Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13634d03-d4a5-4a0f-87d0-f2045d0c3fa2.roa
File: 13634d03-d4a5-4a0f-87d0-f2045d0c3fa2.roa (raw, json)
Hash identifier: w39CAGd9/qwVmaCzPeEH2UwgM1VRy3b5pAWwocGDUCY=
Subject key identifier: CA:37:D6:3A:C9:E8:EA:24:32:1F:22:C9:A6:BF:A7:E6:E5:6C:B8:68
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3CB6A8A77AA5BFFCE72A492F960309D208F487C4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13634d03-d4a5-4a0f-87d0-f2045d0c3fa2.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 161.193.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:b6:a8:a7:7a:a5:bf:fc:e7:2a:49:2f:96:03:09:d2:08:f4:87:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=a53e46aab599288e794b160b11e03aae5439d31715d03bb796a37882e7bc925b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:78:8d:c5:02:fe:0c:3b:ce:1e:14:79:22:aa:
d5:5d:4e:a9:31:a9:42:30:46:35:50:d4:58:59:2d:
01:3f:0e:bb:c3:ff:03:42:2f:80:da:d2:63:90:b3:
cc:5e:c8:36:ae:e4:01:53:76:20:3e:cf:26:ee:45:
54:21:66:84:2e:c9:26:47:38:e5:62:f5:58:ac:9d:
08:99:04:5f:99:95:5b:65:d4:52:75:64:f0:70:3b:
d9:67:cb:28:10:63:4a:97:69:8e:89:0e:41:81:f4:
77:88:75:a4:35:ea:ef:f4:30:3b:e5:2f:30:8b:bd:
c1:ef:fc:87:77:74:6c:81:b7:f7:f0:0c:85:f2:1e:
c8:16:b2:fa:e1:47:17:bc:f6:6f:07:78:11:f4:22:
e3:55:de:89:4b:93:73:86:6c:7c:cc:9f:ff:d5:75:
63:20:e3:26:a9:73:c2:3a:34:40:6b:45:64:e3:40:
96:13:89:19:c0:d4:4d:d2:5a:fa:ae:55:9b:52:14:
c2:be:fd:68:5f:5b:43:91:a5:6a:60:74:12:77:74:
5c:7d:4d:56:01:75:77:c6:af:5e:cd:5b:8d:a9:a2:
ad:6a:ee:5c:a5:95:78:b8:f8:ec:ea:7f:74:22:4d:
79:81:17:c1:17:a7:1c:bc:e8:81:03:1f:b7:42:8e:
a7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:D6:3A:C9:E8:EA:24:32:1F:22:C9:A6:BF:A7:E6:E5:6C:B8:68
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13634d03-d4a5-4a0f-87d0-f2045d0c3fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.193.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:79:d7:b8:5b:0a:f2:51:d0:bd:6b:bb:02:d0:60:a5:fb:b7:
c8:67:9c:b7:1a:61:88:b0:8b:bb:e7:53:d2:a9:3a:19:35:15:
8e:36:c7:bb:81:82:da:bd:d6:bb:6f:26:4a:5e:71:d0:8a:44:
70:fd:88:07:20:80:f2:4f:64:c6:f5:0e:3d:ff:ad:c8:28:72:
0d:25:02:5f:46:1a:b2:59:a1:5c:d8:ad:e1:ba:be:1f:35:60:
49:e3:b5:14:c3:b0:01:1e:11:6a:3c:72:b8:f6:b6:4d:1c:c6:
db:e0:ec:b2:49:11:0b:52:48:f3:4c:f7:db:88:cf:c4:9c:85:
f7:e6:7f:84:45:16:a0:7a:b9:78:d0:47:bc:2c:52:da:bd:50:
21:9d:88:f9:06:1e:90:9a:3e:80:10:50:f9:32:48:fc:b9:3e:
8b:24:d3:eb:f0:85:81:90:ce:a9:79:a8:81:4f:8a:6f:d3:33:
52:fc:2e:d1:c8:72:e8:48:1c:75:de:79:32:65:87:07:42:5e:
68:f1:f9:ce:7d:cb:94:1c:0e:03:f2:f3:e2:b5:38:be:28:61:
cd:40:ed:a4:91:fc:8a:bd:c7:93:99:ee:79:0f:15:bd:b5:8e:
ba:2d:c3:fe:b7:63:a4:ab:13:76:b9:29:29:5b:61:51:30:83:
5e:98:73:5b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPLaop3qlv/znKkkvlgMJ0gj0h8QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNTNlNDZhYWI1OTkyODhlNzk0YjE2MGIxMWUwM2FhZTU0
MzlkMzE3MTVkMDNiYjc5NmEzNzg4MmU3YmM5MjViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYeI3FAv4MO84eFHkiqtVdTqkxqUIwRjVQ1FhZLQE/DrvD
/wNCL4Da0mOQs8xeyDau5AFTdiA+zybuRVQhZoQuySZHOOVi9VisnQiZBF+ZlVtl
1FJ1ZPBwO9lnyygQY0qXaY6JDkGB9HeIdaQ16u/0MDvlLzCLvcHv/Id3dGyBt/fw
DIXyHsgWsvrhRxe89m8HeBH0IuNV3olLk3OGbHzMn//VdWMg4yapc8I6NEBrRWTj
QJYTiRnA1E3SWvquVZtSFMK+/WhfW0ORpWpgdBJ3dFx9TVYBdXfGr17NW42poq1q
7lyllXi4+Ozqf3QiTXmBF8EXpxy86IEDH7dCjqd5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUyjfWOsno6iQyHyLJpr+n5uVsuGgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEzNjM0ZDAzLWQ0YTUtNGEwZi04N2QwLWYyMDQ1ZDBjM2ZhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwChwTANBgkqhkiG9w0BAQsFAAOCAQEAp3nXuFsK8lHQvWu7AtBgpfu3yGec
txphiLCLu+dT0qk6GTUVjjbHu4GC2r3Wu28mSl5x0IpEcP2IByCA8k9kxvUOPf+t
yChyDSUCX0YaslmhXNit4bq+HzVgSeO1FMOwAR4RajxyuPa2TRzG2+DsskkRC1JI
80z324jPxJyF9+Z/hEUWoHq5eNBHvCxS2r1QIZ2I+QYekJo+gBBQ+TJI/Lk+iyTT
6/CFgZDOqXmogU+Kb9MzUvwu0chy6Egcdd55MmWHB0JeaPH5zn3LlBwOA/Lz4rU4
vihhzUDtpJH8ir3Hk5nueQ8VvbWOui3D/rdjpKsTdrkpKVthUTCDXphzWw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:34:36 2025 by rpki-client