK7hPTx7bOcQ2CTZkELcbS5yXMHKGyf9MwTb
Lq/SCt+BDhcOM+Tb3bn/9XZLSsphqANEaNeE22Pe1qpIMdxHTTwTT4X+FZkBW0XA
MKKSvHKKQapCxXrZ6jkV3H7YZZki007WhxklBQQTpC6mv0I8GpWNSgHG3NqZVVW2
srfTFHSvLFpfWpxXE9oz6yGUzdPgqNuQdiilN8uxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUlhdfUVK6dWEMWZsQUX/cWXFGr5cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU2YjA5ZDlkLTg2OGQtNDNhZC1iMTZiLTY2ODc3OTdlZDBhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAFPDANBgkqhkiG9w0BAQsFAAOCAQEAMux/6KmXlh/nfsOPTx+t81toiOJs
sWRH8mHJx9oTGt6Htvk4WYIfDcYSB7aXZ0b09bu4xQ00B5dLpvaG7Frenn9Fc2k1
8Tb1JKYiN6AQ3QKluYtRpQIz4uk/7Jy0Hp1j9CIbZu1VH5OdTwpjFvLZgdLgC0Nh
WmqjZKl6V+ZIwmDKUuZcdKXxNGqU3tDy8YMfyIqd4rhzNnI/FfYMHGLXZBC45yrj
AzCU+ToV4aX4H1jm+hOPWsxbOkt5hpGdPbGnjvD0KU7HwAz3kcsWQrAdNfXkgOyj
rErMYQdfX2fwz9JToOBTXcIoJkLsp9NInes/ou9KRrduxQHfy0E1nRYViA==
-----END CERTIFICATE-----
Generated at Sun May 11 21:22:49 2025 by rpki-client