Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2e1eea32-267e-4574-bfe5-832fc7eba914.roa
File: 2e1eea32-267e-4574-bfe5-832fc7eba914.roa (raw, json)
Hash identifier: 6nC9n4OZMNlhK3UcpEl0GdOEnpagsdQaFxUfiTHAcE4=
Subject key identifier: 95:47:36:D0:B6:CC:96:47:6A:E0:CA:14:1D:8E:46:B0:61:72:35:78
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3F55AF586938734985AE829CBE965617BB223BD2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2e1eea32-267e-4574-bfe5-832fc7eba914.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.50.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:55:af:58:69:38:73:49:85:ae:82:9c:be:96:56:17:bb:22:3b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=19707cbab43213bd5c1ba8fc083c452617bd620909d692257a7008a307bff799, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5d:2d:c0:9c:bc:ad:3a:a7:57:98:af:5f:a0:
7e:ba:88:3f:c7:fa:14:2d:ae:8e:49:ac:de:a3:eb:
b3:45:9e:40:75:b1:8e:61:f6:a3:5b:6b:c7:fc:eb:
d4:53:fb:34:05:e8:fe:37:9f:1a:33:5c:b6:c2:1a:
9a:e7:1a:34:75:60:d8:91:ca:98:f9:ed:55:a1:90:
04:10:2e:d2:e7:0d:0e:53:d2:f9:89:dd:f7:8c:71:
ff:eb:d1:f7:a6:df:a2:1f:03:7a:f7:65:a4:d6:6f:
28:66:50:6f:90:6c:65:5e:de:ec:f9:af:84:07:b7:
db:e2:e7:4e:84:3d:86:d8:61:37:0e:6a:5d:de:0a:
17:1f:c8:7b:b0:0a:e0:11:14:1d:33:bd:ab:4c:07:
52:56:e1:c8:33:45:4a:8e:5a:4e:06:f1:73:98:52:
1e:4f:6c:08:34:5a:2b:2e:0b:53:b3:6a:a7:e5:95:
9e:88:85:02:d2:2d:e0:e1:be:48:23:3f:3c:67:fd:
d4:75:29:59:ad:72:72:b4:0a:e0:b4:f3:bc:75:2b:
03:30:88:5f:b8:d8:8c:e2:12:53:60:b6:c5:cd:cc:
7b:0c:f6:26:dc:92:30:77:bb:0e:d4:d0:2c:ad:df:
68:98:4b:6b:32:2d:b2:e2:2d:62:b8:cf:12:13:1e:
51:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:47:36:D0:B6:CC:96:47:6A:E0:CA:14:1D:8E:46:B0:61:72:35:78
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2e1eea32-267e-4574-bfe5-832fc7eba914.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.50.131.0/24
Signature Algorithm: sha256WithRSAEncryption
66:d2:04:0f:b0:c9:dd:e4:29:86:89:8c:1d:d4:b7:66:a5:0c:
69:85:f8:85:7c:96:87:fb:28:da:5c:f5:b7:5a:98:08:49:5e:
63:f1:29:dd:6f:cb:8e:37:0e:b1:f4:dc:c1:20:6c:c3:f7:cf:
26:01:df:6c:6f:07:4c:1d:41:e1:8c:d5:d2:5a:15:91:73:e1:
dc:86:ec:7a:49:90:ae:24:c4:4d:27:7a:82:d8:eb:f4:69:d9:
d7:af:46:d8:c6:53:62:87:7b:3a:fd:8c:8f:61:ea:4d:52:ec:
19:94:f0:59:72:34:95:41:b5:21:c4:d9:bc:66:4a:e6:b3:ca:
ef:db:9a:9c:1c:15:9f:8c:7d:00:01:fa:85:24:6c:ad:28:2e:
c1:b1:78:e2:64:af:5a:fd:5f:99:d2:63:1b:5c:08:67:23:f9:
f5:75:ca:79:04:8e:ee:54:b6:14:f1:11:f1:b1:63:3d:4b:c0:
ac:87:c3:01:90:b7:82:01:09:8d:20:3b:e4:ec:ac:49:88:44:
46:a4:28:91:80:83:17:38:c3:5c:22:5b:19:01:50:4e:ac:ca:
99:b9:e8:a3:f8:04:93:d0:d9:42:8f:bf:47:d7:54:9f:8d:47:
95:bb:c7:ce:0c:51:80:85:d4:61:c3:3a:4f:a8:99:06:d3:cb:
d8:ce:bd:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUP1WvWGk4c0mFroKcvpZWF7siO9IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTcwN2NiYWI0MzIxM2JkNWMxYmE4ZmMwODNjNDUyNjE3
YmQ2MjA5MDlkNjkyMjU3YTcwMDhhMzA3YmZmNzk5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDXS3AnLytOqdXmK9foH66iD/H+hQtro5JrN6j67NFnkB1
sY5h9qNba8f869RT+zQF6P43nxozXLbCGprnGjR1YNiRypj57VWhkAQQLtLnDQ5T
0vmJ3feMcf/r0fem36IfA3r3ZaTWbyhmUG+QbGVe3uz5r4QHt9vi506EPYbYYTcO
al3eChcfyHuwCuARFB0zvatMB1JW4cgzRUqOWk4G8XOYUh5PbAg0WisuC1Ozaqfl
lZ6IhQLSLeDhvkgjPzxn/dR1KVmtcnK0CuC087x1KwMwiF+42IziElNgtsXNzHsM
9ibckjB3uw7U0Cyt32iYS2syLbLiLWK4zxITHlFFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlUc20LbMlkdq4MoUHY5GsGFyNXgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJlMWVlYTMyLTI2N2UtNDU3NC1iZmU1LTgzMmZjN2ViYTkxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjMoMwDQYJKoZIhvcNAQELBQADggEBAGbSBA+wyd3kKYaJjB3Ut2alDGmF
+IV8lof7KNpc9bdamAhJXmPxKd1vy443DrH03MEgbMP3zyYB32xvB0wdQeGM1dJa
FZFz4dyG7HpJkK4kxE0neoLY6/Rp2devRtjGU2KHezr9jI9h6k1S7BmU8FlyNJVB
tSHE2bxmSuazyu/bmpwcFZ+MfQAB+oUkbK0oLsGxeOJkr1r9X5nSYxtcCGcj+fV1
ynkEju5UthTxEfGxYz1LwKyHwwGQt4IBCY0gO+TsrEmIREakKJGAgxc4w1wiWxkB
UE6sypm56KP4BJPQ2UKPv0fXVJ+NR5W7x84MUYCF1GHDOk+omQbTy9jOvdw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:37:27 2025 by rpki-client