Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/002988b2-fb28-4051-a703-18cd8f864bf7.roa
File: 002988b2-fb28-4051-a703-18cd8f864bf7.roa (raw, json)
Hash identifier: 4qQJZRq+zg1gUARg2divkb5GpusyTYufXLW72c0tkKs=
Subject key identifier: 7D:BD:54:5F:1D:46:07:75:7E:3E:04:DB:A2:6D:7A:1D:81:32:D5:07
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3CFAE053B5EF07DD6014207B1EDF40F3C41D4C5E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/002988b2-fb28-4051-a703-18cd8f864bf7.roa
Signing time: Sat 15 Mar 2025 00:40:14 +0000
ROA not before: Sat 15 Mar 2025 00:40:14 +0000
ROA not after: Sat 19 Apr 2025 23:59:59 +0000
asID: 19047
IP address blocks: 70.130.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:fa:e0:53:b5:ef:07:dd:60:14:20:7b:1e:df:40:f3:c4:1d:4c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 15 00:40:14 2025 GMT
Not After : Apr 19 23:59:59 2025 GMT
Subject: serialNumber=ae6ba00d491086e005170e13b42badcc2248bc372eb4be2014be172533e6261b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fe:0f:2c:d5:4f:6e:58:77:60:ea:bd:e0:66:
03:12:74:be:ae:d7:3a:a0:61:f1:7b:e7:ab:4b:b7:
5c:cf:ed:68:3a:e6:64:5a:ef:25:c2:d1:c7:71:11:
23:e6:22:a3:26:cd:6b:ff:ce:5c:23:dc:11:51:99:
aa:18:8d:88:d5:2a:07:6f:e1:5b:ae:0b:e7:96:d0:
7a:71:06:07:ce:e5:aa:86:c1:c0:b7:b9:45:0e:b0:
a1:01:55:6f:55:73:27:1d:f1:d2:71:b4:ff:5e:14:
ae:b3:14:13:74:ab:92:26:0a:6c:d8:bd:ab:11:72:
a5:9a:a3:88:c8:fa:99:da:8e:5b:31:53:3e:bd:68:
30:c9:c4:ec:45:b9:0e:1f:56:3a:0a:d0:c7:82:6d:
c1:3b:8a:5e:67:2c:46:04:23:5f:32:6d:ed:1f:e7:
d2:4d:db:8b:80:cf:08:f9:fd:ef:15:af:22:0e:7b:
a7:1d:78:bd:58:10:40:dc:bf:9e:71:78:a5:10:40:
9d:ef:e7:0f:f3:23:9c:da:2d:72:a1:7d:63:a3:7d:
fb:13:00:3d:9f:27:8c:39:2f:9d:66:b0:64:10:bf:
9f:92:69:72:df:6c:2e:10:80:2f:5b:79:e1:eb:64:
b2:21:21:dd:2b:54:5c:62:20:23:eb:e4:1d:a1:4a:
d8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BD:54:5F:1D:46:07:75:7E:3E:04:DB:A2:6D:7A:1D:81:32:D5:07
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/002988b2-fb28-4051-a703-18cd8f864bf7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.130.217.0/24
Signature Algorithm: sha256WithRSAEncryption
46:48:9b:08:a9:77:ed:ef:df:21:c8:55:3a:02:60:7d:b1:59:
68:fc:75:12:ea:4c:00:c7:a3:2c:a8:c4:96:cc:47:67:81:99:
fc:1e:eb:a9:0e:7e:58:32:8e:96:6f:96:47:f9:07:b3:fa:dc:
28:07:57:cd:17:33:03:6d:cf:7c:5d:bd:fa:69:27:86:85:e6:
86:aa:4b:a3:1b:35:8c:89:da:76:24:88:54:a3:bf:af:df:02:
29:4e:f3:ac:2b:3b:81:c7:f5:81:f9:1e:3a:87:94:9f:ac:21:
a8:50:95:b7:62:cc:91:8a:fa:63:f3:e2:ef:96:84:36:16:c0:
e7:cb:3a:a1:db:10:3d:20:9a:21:20:5b:f9:b1:f5:29:01:09:
be:46:26:3c:b2:7a:32:af:21:d6:db:49:84:e0:60:5e:cf:fe:
9e:52:a0:cc:bd:82:a8:cc:39:63:db:36:33:90:b9:6c:77:fa:
8c:85:68:5c:67:f9:50:c8:3b:38:5a:3c:61:13:bc:fd:19:fa:
a0:19:70:39:64:28:99:e7:83:35:45:20:2a:ae:92:56:04:29:
49:84:f6:4b:58:8e:c8:12:f9:0c:ff:cc:eb:66:8b:ce:7b:a2:
73:8c:a0:df:7d:e8:40:7c:08:8e:2a:11:9d:3b:74:74:ff:3b:
64:69:d9:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPPrgU7XvB91gFCB7Ht9A88QdTF4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDA0MDE0WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZTZiYTAwZDQ5MTA4NmUwMDUxNzBlMTNiNDJiYWRjYzIy
NDhiYzM3MmViNGJlMjAxNGJlMTcyNTMzZTYyNjFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO/g8s1U9uWHdg6r3gZgMSdL6u1zqgYfF756tLt1zP7Wg6
5mRa7yXC0cdxESPmIqMmzWv/zlwj3BFRmaoYjYjVKgdv4VuuC+eW0HpxBgfO5aqG
wcC3uUUOsKEBVW9Vcycd8dJxtP9eFK6zFBN0q5ImCmzYvasRcqWao4jI+pnajlsx
Uz69aDDJxOxFuQ4fVjoK0MeCbcE7il5nLEYEI18ybe0f59JN24uAzwj5/e8VryIO
e6cdeL1YEEDcv55xeKUQQJ3v5w/zI5zaLXKhfWOjffsTAD2fJ4w5L51msGQQv5+S
aXLfbC4QgC9beeHrZLIhId0rVFxiICPr5B2hStjnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfb1UXx1GB3V+PgTbom16HYEy1QcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAwMjk4OGIyLWZiMjgtNDA1MS1hNzAzLTE4Y2Q4Zjg2NGJmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABGgtkwDQYJKoZIhvcNAQELBQADggEBAEZImwipd+3v3yHIVToCYH2xWWj8
dRLqTADHoyyoxJbMR2eBmfwe66kOflgyjpZvlkf5B7P63CgHV80XMwNtz3xdvfpp
J4aF5oaqS6MbNYyJ2nYkiFSjv6/fAilO86wrO4HH9YH5HjqHlJ+sIahQlbdizJGK
+mPz4u+WhDYWwOfLOqHbED0gmiEgW/mx9SkBCb5GJjyyejKvIdbbSYTgYF7P/p5S
oMy9gqjMOWPbNjOQuWx3+oyFaFxn+VDIOzhaPGETvP0Z+qAZcDlkKJnngzVFICqu
klYEKUmE9ktYjsgS+Qz/zOtmi857onOMoN996EB8CI4qEZ07dHT/O2Rp2Zw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:51:55 2025 by rpki-client