Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2cd4b717-9ee6-4079-a2f5-6ea2fa67638e.roa
File: 2cd4b717-9ee6-4079-a2f5-6ea2fa67638e.roa (raw, json)
Hash identifier: 9UqzH9T3vHI6fhsZHmag3tCx+u1Xy9dd9mXUNgVuOk0=
Subject key identifier: 7F:35:20:7B:05:25:D7:0B:3F:9B:6D:2E:01:15:1A:E3:4B:E9:F0:24
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 75E99FE0713C1678800F2B4B60A44759392FA8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2cd4b717-9ee6-4079-a2f5-6ea2fa67638e.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 204.130.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:e9:9f:e0:71:3c:16:78:80:0f:2b:4b:60:a4:47:59:39:2f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=3535dd809067af5fc0cf40a92f56b612f751acd3d1a17774b80722b500b2cf4b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:32:9a:7a:b0:85:d7:d6:32:28:56:f0:aa:cd:
fa:6d:47:87:56:c2:5f:fd:f4:95:8b:20:26:f9:56:
dc:bb:26:43:e1:ea:4b:fc:c1:dd:74:38:07:f1:19:
96:7c:27:e2:ba:3d:98:75:1f:1f:c3:f6:d2:ab:7b:
46:2e:6a:23:ff:ca:1c:90:9d:be:b2:2b:5d:f4:8d:
42:25:1d:6b:35:70:05:31:eb:a9:53:0e:ed:8d:7a:
c2:29:44:18:c5:dd:6b:0e:f5:48:4c:ac:24:4d:7c:
13:b0:2e:02:d9:9e:29:aa:93:d7:ea:d7:95:2b:58:
49:6b:66:59:5b:cc:f8:3d:3d:60:59:d7:d6:58:02:
49:c5:40:9f:ce:fc:f5:57:7b:df:03:9c:34:a7:d5:
10:e6:d4:2a:9e:10:39:8b:1a:fb:fd:ed:93:27:f3:
45:1d:6b:91:77:a1:8b:b7:5a:dc:6a:67:59:a7:08:
10:2f:94:ba:3a:cb:ff:a8:61:98:7e:6b:14:0a:ad:
f7:aa:e0:54:3b:ed:d5:a6:3a:78:2b:9e:f7:03:20:
d0:3a:c4:7d:63:61:93:20:d4:ee:ba:7c:16:e5:5c:
80:48:c7:f7:08:ed:af:48:2c:da:a4:66:17:69:11:
e1:62:dd:c5:c7:58:5e:f3:e2:1f:97:3b:68:e8:3d:
39:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:35:20:7B:05:25:D7:0B:3F:9B:6D:2E:01:15:1A:E3:4B:E9:F0:24
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2cd4b717-9ee6-4079-a2f5-6ea2fa67638e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.130.202.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:8d:de:af:00:b7:6d:a7:66:59:ba:92:b1:d3:9e:ab:1d:e5:
07:46:d0:0c:b8:91:31:e4:9f:d2:74:3f:f8:4b:50:ef:8d:ef:
3e:9c:ca:04:d5:27:0a:44:54:76:fc:e2:59:d1:af:38:fb:e2:
39:32:c6:d5:28:33:1f:dd:97:71:96:ae:39:cf:d4:df:47:c6:
9c:49:71:26:9e:e8:72:be:1a:83:b0:80:3f:5e:49:88:a2:3f:
da:34:88:4f:1a:ab:08:6d:92:c9:fc:16:8d:d6:8e:95:87:10:
a3:c8:cc:32:7f:15:5b:ec:e7:e3:d1:0b:23:c1:26:2f:f1:98:
ff:64:90:51:e6:c9:f9:8f:8d:9e:61:1e:ea:04:e9:04:4d:fe:
c5:5e:34:20:f2:6d:a4:2f:ba:02:d0:df:3e:7f:4e:d1:c0:40:
bf:cf:04:c4:a6:81:8c:8a:4d:3b:a3:d0:4a:09:de:8e:4c:e6:
54:a2:24:8f:e5:1c:3b:61:27:8b:96:64:b3:b2:6c:d6:c3:db:
db:2e:9f:f9:a7:18:db:27:90:2b:fd:bb:28:d8:f2:36:22:03:
50:83:6d:9f:75:3c:24:fd:a7:df:f8:f5:c7:0f:08:75:51:ec:
a3:c5:48:29:2f:35:09:c2:e5:23:a8:9a:37:b4:7c:26:98:ae:
9c:eb:0c:d0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITdemf4HE8FniADytLYKRHWTkvqDANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNDEyMjMwMDAwMDBaFw0yNTAxMjcyMzU5NTla
MHoxSTBHBgNVBAUTQDM1MzVkZDgwOTA2N2FmNWZjMGNmNDBhOTJmNTZiNjEyZjc1
MWFjZDNkMWExNzc3NGI4MDcyMmI1MDBiMmNmNGIxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8ymnqwhdfWMihW8KrN+m1Hh1bCX/30lYsgJvlW3LsmQ+Hq
S/zB3XQ4B/EZlnwn4ro9mHUfH8P20qt7Ri5qI//KHJCdvrIrXfSNQiUdazVwBTHr
qVMO7Y16wilEGMXdaw71SEysJE18E7AuAtmeKaqT1+rXlStYSWtmWVvM+D09YFnX
1lgCScVAn8789Vd73wOcNKfVEObUKp4QOYsa+/3tkyfzRR1rkXehi7da3GpnWacI
EC+UujrL/6hhmH5rFAqt96rgVDvt1aY6eCue9wMg0DrEfWNhkyDU7rp8FuVcgEjH
9wjtr0gs2qRmF2kR4WLdxcdYXvPiH5c7aOg9OTUCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBR/NSB7BSXXCz+bbS4BFRrjS+nwJDAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvMmNkNGI3MTctOWVlNi00MDc5LWEyZjUtNmVhMmZhNjc2MzhlLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMyCyjANBgkqhkiG9w0BAQsFAAOCAQEALo3erwC3badmWbqSsdOeqx3lB0bQ
DLiRMeSf0nQ/+EtQ743vPpzKBNUnCkRUdvziWdGvOPviOTLG1SgzH92XcZauOc/U
30fGnElxJp7ocr4ag7CAP15JiKI/2jSITxqrCG2SyfwWjdaOlYcQo8jMMn8VW+zn
49ELI8EmL/GY/2SQUebJ+Y+NnmEe6gTpBE3+xV40IPJtpC+6AtDfPn9O0cBAv88E
xKaBjIpNO6PQSgnejkzmVKIkj+UcO2Eni5Zks7Js1sPb2y6f+acY2yeQK/27KNjy
NiIDUINtn3U8JP2n3/j1xw8IdVHso8VIKS81CcLlI6iaN7R8JpiunOsM0A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:08:28 2025 by rpki-client