Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8554ecf9-d083-423a-874d-3662c284ee4a.roa
File: 8554ecf9-d083-423a-874d-3662c284ee4a.roa (raw, json)
Hash identifier: CviyehGbwTuWiUvWaWaXMoYpRsrBVHzPV5VkkOquNj0=
Subject key identifier: C8:E1:46:9C:B5:FB:55:68:11:70:0F:0C:25:C2:9A:97:FA:DF:3E:F2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 540130D9A8332F65838A1637992129D45FBB8341
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8554ecf9-d083-423a-874d-3662c284ee4a.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 40.172.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:01:30:d9:a8:33:2f:65:83:8a:16:37:99:21:29:d4:5f:bb:83:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=35df5bc21e571978f61b24546eae1b0e9d277d980035b050e6ba215d6dc4b1e0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f6:a2:40:f8:3c:e0:6f:ce:c7:d0:2c:c5:23:
0c:24:e5:c5:49:3d:1c:76:3c:ad:4b:9a:e9:6c:d6:
13:6d:84:29:2e:7f:0e:fd:7a:a4:5d:69:5e:27:8c:
87:bb:3a:a3:79:40:02:cf:66:d1:e1:15:ff:f5:f9:
24:9a:cc:b4:ce:72:1a:ba:55:65:15:d6:ba:9f:61:
61:67:25:c3:37:6c:c7:0d:9d:e1:55:a9:03:66:c5:
29:d7:7c:4e:80:00:96:37:59:a5:20:1e:f4:93:4b:
4c:91:f7:4d:c9:ef:a8:16:40:4c:07:8c:57:ff:37:
7c:34:ee:a7:16:d6:85:a2:ae:e5:4b:85:ad:4a:12:
2d:44:4d:d2:51:b3:9d:dd:71:b6:b2:c2:b1:cf:3b:
a8:11:82:87:0a:79:fe:ee:10:70:60:b3:39:c6:c4:
93:a5:fa:10:c1:a8:c4:f0:90:65:fa:7a:3b:ff:69:
17:9f:75:f7:a9:45:5a:6a:60:ad:1c:8f:c2:06:49:
12:99:23:87:ec:31:93:fd:a0:41:d8:d1:ec:75:a9:
7a:4c:c1:97:a2:5e:fc:40:6e:0d:03:fc:3e:58:e9:
9b:96:73:6e:ae:4f:2a:98:44:dd:af:5b:a4:cb:db:
b1:a9:ad:07:bd:3e:a8:f7:27:b2:ba:96:99:51:b5:
d0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E1:46:9C:B5:FB:55:68:11:70:0F:0C:25:C2:9A:97:FA:DF:3E:F2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8554ecf9-d083-423a-874d-3662c284ee4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.172.0.0/14
Signature Algorithm: sha256WithRSAEncryption
3c:84:78:4c:d5:d8:5d:6d:88:9b:92:4b:a0:88:1d:32:aa:0d:
d8:c5:ec:54:be:f8:db:01:ca:29:64:4c:43:82:4a:8e:f1:ad:
c6:19:bf:11:a2:d7:74:06:50:0b:cd:9f:8e:66:15:dd:c1:62:
39:cc:53:e7:7d:d4:a4:4d:6d:66:00:60:42:02:31:3d:65:63:
9c:33:0e:6b:97:35:92:52:c2:8d:6a:5d:07:7f:c4:08:48:ca:
e4:92:f0:7c:e0:65:49:1e:4a:ed:84:17:c8:dd:91:70:a6:f6:
dc:ad:68:0d:97:50:b7:40:90:7a:38:ef:a3:4a:17:1c:20:47:
32:3c:70:70:5d:c9:04:17:ce:61:3b:fb:e9:b0:b7:57:41:91:
36:35:1b:9e:40:94:75:81:b0:6a:16:3c:9c:aa:c4:b6:db:9d:
12:6a:7f:95:2d:30:58:c4:1f:ee:fa:44:1d:94:c1:3a:97:55:
cc:91:46:e1:35:44:16:0a:97:0e:69:30:95:1e:d1:49:53:c6:
12:d3:35:2e:57:3b:07:e3:ef:0e:95:6a:00:bf:b0:cb:ba:fd:
d4:79:6b:af:f5:3f:63:f2:66:92:d0:47:f0:25:91:58:d7:24:
fb:66:60:d9:59:57:0a:31:70:89:e5:82:3c:86:cc:1d:76:71:
85:69:69:f1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVAEw2agzL2WDihY3mSEp1F+7g0EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNWRmNWJjMjFlNTcxOTc4ZjYxYjI0NTQ2ZWFlMWIwZTlk
Mjc3ZDk4MDAzNWIwNTBlNmJhMjE1ZDZkYzRiMWUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCR9qJA+Dzgb87H0CzFIwwk5cVJPRx2PK1Lmuls1hNthCku
fw79eqRdaV4njIe7OqN5QALPZtHhFf/1+SSazLTOchq6VWUV1rqfYWFnJcM3bMcN
neFVqQNmxSnXfE6AAJY3WaUgHvSTS0yR903J76gWQEwHjFf/N3w07qcW1oWiruVL
ha1KEi1ETdJRs53dcbaywrHPO6gRgocKef7uEHBgsznGxJOl+hDBqMTwkGX6ejv/
aRefdfepRVpqYK0cj8IGSRKZI4fsMZP9oEHY0ex1qXpMwZeiXvxAbg0D/D5Y6ZuW
c26uTyqYRN2vW6TL27GprQe9Pqj3J7K6lplRtdDXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUyOFGnLX7VWgRcA8MJcKal/rfPvIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg1NTRlY2Y5LWQwODMtNDIzYS04NzRkLTM2NjJjMjg0ZWU0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIorDANBgkqhkiG9w0BAQsFAAOCAQEAPIR4TNXYXW2Im5JLoIgdMqoN2MXs
VL742wHKKWRMQ4JKjvGtxhm/EaLXdAZQC82fjmYV3cFiOcxT533UpE1tZgBgQgIx
PWVjnDMOa5c1klLCjWpdB3/ECEjK5JLwfOBlSR5K7YQXyN2RcKb23K1oDZdQt0CQ
ejjvo0oXHCBHMjxwcF3JBBfOYTv76bC3V0GRNjUbnkCUdYGwahY8nKrEttudEmp/
lS0wWMQf7vpEHZTBOpdVzJFG4TVEFgqXDmkwlR7RSVPGEtM1Llc7B+PvDpVqAL+w
y7r91Hlrr/U/Y/JmktBH8CWRWNck+2Zg2VlXCjFwieWCPIbMHXZxhWlp8Q==
-----END CERTIFICATE-----
Generated at Tue May 13 02:20:17 2025 by rpki-client