Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da7f5796-051d-4844-9de2-3d72a66d9b4a.roa
File: da7f5796-051d-4844-9de2-3d72a66d9b4a.roa (raw, json)
Hash identifier: uleQcq7GJRlcTXT5wCTfwvAiUD4OMi2jSRgG/JMzB9g=
Subject key identifier: AF:9F:43:50:35:56:E7:E6:8C:DD:1F:74:C3:14:EA:C9:B0:EA:B0:19
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 684351472D9CDF326EC035FCBC06B2D9ACC02FAB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da7f5796-051d-4844-9de2-3d72a66d9b4a.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.118.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:43:51:47:2d:9c:df:32:6e:c0:35:fc:bc:06:b2:d9:ac:c0:2f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=3bb147846ee4e6234a17dc8b2d73fc65d9eca5932799c0b0a71b3f48f5754cad, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4a:55:bb:fe:48:9f:b2:a5:3b:d8:74:57:ac:
08:97:1f:54:bd:63:8c:2c:bc:83:1a:f3:28:c9:55:
bf:0a:ba:77:55:ab:22:4e:32:a8:3f:37:c8:f9:0d:
a9:89:14:1f:3f:8f:73:cd:b2:67:56:fb:bd:8e:1f:
5d:e2:f7:24:31:eb:ac:80:01:4a:90:d6:41:01:65:
26:12:9c:34:f5:83:5b:bd:9d:96:69:d2:ff:d4:94:
08:98:40:b6:4f:ee:09:ed:aa:4a:0c:23:78:0a:74:
bc:69:31:f9:c6:04:ad:02:09:e5:5d:fb:78:47:e3:
87:2a:58:03:ce:bc:84:8c:57:51:dd:3a:f7:7f:47:
60:3c:f0:95:e5:54:c0:56:fd:ca:8d:6a:29:91:c8:
b1:63:88:e5:37:d5:22:0c:63:bc:63:07:d3:05:fc:
46:e5:10:bf:50:cc:39:15:16:55:9c:9d:e8:06:2b:
32:f6:ac:13:69:84:ce:b2:ee:59:cb:b3:3f:5f:0d:
53:d7:95:90:c8:86:a5:42:34:de:17:33:66:a1:0a:
48:42:ec:0c:0a:d4:90:d9:17:f0:3a:78:ec:98:17:
63:7e:a9:d4:82:0d:fc:ee:f2:b3:ca:df:b3:9b:16:
04:9b:b1:dc:22:c3:26:3d:42:42:70:a8:4a:39:c4:
c2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:9F:43:50:35:56:E7:E6:8C:DD:1F:74:C3:14:EA:C9:B0:EA:B0:19
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da7f5796-051d-4844-9de2-3d72a66d9b4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:5a:b7:76:9e:c7:81:46:bd:54:37:9b:9c:01:e1:15:0f:7a:
21:1c:f7:a3:96:9d:4d:cb:c0:4a:97:84:34:6a:13:a3:9f:ba:
0c:ea:35:95:e2:e8:e0:06:ce:63:a2:0f:9a:98:ce:7e:4f:77:
97:d2:8c:ce:82:41:c6:f3:60:1f:bb:39:26:81:32:38:93:e7:
39:0c:9a:42:e8:63:5f:b0:a4:45:7c:ae:6b:61:24:03:15:c1:
27:2c:8c:43:16:91:59:08:dc:af:0b:e4:23:f6:b5:70:a6:44:
28:53:51:27:cd:14:be:ea:b1:3f:fc:0a:51:2a:48:b9:dc:ac:
aa:7e:50:9a:27:70:24:94:04:7a:9f:55:05:7e:08:9c:87:1a:
c5:ba:df:c3:29:98:73:98:df:6c:ea:cc:8c:38:e1:ff:6a:70:
f8:dd:95:81:a9:d3:71:87:52:31:3f:c2:04:a4:59:c5:2a:a3:
85:f1:9e:90:ff:d9:6d:2b:3c:8f:14:4f:4d:8a:83:20:98:22:
a6:12:f4:49:31:a0:93:35:3e:df:7f:80:e2:40:b6:23:01:05:
63:e9:74:fe:a5:b0:af:5f:c5:ab:c4:18:43:71:64:15:8c:1e:
9c:04:5f:2d:fc:09:cd:ce:f0:14:f4:f9:07:1e:34:9c:f7:79:
b3:40:99:bf
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaENRRy2c3zJuwDX8vAay2azAL6swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYmIxNDc4NDZlZTRlNjIzNGExN2RjOGIyZDczZmM2NWQ5
ZWNhNTkzMjc5OWMwYjBhNzFiM2Y0OGY1NzU0Y2FkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiSlW7/kifsqU72HRXrAiXH1S9Y4wsvIMa8yjJVb8KundV
qyJOMqg/N8j5DamJFB8/j3PNsmdW+72OH13i9yQx66yAAUqQ1kEBZSYSnDT1g1u9
nZZp0v/UlAiYQLZP7gntqkoMI3gKdLxpMfnGBK0CCeVd+3hH44cqWAPOvISMV1Hd
Ovd/R2A88JXlVMBW/cqNaimRyLFjiOU31SIMY7xjB9MF/EblEL9QzDkVFlWcnegG
KzL2rBNphM6y7lnLsz9fDVPXlZDIhqVCNN4XM2ahCkhC7AwK1JDZF/A6eOyYF2N+
qdSCDfzu8rPK37ObFgSbsdwiwyY9QkJwqEo5xMJRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUr59DUDVW5+aM3R90wxTqybDqsBkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhN2Y1Nzk2LTA1MWQtNDg0NC05ZGUyLTNkNzJhNjZkOWI0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQdjANBgkqhkiG9w0BAQsFAAOCAQEAiFq3dp7HgUa9VDebnAHhFQ96IRz3
o5adTcvASpeENGoTo5+6DOo1leLo4AbOY6IPmpjOfk93l9KMzoJBxvNgH7s5JoEy
OJPnOQyaQuhjX7CkRXyua2EkAxXBJyyMQxaRWQjcrwvkI/a1cKZEKFNRJ80Uvuqx
P/wKUSpIudysqn5QmidwJJQEep9VBX4InIcaxbrfwymYc5jfbOrMjDjh/2pw+N2V
ganTcYdSMT/CBKRZxSqjhfGekP/ZbSs8jxRPTYqDIJgiphL0STGgkzU+33+A4kC2
IwEFY+l0/qWwr1/Fq8QYQ3FkFYwenARfLfwJzc7wFPT5Bx40nPd5s0CZvw==
-----END CERTIFICATE-----
Generated at Sun May 11 18:34:35 2025 by rpki-client