Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bdd090e-2ef9-4295-9613-e1778d300625.roa
File: 0bdd090e-2ef9-4295-9613-e1778d300625.roa (raw, json)
Hash identifier: Z71LrCHtxuD6ON2EJRkS7s0jCce7a01N0+KwicbxqSM=
Subject key identifier: 0B:75:26:13:81:AA:79:12:8D:E3:DB:8A:72:7C:8B:17:23:BD:F6:29
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7256509A7049291A4D402E6B2782BDC37CBAEC27
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bdd090e-2ef9-4295-9613-e1778d300625.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 15.194.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:56:50:9a:70:49:29:1a:4d:40:2e:6b:27:82:bd:c3:7c:ba:ec:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=f01adcf150ee083e128ae1b74494ff44fded48f3c943f4a1193e2204704b17c1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4e:41:6f:ca:0a:3c:2c:72:cc:c1:bb:75:77:
14:4f:a0:54:51:5e:fd:bf:7b:6b:ea:bd:12:69:af:
69:5f:32:a8:b2:f7:49:8f:58:c7:58:57:9f:a5:45:
3c:4f:de:82:24:f5:6d:21:d7:88:53:5b:f0:2c:32:
70:50:e1:9e:8a:b7:6a:ca:36:87:0a:51:37:17:12:
99:5e:1a:49:a4:d8:9c:c5:53:7c:69:5a:19:01:45:
84:cc:80:5a:43:20:48:89:df:ee:a1:65:4b:c8:17:
b3:de:1a:3b:43:6e:a0:39:ef:16:24:b7:03:dd:b5:
77:89:ba:4d:ae:4f:76:da:c0:c8:80:c2:fb:05:4d:
04:bc:13:51:d4:2f:46:f2:36:c6:ab:7b:46:f2:22:
5f:e6:28:2d:89:81:3c:6a:a9:47:f2:bf:51:c5:5b:
65:85:ee:c4:68:9c:9b:1e:d1:b3:99:f4:ee:1c:1e:
f4:d7:15:52:ca:69:ad:c1:25:26:e8:34:52:d5:c5:
4b:82:df:8b:52:ab:fa:e9:f6:57:91:d5:fe:2d:7f:
a7:0d:76:47:27:97:31:0c:01:fc:66:ac:c2:f7:15:
18:11:74:0b:21:09:a3:69:63:b9:a8:5a:c4:27:e4:
cb:f1:ad:4d:80:68:30:55:c3:fa:5a:28:9f:b3:50:
8d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:75:26:13:81:AA:79:12:8D:E3:DB:8A:72:7C:8B:17:23:BD:F6:29
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bdd090e-2ef9-4295-9613-e1778d300625.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
15.194.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:d6:a2:6a:6e:6f:77:5d:6f:bc:3e:1f:33:a9:54:be:66:61:
36:b1:04:a8:5d:e6:4a:49:ba:0c:f5:31:4d:ea:17:e0:33:b6:
44:0d:2a:30:c9:03:9a:bd:cf:dd:67:76:2b:90:85:cc:46:c0:
9f:f2:f1:80:73:38:86:e0:8b:f3:19:ea:25:9c:ca:f3:f0:f2:
db:ee:ec:69:a5:4e:3d:09:54:f1:7d:ad:42:08:13:41:35:c4:
54:13:b6:64:2e:11:bc:e3:a6:55:d3:54:ee:6a:1b:10:73:1e:
2c:be:fd:09:db:83:6e:07:c7:f3:42:3d:23:ca:c5:b6:79:df:
6c:56:99:20:97:83:07:d2:03:d2:40:be:d9:26:5c:e5:65:bf:
f5:02:8a:40:76:ee:cb:ef:b0:44:57:82:d6:f3:63:80:e1:b7:
a8:3c:11:ce:72:88:11:57:05:ce:93:7b:b7:dc:0f:e1:4a:da:
14:58:fa:dd:1f:33:c3:d7:fc:96:e4:0d:13:57:9a:03:30:1c:
9b:1a:43:75:ce:a2:e5:c6:54:68:db:99:96:bf:0a:a9:90:11:
e0:d5:96:83:23:fa:a4:c6:49:03:5b:74:96:e8:24:92:12:cd:
12:62:bc:fb:ed:f7:7a:f4:38:90:a4:66:b4:c0:63:5b:c6:86:
aa:0f:69:d7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUclZQmnBJKRpNQC5rJ4K9w3y67CcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMDFhZGNmMTUwZWUwODNlMTI4YWUxYjc0NDk0ZmY0NGZk
ZWQ0OGYzYzk0M2Y0YTExOTNlMjIwNDcwNGIxN2MxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfTkFvygo8LHLMwbt1dxRPoFRRXv2/e2vqvRJpr2lfMqiy
90mPWMdYV5+lRTxP3oIk9W0h14hTW/AsMnBQ4Z6Kt2rKNocKUTcXEpleGkmk2JzF
U3xpWhkBRYTMgFpDIEiJ3+6hZUvIF7PeGjtDbqA57xYktwPdtXeJuk2uT3bawMiA
wvsFTQS8E1HUL0byNsare0byIl/mKC2JgTxqqUfyv1HFW2WF7sRonJse0bOZ9O4c
HvTXFVLKaa3BJSboNFLVxUuC34tSq/rp9leR1f4tf6cNdkcnlzEMAfxmrML3FRgR
dAshCaNpY7moWsQn5MvxrU2AaDBVw/paKJ+zUI2ZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUC3UmE4GqeRKN49uKcnyLFyO99ikwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBiZGQwOTBlLTJlZjktNDI5NS05NjEzLWUxNzc4ZDMwMDYyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPwjANBgkqhkiG9w0BAQsFAAOCAQEAh9aiam5vd11vvD4fM6lUvmZhNrEE
qF3mSkm6DPUxTeoX4DO2RA0qMMkDmr3P3Wd2K5CFzEbAn/LxgHM4huCL8xnqJZzK
8/Dy2+7saaVOPQlU8X2tQggTQTXEVBO2ZC4RvOOmVdNU7mobEHMeLL79CduDbgfH
80I9I8rFtnnfbFaZIJeDB9ID0kC+2SZc5WW/9QKKQHbuy++wRFeC1vNjgOG3qDwR
znKIEVcFzpN7t9wP4UraFFj63R8zw9f8luQNE1eaAzAcmxpDdc6i5cZUaNuZlr8K
qZAR4NWWgyP6pMZJA1t0lugkkhLNEmK8++33evQ4kKRmtMBjW8aGqg9p1w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:37:48 2025 by rpki-client