Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d273567-d61b-48fc-8c69-772e9ff583d5.roa
File: 0d273567-d61b-48fc-8c69-772e9ff583d5.roa (raw, json)
Hash identifier: E//H4tKxoDXrA2TsvM2LSyZH7hhEWGHxNatDoIZxuj0=
Subject key identifier: 1D:82:22:E3:BF:2B:25:F8:51:D9:31:E0:05:42:D8:EA:43:2E:62:AA
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0850E03D08A4EF54C52D15CDE8BCE128E3599892
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d273567-d61b-48fc-8c69-772e9ff583d5.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f01:4880::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:50:e0:3d:08:a4:ef:54:c5:2d:15:cd:e8:bc:e1:28:e3:59:98:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=94b7ce405dafcd45d1473dfb31ceef178064475690ff64ad876c6621acccaed3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fd:82:54:f8:70:05:92:54:03:06:d4:58:18:
9d:70:b1:e3:ae:cc:94:bb:66:9f:e6:48:a4:f8:b7:
5e:68:06:e9:d4:4a:77:c5:30:37:f6:6e:73:13:8f:
ad:3a:b8:54:90:36:dc:6c:74:c1:03:47:7c:ae:98:
20:a6:45:db:42:3c:76:a1:ef:4f:da:8c:60:5c:30:
16:d4:55:89:2d:51:1b:18:1e:94:71:20:37:4a:91:
62:bc:eb:95:d2:1f:6c:a7:53:43:3f:ec:90:92:68:
7a:80:be:ff:e2:29:b1:6d:2f:58:f4:33:ef:d8:ae:
64:aa:1e:83:b8:ad:db:8b:a8:42:33:2e:5d:cb:82:
4d:45:5f:ad:08:b0:12:00:d6:2b:5f:99:84:bf:2f:
fa:2c:b4:18:15:94:44:01:9d:f0:21:78:0a:4a:95:
4d:35:64:f4:69:4e:e1:70:c3:e5:21:7a:40:f3:d8:
87:8c:e2:63:71:2b:7e:84:23:4d:85:0c:15:b2:79:
e1:08:39:41:90:4f:aa:f5:0f:23:b9:fa:eb:ca:73:
1b:4c:a6:a9:56:7d:97:da:f2:56:20:a7:4f:dc:8a:
f8:82:8a:b5:61:3a:df:60:f3:b3:b8:3a:97:7b:fa:
22:3b:91:a5:88:4d:09:d0:9f:f2:a7:70:c9:e0:8f:
6a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:82:22:E3:BF:2B:25:F8:51:D9:31:E0:05:42:D8:EA:43:2E:62:AA
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d273567-d61b-48fc-8c69-772e9ff583d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f01:4880::/47
Signature Algorithm: sha256WithRSAEncryption
d1:86:2c:9b:b9:c9:ec:54:32:bf:96:c3:5e:c7:f7:da:be:75:
5f:7c:d2:14:ac:f1:c6:e2:32:0f:c1:80:9d:50:df:80:21:62:
6a:c7:2d:e4:13:10:d3:b1:6c:c2:c8:2b:68:73:9c:a6:f2:dd:
49:c7:a6:3d:fa:39:d8:e3:23:67:fb:b0:1c:88:7a:c5:34:73:
01:2e:32:27:e7:5d:b5:65:e6:90:ee:93:f9:d1:64:5d:c3:a1:
d8:fe:e4:21:7f:e2:5f:7b:7d:44:65:cd:bd:1f:d6:3f:1e:d9:
25:e2:86:0a:05:6c:5e:b4:ad:a1:f9:c5:7f:81:f9:9c:68:a3:
0a:77:59:47:57:b9:24:c4:f3:8b:05:88:76:de:50:40:cb:a2:
fd:e8:fc:81:cc:f5:5a:7b:1e:e8:b2:06:b9:b3:6c:a7:1d:03:
c8:9d:6e:25:e9:20:f9:27:4c:12:47:ab:ef:43:01:7b:f9:0b:
5b:79:2d:e9:6e:21:10:67:ee:a1:ce:8c:6c:84:bc:8d:f2:65:
2d:8e:8b:e0:0d:bb:e5:29:84:cf:ae:28:65:05:cf:8f:7d:6e:
69:0e:60:4d:7f:bd:58:a6:db:09:77:c4:dc:8b:67:ee:9f:56:
e5:6f:66:26:89:a1:6b:d2:d3:28:e0:07:a4:16:bc:fd:bc:10:
77:0f:ff:76
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUCFDgPQik71TFLRXN6LzhKONZmJIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NGI3Y2U0MDVkYWZjZDQ1ZDE0NzNkZmIzMWNlZWYxNzgw
NjQ0NzU2OTBmZjY0YWQ4NzZjNjYyMWFjY2NhZWQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDP/YJU+HAFklQDBtRYGJ1wseOuzJS7Zp/mSKT4t15oBunU
SnfFMDf2bnMTj606uFSQNtxsdMEDR3yumCCmRdtCPHah70/ajGBcMBbUVYktURsY
HpRxIDdKkWK865XSH2ynU0M/7JCSaHqAvv/iKbFtL1j0M+/YrmSqHoO4rduLqEIz
Ll3Lgk1FX60IsBIA1itfmYS/L/ostBgVlEQBnfAheApKlU01ZPRpTuFww+UhekDz
2IeM4mNxK36EI02FDBWyeeEIOUGQT6r1DyO5+uvKcxtMpqlWfZfa8lYgp0/civiC
irVhOt9g87O4Opd7+iI7kaWITQnQn/KncMngj2ozAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUHYIi478rJfhR2THgBULY6kMuYqowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBkMjczNTY3LWQ2MWItNDhmYy04YzY5LTc3MmU5ZmY1ODNkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAB8BSIAwDQYJKoZIhvcNAQELBQADggEBANGGLJu5yexUMr+Ww17H99q+
dV980hSs8cbiMg/BgJ1Q34AhYmrHLeQTENOxbMLIK2hznKby3UnHpj36OdjjI2f7
sByIesU0cwEuMifnXbVl5pDuk/nRZF3Dodj+5CF/4l97fURlzb0f1j8e2SXihgoF
bF60raH5xX+B+Zxoowp3WUdXuSTE84sFiHbeUEDLov3o/IHM9Vp7HuiyBrmzbKcd
A8idbiXpIPknTBJHq+9DAXv5C1t5LeluIRBn7qHOjGyEvI3yZS2Oi+ANu+UphM+u
KGUFz499bmkOYE1/vVim2wl3xNyLZ+6fVuVvZiaJoWvS0yjgB6QWvP28EHcP/3Y=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:08 2025 by rpki-client