Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2e86e41-0d01-4183-8a3c-833614b54eb6.roa
File: c2e86e41-0d01-4183-8a3c-833614b54eb6.roa (raw, json)
Hash identifier: S2zSrvuTxEEwr/a5UhVPOFwpLPchvJGcBaB7AAjmyvo=
Subject key identifier: 9C:C4:45:65:FD:C8:04:F8:E5:8E:F4:F0:B6:1F:7A:3D:63:72:6D:88
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7427B21E54E4503078CCB3029CF0480E212293A4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2e86e41-0d01-4183-8a3c-833614b54eb6.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 54.25.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:27:b2:1e:54:e4:50:30:78:cc:b3:02:9c:f0:48:0e:21:22:93:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=49f2366bb0d2a91e9f7c9ae1be8514b9edbc3814c49130b8122f30287b0db8c4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:ff:a3:50:e3:ac:75:fd:fb:b5:dd:ff:89:
23:28:93:50:1d:37:a1:01:c7:cf:71:99:cf:fb:f7:
c7:a5:b5:d3:ec:f9:40:87:3a:80:38:2a:7e:75:94:
cc:52:50:3f:cf:c6:1a:1c:2d:b4:28:6c:27:01:95:
51:68:71:9f:a8:40:1f:77:e5:02:26:f0:f9:15:45:
a9:fb:c7:a1:57:b4:a2:cd:e8:3a:5e:4d:0d:aa:5d:
37:c6:c9:26:89:1b:94:ac:0b:17:ea:32:c8:aa:3b:
c0:60:62:63:03:dd:0a:5a:38:60:02:a0:7e:b8:96:
40:77:57:4f:8d:bf:01:2e:f4:65:6c:9f:58:45:7d:
36:04:7c:ec:df:b2:bf:66:aa:60:27:16:2a:45:66:
39:79:ab:7f:01:bc:c2:f8:48:8f:23:da:20:e6:99:
38:22:9d:22:ad:51:bd:23:1c:0c:eb:b3:59:77:8f:
85:f5:f7:10:15:d5:43:bf:e5:f4:1d:a4:2b:1c:04:
39:33:87:f9:c1:a1:f1:e4:65:ca:af:a6:6f:65:36:
53:f0:07:ce:82:34:3a:09:48:16:de:e9:da:fb:af:
9d:7d:7c:b7:cf:8f:11:e7:51:2c:07:d4:e5:b0:5c:
be:45:4f:89:8d:51:03:fa:6e:64:1c:1d:ff:41:2f:
33:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C4:45:65:FD:C8:04:F8:E5:8E:F4:F0:B6:1F:7A:3D:63:72:6D:88
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2e86e41-0d01-4183-8a3c-833614b54eb6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
54.25.68.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:40:7c:f8:89:a7:22:79:60:e4:79:f5:55:89:e9:66:3e:de:
6b:40:80:dc:4e:52:59:59:c7:49:d9:2e:a5:9a:10:33:59:27:
6a:34:e2:6c:ec:4a:3a:04:ad:75:35:73:87:2c:67:07:23:f4:
1a:d4:72:5f:78:6a:c5:8f:ee:b7:cd:22:f0:45:4a:68:a7:3c:
8c:5e:91:17:c9:32:51:a1:69:ac:46:d1:b4:b1:3c:a6:dd:ac:
95:c1:02:35:0b:c4:b2:a1:0f:63:b3:3b:96:14:89:ec:b4:71:
e7:39:6c:94:c9:5e:06:ce:b1:e7:a1:5e:90:2d:9e:68:98:e6:
26:2c:4d:d3:74:bf:1c:c5:e1:28:3d:51:e0:a6:a8:0f:4b:53:
ad:8e:51:43:bc:b8:61:af:b1:4c:65:51:5f:79:4b:37:7f:f1:
a3:61:68:74:3e:31:a5:b7:96:e6:cb:ca:31:2c:cb:10:f2:7e:
e5:d4:f6:1a:f9:92:da:45:f8:4e:b8:e1:46:7f:c7:66:5a:2c:
df:0c:2d:06:fe:08:9a:56:d5:32:ad:f4:0f:d2:ca:04:f4:9c:
b2:92:62:0a:1b:44:10:3f:68:2b:b7:22:ce:f7:a9:a8:7f:2a:
07:bb:06:22:fd:00:1f:e8:de:d8:1f:db:c2:74:14:28:ba:dc:
5c:eb:f5:7a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdCeyHlTkUDB4zLMCnPBIDiEik6QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWYyMzY2YmIwZDJhOTFlOWY3YzlhZTFiZTg1MTRiOWVk
YmMzODE0YzQ5MTMwYjgxMjJmMzAyODdiMGRiOGM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpnv+jUOOsdf37td3/iSMok1AdN6EBx89xmc/798eltdPs
+UCHOoA4Kn51lMxSUD/PxhocLbQobCcBlVFocZ+oQB935QIm8PkVRan7x6FXtKLN
6DpeTQ2qXTfGySaJG5SsCxfqMsiqO8BgYmMD3QpaOGACoH64lkB3V0+NvwEu9GVs
n1hFfTYEfOzfsr9mqmAnFipFZjl5q38BvML4SI8j2iDmmTginSKtUb0jHAzrs1l3
j4X19xAV1UO/5fQdpCscBDkzh/nBofHkZcqvpm9lNlPwB86CNDoJSBbe6dr7r519
fLfPjxHnUSwH1OWwXL5FT4mNUQP6bmQcHf9BLzOrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnMRFZf3IBPjljvTwth96PWNybYgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyZTg2ZTQxLTBkMDEtNDE4My04YTNjLTgzMzYxNGI1NGViNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GUQwDQYJKoZIhvcNAQELBQADggEBAD5AfPiJpyJ5YOR59VWJ6WY+3mtA
gNxOUllZx0nZLqWaEDNZJ2o04mzsSjoErXU1c4csZwcj9BrUcl94asWP7rfNIvBF
SminPIxekRfJMlGhaaxG0bSxPKbdrJXBAjULxLKhD2OzO5YUiey0cec5bJTJXgbO
seehXpAtnmiY5iYsTdN0vxzF4Sg9UeCmqA9LU62OUUO8uGGvsUxlUV95Szd/8aNh
aHQ+MaW3lubLyjEsyxDyfuXU9hr5ktpF+E644UZ/x2ZaLN8MLQb+CJpW1TKt9A/S
ygT0nLKSYgobRBA/aCu3Is73qah/Kge7BiL9AB/o3tgf28J0FCi63Fzr9Xo=
-----END CERTIFICATE-----
Generated at Sun May 11 18:06:10 2025 by rpki-client