Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15b9a390-e9e8-47a9-81ab-71973336f411.roa
File: 15b9a390-e9e8-47a9-81ab-71973336f411.roa (raw, json)
Hash identifier: Jb2+Os+aRahIQgB41LKo/choZIT5LMN5PCAgXMk1IkQ=
Subject key identifier: 1B:B6:66:18:E1:A7:3D:62:C0:38:94:49:B4:82:53:93:C0:D2:F8:70
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2397B6800EBEABBE7B13A8EA50F9BC56223D7D3C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15b9a390-e9e8-47a9-81ab-71973336f411.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 77.122.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:97:b6:80:0e:be:ab:be:7b:13:a8:ea:50:f9:bc:56:22:3d:7d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=1d7ad2beb760d256c13b8f551c561caf1aa5fe2b4bf0796a769f799c64a70018, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e3:11:21:54:5f:fc:aa:37:ea:b3:68:a6:f7:
d8:37:40:80:c8:ce:12:b8:a6:46:91:5b:59:2b:1c:
d3:62:66:bd:cd:af:dd:c4:bc:b7:79:e5:33:fe:ca:
2e:57:0b:70:c8:aa:ce:ff:16:62:a3:e4:3c:2e:40:
25:15:bf:bb:25:28:73:d3:db:c9:77:f1:7b:8a:5a:
09:0e:3f:ad:2a:9f:be:49:88:46:cf:74:75:30:2f:
2f:e5:85:a7:94:31:2f:6f:d1:23:5e:8e:ae:8d:81:
0c:5c:6c:40:48:fb:ba:81:3c:03:bd:0d:61:f9:3c:
59:9f:7e:2c:50:1f:6d:68:13:29:10:f6:25:e4:1a:
12:e5:7a:96:32:9a:78:b8:97:3a:80:18:25:01:4f:
ab:d6:51:8e:b2:39:8b:ce:ee:f1:d2:6c:bc:72:67:
57:c3:cd:b3:07:c7:6d:3a:ab:a4:31:e4:f7:f5:55:
6d:f6:ba:c8:fd:19:46:90:ed:56:90:e2:af:b6:fb:
d0:cf:f9:8e:a2:d5:8e:9a:24:01:cf:fe:c3:8d:da:
64:bd:e8:6a:65:65:1f:4d:44:b3:75:a2:f1:f7:65:
36:4d:37:a3:6c:71:8e:ac:14:82:fa:29:d8:7b:3b:
4f:c7:e9:db:ba:dd:01:9d:6c:2b:5e:4c:df:6b:e6:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B6:66:18:E1:A7:3D:62:C0:38:94:49:B4:82:53:93:C0:D2:F8:70
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15b9a390-e9e8-47a9-81ab-71973336f411.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.122.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:db:a6:9f:ac:91:86:00:95:53:99:d8:ab:81:f2:cc:c6:55:
ff:bf:e0:5b:be:47:05:20:f5:9f:6f:4c:74:53:e8:a8:c2:71:
dd:ce:b9:91:4a:12:cc:f2:e4:fb:2d:7a:28:93:ea:88:05:25:
d1:2f:b5:a4:a7:64:70:33:19:ed:38:f6:63:40:b2:a8:aa:6f:
66:4d:17:ea:8a:34:04:2b:d7:20:81:9e:0a:62:d8:64:d9:a7:
5b:f8:5e:64:f8:ab:0b:97:5c:2f:e7:da:44:dc:49:a9:36:b5:
4c:b4:20:35:1e:20:be:fc:13:84:bf:66:64:8f:4a:e6:20:1a:
0e:90:04:33:af:93:25:6a:7b:23:1d:7a:66:c7:21:9e:a2:50:
a4:51:d3:3d:c1:7d:90:8e:0e:a4:03:fa:94:57:1a:40:3c:d4:
0e:fd:99:4c:38:2d:f9:5c:d2:da:06:43:a1:0d:59:6a:57:a5:
7e:ef:bf:09:32:cf:d5:28:1a:5e:b0:2a:82:36:e5:b0:ff:72:
b7:77:c7:b6:fe:df:01:6d:83:1b:c4:0b:fd:bd:58:b0:17:3b:
c1:84:05:7a:fc:5b:9e:62:f6:02:cb:7f:be:a5:c6:56:09:b1:
18:b7:1a:27:3e:9a:1a:df:8e:87:d5:48:5a:e4:e3:22:42:f7:
07:e9:96:27
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUI5e2gA6+q757E6jqUPm8ViI9fTwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDdhZDJiZWI3NjBkMjU2YzEzYjhmNTUxYzU2MWNhZjFh
YTVmZTJiNGJmMDc5NmE3NjlmNzk5YzY0YTcwMDE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy4xEhVF/8qjfqs2im99g3QIDIzhK4pkaRW1krHNNiZr3N
r93EvLd55TP+yi5XC3DIqs7/FmKj5DwuQCUVv7slKHPT28l38XuKWgkOP60qn75J
iEbPdHUwLy/lhaeUMS9v0SNejq6NgQxcbEBI+7qBPAO9DWH5PFmffixQH21oEykQ
9iXkGhLlepYymni4lzqAGCUBT6vWUY6yOYvO7vHSbLxyZ1fDzbMHx206q6Qx5Pf1
VW32usj9GUaQ7VaQ4q+2+9DP+Y6i1Y6aJAHP/sON2mS96GplZR9NRLN1ovH3ZTZN
N6NscY6sFIL6Kdh7O0/H6du63QGdbCteTN9r5m1NAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUG7ZmGOGnPWLAOJRJtIJTk8DS+HAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1YjlhMzkwLWU5ZTgtNDdhOS04MWFiLTcxOTczMzM2ZjQxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBNejANBgkqhkiG9w0BAQsFAAOCAQEAFtumn6yRhgCVU5nYq4HyzMZV/7/g
W75HBSD1n29MdFPoqMJx3c65kUoSzPLk+y16KJPqiAUl0S+1pKdkcDMZ7Tj2Y0Cy
qKpvZk0X6oo0BCvXIIGeCmLYZNmnW/heZPirC5dcL+faRNxJqTa1TLQgNR4gvvwT
hL9mZI9K5iAaDpAEM6+TJWp7Ix16ZschnqJQpFHTPcF9kI4OpAP6lFcaQDzUDv2Z
TDgt+VzS2gZDoQ1Zalelfu+/CTLP1SgaXrAqgjblsP9yt3fHtv7fAW2DG8QL/b1Y
sBc7wYQFevxbnmL2Ast/vqXGVgmxGLcaJz6aGt+Oh9VIWuTjIkL3B+mWJw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:10 2025 by rpki-client