Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298617f2-8863-481f-8488-927968fe9855.roa
File: 298617f2-8863-481f-8488-927968fe9855.roa (raw, json)
Hash identifier: xr0b11Ciq0IvzmXFw8+Ldc5Tb1dCaTWEvzHYvlEIR90=
Subject key identifier: 72:24:04:88:F8:DC:99:00:50:84:4F:FC:11:D6:B9:82:F4:21:B8:31
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1F7A9963A9050FFBC82BDE9EB3FB998B353FBC73
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298617f2-8863-481f-8488-927968fe9855.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 56.128.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:7a:99:63:a9:05:0f:fb:c8:2b:de:9e:b3:fb:99:8b:35:3f:bc:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=9b55650b985db8bcdb864b84265b0c12f37998f1afe500dc5a75efdb0be34868, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e6:9a:01:50:84:49:5b:d5:c7:86:3a:62:70:
8f:6a:b5:72:1d:c7:b0:fa:c9:58:a3:b8:98:52:f5:
4c:80:78:00:cc:20:a5:40:8a:d8:9f:fa:5b:2c:ad:
dc:a2:43:1e:a6:43:ae:c1:35:cc:80:6d:0a:d8:34:
d8:42:52:d1:78:65:20:0d:eb:97:30:59:46:a7:1c:
24:4f:20:8d:31:cd:59:8c:ba:e8:df:78:4f:17:38:
83:87:38:10:33:32:f0:57:81:fa:b9:31:59:6b:99:
83:39:2f:55:f7:10:be:d0:e3:0f:00:00:de:64:20:
e9:8e:de:0d:b7:df:09:6f:ea:13:83:8f:97:f0:7a:
13:d1:c1:16:d2:5e:95:8a:66:3c:27:8b:72:bc:53:
02:98:99:35:e7:31:86:28:d7:54:4f:45:7a:d1:9c:
c3:d6:0e:80:4a:6d:7f:6c:d2:ee:a0:f3:90:76:52:
26:ad:85:1e:ba:35:ce:0b:1d:e8:d5:26:00:6c:3b:
cd:8f:0e:e6:6d:11:55:b2:c3:14:ed:00:86:39:2a:
29:27:74:ec:a9:5a:77:e4:46:72:e7:70:11:b8:6a:
e4:e4:74:7e:7a:b9:1a:97:2a:02:6d:2c:a3:f7:e9:
d7:cb:d6:49:fe:f3:4b:8e:40:26:31:64:96:44:22:
87:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:24:04:88:F8:DC:99:00:50:84:4F:FC:11:D6:B9:82:F4:21:B8:31
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298617f2-8863-481f-8488-927968fe9855.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:45:5f:47:b4:00:2e:54:05:97:a2:5e:45:33:10:bf:11:83:
d4:fa:55:09:f6:47:f8:e5:a8:83:18:80:23:58:e2:f7:10:3e:
3c:e9:99:2d:73:ba:ec:dd:64:b2:01:71:2e:af:7c:dc:91:74:
5c:a4:78:6d:fd:6b:05:dd:4c:26:f5:b2:e2:6a:7e:e8:2b:08:
55:bb:35:45:ed:a5:09:2b:20:79:b1:bc:e4:1d:61:d9:0a:47:
f3:f2:f6:39:e0:3c:6a:a8:e5:91:df:44:80:80:52:ef:f7:89:
b5:76:39:72:21:f0:c3:e0:3e:15:7c:36:9a:14:46:20:b7:a2:
30:40:12:36:94:11:dc:4e:39:74:e9:2c:cf:84:1c:83:3f:71:
13:5c:19:71:b6:f6:d3:26:54:84:9f:5b:34:46:de:80:be:d0:
90:93:ab:b7:16:09:99:48:7e:8f:6c:8e:ba:59:a7:fe:7f:26:
84:86:15:4d:25:c7:dc:e4:f1:d0:03:e5:ed:8e:91:27:f9:3b:
62:c2:52:0f:5f:b0:ec:ea:c4:98:c2:27:a9:fd:1e:81:45:eb:
f2:48:4a:00:02:1d:00:17:15:fd:f7:af:75:d1:a9:ad:f0:b3:
12:75:cf:04:76:d7:e5:d5:df:d7:14:d1:d1:26:f2:db:2e:b0:
1d:c5:90:90
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUH3qZY6kFD/vIK96es/uZizU/vHMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YjU1NjUwYjk4NWRiOGJjZGI4NjRiODQyNjViMGMxMmYz
Nzk5OGYxYWZlNTAwZGM1YTc1ZWZkYjBiZTM0ODY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDU5poBUIRJW9XHhjpicI9qtXIdx7D6yVijuJhS9UyAeADM
IKVAitif+lssrdyiQx6mQ67BNcyAbQrYNNhCUtF4ZSAN65cwWUanHCRPII0xzVmM
uujfeE8XOIOHOBAzMvBXgfq5MVlrmYM5L1X3EL7Q4w8AAN5kIOmO3g233wlv6hOD
j5fwehPRwRbSXpWKZjwni3K8UwKYmTXnMYYo11RPRXrRnMPWDoBKbX9s0u6g85B2
UiathR66Nc4LHejVJgBsO82PDuZtEVWywxTtAIY5KikndOypWnfkRnLncBG4auTk
dH56uRqXKgJtLKP36dfL1kn+80uOQCYxZJZEIofpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUciQEiPjcmQBQhE/8Eda5gvQhuDEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI5ODYxN2YyLTg4NjMtNDgxZi04NDg4LTkyNzk2OGZlOTg1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4gDANBgkqhkiG9w0BAQsFAAOCAQEAUEVfR7QALlQFl6JeRTMQvxGD1PpV
CfZH+OWogxiAI1ji9xA+POmZLXO67N1ksgFxLq983JF0XKR4bf1rBd1MJvWy4mp+
6CsIVbs1Re2lCSsgebG85B1h2QpH8/L2OeA8aqjlkd9EgIBS7/eJtXY5ciHww+A+
FXw2mhRGILeiMEASNpQR3E45dOksz4Qcgz9xE1wZcbb20yZUhJ9bNEbegL7QkJOr
txYJmUh+j2yOulmn/n8mhIYVTSXH3OTx0APl7Y6RJ/k7YsJSD1+w7OrEmMInqf0e
gUXr8khKAAIdABcV/fevddGprfCzEnXPBHbX5dXf1xTR0Sby2y6wHcWQkA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:55:40 2025 by rpki-client