Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d720f81-3415-4e75-913e-9705b632fbf2.roa
File: 0d720f81-3415-4e75-913e-9705b632fbf2.roa (raw, json)
Hash identifier: 39FIkoihg97/uKaMWdbFY1uoEf1VIHPI7Kqgv0yJFk8=
Subject key identifier: 3B:68:A5:E8:B2:A6:F4:E9:28:F2:EA:C1:71:F0:06:1A:7C:91:E1:04
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 613D4687343C1E03AA9F5DA54CE8EB1E58F52A38
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d720f81-3415-4e75-913e-9705b632fbf2.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 40.32.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:3d:46:87:34:3c:1e:03:aa:9f:5d:a5:4c:e8:eb:1e:58:f5:2a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=9966b1d669706add1d09f5a596bf4812c655ff9b39e980ae311d73b4d7b70731, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0a:a3:21:5e:f1:8e:ae:30:e6:ab:fa:af:a1:
ca:ec:7a:8c:e2:c8:af:5e:7f:0c:02:17:99:84:02:
50:a3:e9:3f:09:e7:2f:32:98:34:e1:2a:9c:44:3b:
ea:6d:30:d5:30:e3:9d:8d:2a:cc:02:ab:75:a3:97:
4b:81:09:0d:81:11:61:01:b1:bc:3f:6c:35:59:6d:
5d:8f:b2:5f:53:c3:2f:fe:68:8e:3d:21:5d:e6:f0:
fa:9f:95:7e:9b:a9:5c:79:1c:c2:c5:1f:d6:6d:f8:
73:dd:6e:0c:f9:a4:46:8a:fa:ef:0d:14:61:43:ea:
79:42:c9:da:98:78:d3:6c:fb:51:52:75:65:d5:07:
49:56:86:02:c5:ba:da:67:4b:6e:76:16:5e:98:42:
81:fb:ce:8d:3a:4f:77:de:ee:a1:9a:7f:5d:c3:0b:
e4:03:30:b6:f1:97:49:38:d4:69:22:b2:8b:0c:e8:
3e:bf:3d:70:a5:74:71:3b:09:91:16:2e:4c:47:f6:
c5:f0:23:ae:e6:c9:86:3e:25:72:11:d3:42:56:b2:
bc:64:c7:a9:5e:99:9f:83:3f:f8:79:1d:c1:6b:df:
f0:41:e2:ea:b8:b5:a5:ce:8c:81:49:68:55:5b:5a:
ae:9f:03:84:8b:74:51:73:7b:10:b5:5a:f8:7d:7c:
bc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:68:A5:E8:B2:A6:F4:E9:28:F2:EA:C1:71:F0:06:1A:7C:91:E1:04
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d720f81-3415-4e75-913e-9705b632fbf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d0:82:46:94:dc:c8:05:a9:ac:fe:11:45:7b:d6:4f:2c:fd:9d:
79:25:09:48:66:dd:de:97:36:ec:f4:89:7e:31:b5:34:06:fa:
58:2a:7a:e9:3e:a2:33:72:d2:f7:84:a1:af:63:e4:20:63:c5:
22:ef:d0:53:b1:c8:0d:31:c9:b3:8f:49:68:d4:71:5b:42:55:
b0:2e:5b:71:56:7b:8e:3c:75:96:4a:ea:b5:e9:71:d1:b2:cd:
b9:43:e3:63:87:0f:cf:f7:9b:89:55:78:55:20:31:d6:e7:3e:
4e:c9:34:f9:31:1a:55:83:71:73:88:53:38:b5:97:46:01:7b:
3b:1d:9b:9c:70:17:8c:fd:37:20:df:ed:5f:be:09:95:86:c8:
38:1e:c5:4d:ae:9f:d4:32:46:2f:66:f1:c7:f1:fc:37:f2:60:
34:47:ef:27:59:b7:43:2e:f1:8e:a5:37:a0:9b:a7:d0:1f:76:
33:03:04:76:94:41:c0:91:40:94:3e:e0:65:51:42:22:ae:8f:
af:45:0d:6d:04:e0:19:17:3b:ef:b9:aa:f5:a3:13:b8:01:bc:
1a:6e:3a:1a:5e:f3:cc:84:4e:7f:12:02:7e:2a:c6:09:2b:6e:
df:19:f4:fd:16:3f:5f:1a:cf:cd:ba:66:dd:f2:14:b2:0e:11:
95:91:df:5d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYT1GhzQ8HgOqn12lTOjrHlj1KjgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OTY2YjFkNjY5NzA2YWRkMWQwOWY1YTU5NmJmNDgxMmM2
NTVmZjliMzllOTgwYWUzMTFkNzNiNGQ3YjcwNzMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3CqMhXvGOrjDmq/qvocrseoziyK9efwwCF5mEAlCj6T8J
5y8ymDThKpxEO+ptMNUw452NKswCq3Wjl0uBCQ2BEWEBsbw/bDVZbV2Psl9Twy/+
aI49IV3m8PqflX6bqVx5HMLFH9Zt+HPdbgz5pEaK+u8NFGFD6nlCydqYeNNs+1FS
dWXVB0lWhgLFutpnS252Fl6YQoH7zo06T3fe7qGaf13DC+QDMLbxl0k41GkisosM
6D6/PXCldHE7CZEWLkxH9sXwI67myYY+JXIR00JWsrxkx6lemZ+DP/h5HcFr3/BB
4uq4taXOjIFJaFVbWq6fA4SLdFFzexC1Wvh9fLzBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUO2il6LKm9Oko8urBcfAGGnyR4QQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBkNzIwZjgxLTM0MTUtNGU3NS05MTNlLTk3MDViNjMyZmJmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAoIDANBgkqhkiG9w0BAQsFAAOCAQEA0IJGlNzIBams/hFFe9ZPLP2deSUJ
SGbd3pc27PSJfjG1NAb6WCp66T6iM3LS94Shr2PkIGPFIu/QU7HIDTHJs49JaNRx
W0JVsC5bcVZ7jjx1lkrqtelx0bLNuUPjY4cPz/ebiVV4VSAx1uc+Tsk0+TEaVYNx
c4hTOLWXRgF7Ox2bnHAXjP03IN/tX74JlYbIOB7FTa6f1DJGL2bxx/H8N/JgNEfv
J1m3Qy7xjqU3oJun0B92MwMEdpRBwJFAlD7gZVFCIq6Pr0UNbQTgGRc777mq9aMT
uAG8Gm46Gl7zzIROfxICfirGCStu3xn0/RY/XxrPzbpm3fIUsg4RlZHfXQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:26:44 2025 by rpki-client