Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/336c7abe-8413-4e9d-88b2-9a0b9840219c.roa
File: 336c7abe-8413-4e9d-88b2-9a0b9840219c.roa (raw, json)
Hash identifier: DSdupJKS20lRInmzPfNIyMMDRPEXhFCqFk8nivTXme0=
Subject key identifier: AA:FD:27:52:DF:2F:37:CE:6D:19:96:8C:12:2B:8F:70:66:10:DE:25
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 546864AADEFDD25740FB21F0913C26EFBDA3F13E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/336c7abe-8413-4e9d-88b2-9a0b9840219c.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.20.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:68:64:aa:de:fd:d2:57:40:fb:21:f0:91:3c:26:ef:bd:a3:f1:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=5e5db643a2f7aa6ca04d759de052f919103fd3eff12e6bb49c939d4d753a4c6d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c2:67:0a:6f:22:14:f3:56:6d:33:dc:38:d5:
16:ca:cf:54:62:82:ee:da:50:55:7e:79:c1:95:9b:
ad:9c:c3:9d:7b:1e:06:0b:21:00:19:b5:77:ac:db:
a3:f8:07:c4:73:22:73:b5:ec:f3:69:8a:0a:78:f5:
c2:71:01:76:07:ef:c3:88:38:48:fa:96:26:4c:4a:
01:2d:51:0e:02:78:2d:6a:24:09:7d:ff:b4:f0:03:
1e:c3:e2:8e:07:34:5a:0d:ac:fd:0c:54:48:56:a6:
23:95:f5:5d:68:04:3d:3f:18:34:53:0b:9b:7a:45:
d7:f9:ec:37:77:84:d1:13:ac:75:a2:24:d0:e8:fb:
ca:b3:5d:3d:97:f5:b2:5b:d7:23:73:b4:7e:a5:a4:
bf:7a:44:ca:ce:76:a2:d8:5b:a0:29:c0:b6:3b:f3:
04:bc:26:3f:72:65:14:7a:29:66:28:47:2e:b0:c3:
69:7e:f7:99:bc:36:af:21:43:fd:28:75:b9:9d:0e:
a2:50:5d:c8:42:06:72:6a:b2:c0:dd:d4:56:9d:89:
b2:2d:2b:28:e3:a7:aa:11:e2:79:5f:70:45:ec:76:
f5:85:27:5f:9f:02:80:ca:e9:00:51:30:9a:3f:ba:
ed:6f:1e:3d:19:58:d9:cc:ac:a6:aa:8e:bb:fa:4b:
ae:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FD:27:52:DF:2F:37:CE:6D:19:96:8C:12:2B:8F:70:66:10:DE:25
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/336c7abe-8413-4e9d-88b2-9a0b9840219c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.20.244.0/22
Signature Algorithm: sha256WithRSAEncryption
41:d8:20:68:e5:01:42:eb:61:ca:20:93:16:cb:17:ac:13:b6:
03:9b:fa:4b:2c:47:0c:8e:02:86:a4:f8:af:be:60:25:67:c7:
df:6f:0f:43:17:4c:9d:66:2a:5f:f9:f5:75:97:e5:c0:20:fd:
bb:16:f0:00:fa:9a:7b:f4:28:24:70:b7:b1:2e:f0:1d:58:e9:
69:2e:ea:af:14:d1:d4:9a:03:02:05:02:f3:95:45:b5:6b:15:
5d:76:fb:79:0d:f9:58:ec:50:0f:16:4b:19:b5:19:d6:d2:16:
31:cb:da:d2:94:da:90:08:e0:2d:3a:a3:81:94:c3:b2:fc:fc:
6d:9f:e5:f1:e1:1c:5d:03:43:6a:dd:21:70:60:39:4f:89:ac:
c0:84:03:b3:20:fe:d3:4c:35:23:08:d8:38:7e:32:bd:49:21:
90:d8:3e:4d:58:35:3d:ba:5a:5d:b6:e4:33:0b:95:fe:21:f9:
72:b2:ef:8d:e4:c3:50:4c:16:ee:81:4c:0b:38:34:61:80:ff:
fa:3a:2e:c5:9e:5e:d5:2a:9f:fc:d6:cc:af:93:51:a5:bf:f5:
4c:43:b2:09:71:b4:a7:2e:bb:31:19:3f:bd:fd:b6:6f:07:bf:
98:12:57:d5:f6:39:c9:4d:61:c0:65:9e:34:a2:e7:d9:7d:7a:
9c:f5:2b:f9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVGhkqt790ldA+yHwkTwm772j8T4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZTVkYjY0M2EyZjdhYTZjYTA0ZDc1OWRlMDUyZjkxOTEw
M2ZkM2VmZjEyZTZiYjQ5YzkzOWQ0ZDc1M2E0YzZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMwmcKbyIU81ZtM9w41RbKz1Rigu7aUFV+ecGVm62cw517
HgYLIQAZtXes26P4B8RzInO17PNpigp49cJxAXYH78OIOEj6liZMSgEtUQ4CeC1q
JAl9/7TwAx7D4o4HNFoNrP0MVEhWpiOV9V1oBD0/GDRTC5t6Rdf57Dd3hNETrHWi
JNDo+8qzXT2X9bJb1yNztH6lpL96RMrOdqLYW6ApwLY78wS8Jj9yZRR6KWYoRy6w
w2l+95m8Nq8hQ/0odbmdDqJQXchCBnJqssDd1FadibItKyjjp6oR4nlfcEXsdvWF
J1+fAoDK6QBRMJo/uu1vHj0ZWNnMrKaqjrv6S66TAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqv0nUt8vN85tGZaMEiuPcGYQ3iUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzNmM3YWJlLTg0MTMtNGU5ZC04OGIyLTlhMGI5ODQwMjE5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIQFPQwDQYJKoZIhvcNAQELBQADggEBAEHYIGjlAULrYcogkxbLF6wTtgOb
+kssRwyOAoak+K++YCVnx99vD0MXTJ1mKl/59XWX5cAg/bsW8AD6mnv0KCRwt7Eu
8B1Y6Wku6q8U0dSaAwIFAvOVRbVrFV12+3kN+VjsUA8WSxm1GdbSFjHL2tKU2pAI
4C06o4GUw7L8/G2f5fHhHF0DQ2rdIXBgOU+JrMCEA7Mg/tNMNSMI2Dh+Mr1JIZDY
Pk1YNT26Wl225DMLlf4h+XKy743kw1BMFu6BTAs4NGGA//o6LsWeXtUqn/zWzK+T
UaW/9UxDsglxtKcuuzEZP739tm8Hv5gSV9X2OclNYcBlnjSi59l9epz1K/k=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:31:11 2025 by rpki-client