Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2df1d478-efcc-4b9f-9229-2417c129969a.roa
File: 2df1d478-efcc-4b9f-9229-2417c129969a.roa (raw, json)
Hash identifier: OFSvrGofD+cI9nHI1oJNu45bmjwpmF3Dx6O2o7ycH1A=
Subject key identifier: 93:70:04:72:02:BA:5E:E2:52:70:6D:29:E3:E3:8E:18:82:45:4E:91
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 38D1FBED732197C0E4C0ADC9F3CAEFED0C0316E0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2df1d478-efcc-4b9f-9229-2417c129969a.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 56.35.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:d1:fb:ed:73:21:97:c0:e4:c0:ad:c9:f3:ca:ef:ed:0c:03:16:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=912aa64018a79964920640060eccf734ba2895e84b245d023f116507926c51bf, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:56:b3:6e:62:a3:51:83:f7:13:66:55:6f:56:
c8:92:c1:61:54:79:d8:cb:5d:24:b5:37:82:cc:74:
27:51:02:f6:ed:bd:51:0a:d3:ef:6c:bf:5f:f3:5f:
30:c2:bf:01:67:b3:25:d7:1c:fe:8e:87:02:25:1e:
4e:ed:ac:37:b7:b4:e0:6f:ca:0f:69:5e:92:7d:93:
b1:a9:aa:40:56:05:20:9d:6a:a7:b9:60:94:e9:74:
a7:16:1e:c1:1a:e7:b9:a7:97:66:f0:9c:60:44:e4:
8a:5c:3c:59:16:5f:2f:96:c6:03:86:03:87:8b:1c:
8c:f7:e5:ac:0f:81:d7:63:63:eb:61:2e:7e:5d:b5:
01:88:5c:b3:0d:25:7c:91:80:c1:37:67:54:8d:2b:
2c:c2:50:aa:e2:ca:87:71:c5:0c:72:10:fe:a9:3f:
77:d8:62:f6:cc:63:e7:a9:af:2e:57:1c:cc:be:88:
ca:82:36:59:11:10:c7:15:90:8a:86:98:fe:33:f3:
01:34:a9:47:53:c2:f1:31:3f:3d:38:f9:1e:3b:98:
24:dc:8e:75:ec:f3:7e:f4:7d:02:f1:7e:04:bf:14:
92:70:3a:57:45:63:93:0e:06:81:ab:d8:ee:27:c3:
b8:67:46:58:74:26:8d:0a:18:cf:f2:bc:1b:18:60:
80:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:70:04:72:02:BA:5E:E2:52:70:6D:29:E3:E3:8E:18:82:45:4E:91
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2df1d478-efcc-4b9f-9229-2417c129969a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:35:c6:c8:4a:07:a5:3b:9f:39:6a:fb:38:26:7e:8b:3e:a8:
eb:05:64:02:f0:67:c1:46:9a:7c:6c:6c:5e:af:26:05:81:da:
a8:4e:35:54:e1:9a:62:ab:d7:06:36:b4:11:8d:0c:62:61:57:
51:37:85:58:5d:c0:8d:ef:10:bd:ff:c0:92:1a:d6:56:0e:2d:
3b:ca:d4:ad:31:e3:18:17:7f:6d:d9:25:54:76:d6:67:a5:d6:
37:fa:94:e0:94:c9:cb:01:f6:47:e5:39:9e:17:36:4b:e7:49:
ed:d4:79:5a:36:b1:b2:31:01:c1:bd:40:ea:93:eb:66:4f:86:
ab:df:0d:cc:c0:54:ff:72:9e:d6:81:67:0c:75:37:f0:73:7f:
6a:90:98:49:69:32:b7:b4:e3:38:75:3e:9c:10:c5:57:4e:0b:
32:55:be:61:06:49:82:96:72:94:84:bc:2f:80:33:ea:ed:09:
83:45:15:a2:12:05:a0:5a:6f:e2:f1:1d:4d:d7:c7:e0:c5:50:
ed:d7:29:34:26:db:11:7f:22:58:34:c6:1d:31:11:12:48:3b:
4b:9b:50:fd:57:d0:13:d8:04:96:1e:b3:7f:d6:39:69:dc:94:
e2:43:b8:a0:0f:26:16:60:96:12:9a:1e:58:da:dd:5e:a6:88:
88:2f:9c:07
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUONH77XMhl8DkwK3J88rv7QwDFuAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTJhYTY0MDE4YTc5OTY0OTIwNjQwMDYwZWNjZjczNGJh
Mjg5NWU4NGIyNDVkMDIzZjExNjUwNzkyNmM1MWJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLVrNuYqNRg/cTZlVvVsiSwWFUedjLXSS1N4LMdCdRAvbt
vVEK0+9sv1/zXzDCvwFnsyXXHP6OhwIlHk7trDe3tOBvyg9pXpJ9k7GpqkBWBSCd
aqe5YJTpdKcWHsEa57mnl2bwnGBE5IpcPFkWXy+WxgOGA4eLHIz35awPgddjY+th
Ln5dtQGIXLMNJXyRgME3Z1SNKyzCUKriyodxxQxyEP6pP3fYYvbMY+epry5XHMy+
iMqCNlkREMcVkIqGmP4z8wE0qUdTwvExPz04+R47mCTcjnXs8370fQLxfgS/FJJw
OldFY5MOBoGr2O4nw7hnRlh0Jo0KGM/yvBsYYIARAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUk3AEcgK6XuJScG0p4+OOGIJFTpEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJkZjFkNDc4LWVmY2MtNGI5Zi05MjI5LTI0MTdjMTI5OTY5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4IzANBgkqhkiG9w0BAQsFAAOCAQEAtTXGyEoHpTufOWr7OCZ+iz6o6wVk
AvBnwUaafGxsXq8mBYHaqE41VOGaYqvXBja0EY0MYmFXUTeFWF3Aje8Qvf/AkhrW
Vg4tO8rUrTHjGBd/bdklVHbWZ6XWN/qU4JTJywH2R+U5nhc2S+dJ7dR5WjaxsjEB
wb1A6pPrZk+Gq98NzMBU/3Ke1oFnDHU38HN/apCYSWkyt7TjOHU+nBDFV04LMlW+
YQZJgpZylIS8L4Az6u0Jg0UVohIFoFpv4vEdTdfH4MVQ7dcpNCbbEX8iWDTGHTER
Ekg7S5tQ/VfQE9gElh6zf9Y5adyU4kO4oA8mFmCWEpoeWNrdXqaIiC+cBw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:32:55 2025 by rpki-client