Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0a20a4f9-37f8-4c3c-9840-b8d3bef0f7df.roa
File: 0a20a4f9-37f8-4c3c-9840-b8d3bef0f7df.roa (raw, json)
Hash identifier: SqJKXtOnwK5NweWH0kJiW2kBO5M/KUKTyc1HFVjOFqE=
Subject key identifier: 44:89:98:87:B5:1A:54:45:32:2C:95:B2:39:2E:4C:0B:EE:AD:33:97
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 357FDF65D3110F5B479AD786FF513BF23BCEF64E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0a20a4f9-37f8-4c3c-9840-b8d3bef0f7df.roa
Signing time: Fri 07 Feb 2025 00:00:00 +0000
ROA not before: Fri 07 Feb 2025 00:00:00 +0000
ROA not after: Fri 14 Mar 2025 23:59:59 +0000
asID: 14618
IP address blocks: 5.60.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:7f:df:65:d3:11:0f:5b:47:9a:d7:86:ff:51:3b:f2:3b:ce:f6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Feb 7 00:00:00 2025 GMT
Not After : Mar 14 23:59:59 2025 GMT
Subject: serialNumber=bf3efc753963a229989ae49e621fcf871b9dd8fd8680db065460657e0d9e4a2c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2a:fd:13:7a:53:71:96:76:a4:58:19:82:b1:
15:1c:df:22:2d:07:a2:64:8c:03:51:27:0e:bd:3e:
f8:0c:30:ce:e3:c4:fc:7f:79:61:35:83:2d:34:86:
a7:f5:20:b9:a8:ef:1a:1a:05:c8:52:31:65:7a:c9:
25:9f:1d:c3:3e:e3:0c:28:c6:29:d8:6f:33:f6:5b:
06:a4:ff:00:a5:0e:4c:7a:57:07:41:bc:f2:44:d5:
e2:5d:03:eb:bc:d3:3d:0f:43:a4:10:a4:85:b9:88:
8d:b3:92:b8:db:2e:78:e5:c3:14:ff:40:d8:f3:1e:
b4:6d:fa:47:38:41:9e:3e:f6:6d:ad:2a:7a:cb:18:
63:d0:8c:ef:c1:51:f7:95:ae:ab:ca:c6:26:ee:eb:
c0:0d:61:47:08:01:ec:6e:d7:ed:4a:9e:70:4e:4d:
dd:3c:db:4f:9b:8e:0e:fe:16:8e:b1:97:9e:3e:61:
48:7f:ca:e3:b3:bc:a6:04:69:f3:59:41:4b:9c:0f:
3d:f3:3d:94:29:22:4d:75:80:9e:c3:7f:bc:4d:1e:
52:8b:dd:83:68:aa:c6:d6:67:04:dc:35:c0:9a:38:
89:97:d5:6b:ac:23:16:cc:d7:dd:54:12:6e:8f:0f:
bd:55:22:01:ee:ac:fb:2c:86:93:16:4f:9a:13:9b:
89:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:89:98:87:B5:1A:54:45:32:2C:95:B2:39:2E:4C:0B:EE:AD:33:97
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0a20a4f9-37f8-4c3c-9840-b8d3bef0f7df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.88.0/22
Signature Algorithm: sha256WithRSAEncryption
79:3c:3f:a6:d1:9e:b5:20:73:04:8b:62:8d:22:95:87:ed:0b:
84:29:23:5a:8e:98:5b:10:21:ba:bd:db:46:d6:5e:09:03:3e:
f3:fb:22:05:f5:e1:97:17:c9:7a:7a:bc:ab:16:31:6b:05:84:
57:34:fc:7b:bf:d4:60:f1:9f:13:3d:88:87:9c:76:68:c4:25:
83:2d:5f:e9:9b:b7:88:67:3e:b4:1b:85:fd:98:d4:f0:2f:e2:
11:7f:97:b9:14:b8:3c:40:13:39:f9:94:50:d8:ca:10:74:ac:
5b:10:07:2b:33:20:c0:43:28:bb:1f:7b:4b:a5:1d:9f:4a:f9:
6f:80:91:0d:44:ae:4d:21:ec:f0:c8:7c:67:33:fa:28:d1:80:
48:ae:76:89:eb:6a:d8:05:12:d2:10:1e:99:1b:b5:73:db:c0:
3c:50:4b:f0:7b:1d:ae:9c:0a:09:ce:39:19:66:cd:ed:bf:55:
bf:74:cd:16:4b:3d:75:72:6a:10:ef:f9:0a:90:a4:52:b4:c5:
a6:c9:64:4d:75:b3:f5:43:87:2c:37:15:8d:c6:81:76:6f:18:
f2:c7:d1:40:62:c6:86:c1:a8:85:0b:1e:7c:8e:84:ff:83:89:
0f:ff:59:c3:a3:13:f4:06:47:8c:f5:1e:e8:42:00:25:77:7e:
ff:13:6a:bf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNX/fZdMRD1tHmteG/1E78jvO9k4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjNlZmM3NTM5NjNhMjI5OTg5YWU0OWU2MjFmY2Y4NzFi
OWRkOGZkODY4MGRiMDY1NDYwNjU3ZTBkOWU0YTJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9Kv0TelNxlnakWBmCsRUc3yItB6JkjANRJw69PvgMMM7j
xPx/eWE1gy00hqf1ILmo7xoaBchSMWV6ySWfHcM+4wwoxinYbzP2Wwak/wClDkx6
VwdBvPJE1eJdA+u80z0PQ6QQpIW5iI2zkrjbLnjlwxT/QNjzHrRt+kc4QZ4+9m2t
KnrLGGPQjO/BUfeVrqvKxibu68ANYUcIAexu1+1KnnBOTd0820+bjg7+Fo6xl54+
YUh/yuOzvKYEafNZQUucDz3zPZQpIk11gJ7Df7xNHlKL3YNoqsbWZwTcNcCaOImX
1WusIxbM191UEm6PD71VIgHurPsshpMWT5oTm4kTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURImYh7UaVEUyLJWyOS5MC+6tM5cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBhMjBhNGY5LTM3ZjgtNGMzYy05ODQwLWI4ZDNiZWYwZjdkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIFPFgwDQYJKoZIhvcNAQELBQADggEBAHk8P6bRnrUgcwSLYo0ilYftC4Qp
I1qOmFsQIbq920bWXgkDPvP7IgX14ZcXyXp6vKsWMWsFhFc0/Hu/1GDxnxM9iIec
dmjEJYMtX+mbt4hnPrQbhf2Y1PAv4hF/l7kUuDxAEzn5lFDYyhB0rFsQByszIMBD
KLsfe0ulHZ9K+W+AkQ1Erk0h7PDIfGcz+ijRgEiudonratgFEtIQHpkbtXPbwDxQ
S/B7Ha6cCgnOORlmze2/Vb90zRZLPXVyahDv+QqQpFK0xabJZE11s/VDhyw3FY3G
gXZvGPLH0UBixobBqIULHnyOhP+DiQ//WcOjE/QGR4z1HuhCACV3fv8Tar8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:09:28 2025 by rpki-client