Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/367fa28a-28d9-45e5-a71e-117883bb227b.roa
File: 367fa28a-28d9-45e5-a71e-117883bb227b.roa (raw, json)
Hash identifier: vUuyE+0I8UsygyQwuxj9HjPDGhVgziNVDI2++XGt6G0=
Subject key identifier: 6F:59:40:7D:65:71:26:D0:96:6E:F5:0A:13:E1:B0:27:4B:56:30:F7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 37E7EB1B8CAFC7CBA3608D9BB9A65313F0144C65
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/367fa28a-28d9-45e5-a71e-117883bb227b.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 56.108.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:e7:eb:1b:8c:af:c7:cb:a3:60:8d:9b:b9:a6:53:13:f0:14:4c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=ea5ab12934421b0aaba46c8c851cea2813ba07af273df4221e2fc27d0939b9d4, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:db:4b:36:9a:99:c9:dc:4a:11:78:e7:a2:3b:
57:86:4e:e3:34:0f:98:f5:43:31:87:f9:f8:d4:65:
41:dc:33:b4:31:df:9c:92:1d:ee:92:a9:f5:83:db:
7a:db:f8:e2:e2:b4:33:f5:2c:2e:65:58:94:5e:90:
f6:68:97:0f:f1:89:88:fe:c7:21:0b:7f:95:0d:6c:
57:2b:c3:f8:bf:cf:b4:03:1d:b2:3b:d2:b7:35:7d:
49:d3:16:40:be:c4:50:15:ef:58:cd:0c:b7:7d:a9:
15:27:ad:2c:e5:77:f6:3b:98:00:81:e6:e3:85:1c:
be:1d:01:38:d4:57:b2:8e:0a:37:d9:7e:3d:d6:ed:
4e:6e:5a:31:9d:43:3c:77:0b:5e:46:8d:77:85:63:
fe:70:0a:11:b1:68:6c:00:4f:33:f1:cc:61:db:f6:
7c:5d:1e:75:a1:a1:62:96:8a:40:2b:c1:8f:cd:ff:
db:a2:cc:9a:69:66:34:ab:88:42:c2:39:cb:fc:80:
9f:d4:54:39:50:03:aa:5b:d3:81:1a:59:a5:d5:ff:
3b:01:9c:68:6a:1c:43:27:04:50:27:01:1b:7a:18:
73:b4:32:8b:90:fd:a1:ac:05:91:ec:e8:aa:59:b3:
84:b9:64:63:67:4e:53:9b:71:b5:a0:c3:23:d0:a5:
60:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:59:40:7D:65:71:26:D0:96:6E:F5:0A:13:E1:B0:27:4B:56:30:F7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/367fa28a-28d9-45e5-a71e-117883bb227b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:d1:28:aa:d8:c7:e1:85:f4:d3:bf:18:67:ae:89:2d:48:37:
78:4a:0c:ec:04:49:db:93:ef:b8:bc:0f:76:48:4a:1b:7a:f4:
72:cd:2a:4d:01:4b:a7:66:46:df:b8:de:b2:99:9d:f9:85:8b:
bd:9a:a8:5b:a6:8a:91:44:e1:a2:59:97:55:44:de:77:01:93:
f7:d8:97:0b:82:01:b4:22:7f:8d:10:60:74:34:29:6c:eb:5b:
c3:1d:dc:9e:d7:0b:88:76:aa:db:76:2e:b3:43:02:bf:3d:f3:
0f:72:ad:59:46:53:2b:ac:e6:a2:47:71:1c:f5:b4:c8:4e:b3:
0c:f8:89:44:39:eb:4f:da:79:21:85:99:66:6f:1b:d8:44:22:
cc:5c:33:83:a1:e3:bf:53:fb:98:e1:63:3c:14:3d:95:89:3e:
e8:0e:02:37:2a:17:4a:55:81:56:d2:a2:7d:f4:1b:8b:8a:9c:
56:35:86:0d:ff:d4:1b:01:85:24:28:3c:59:7a:29:f2:cb:24:
73:69:b1:62:d7:b1:e9:80:33:6c:0d:c2:7e:99:8e:13:60:db:
be:b7:b8:ff:b6:f9:c1:25:a1:0b:cd:e5:ed:8f:d0:c2:f5:b1:
f7:10:24:1d:ea:e9:8b:22:87:bf:69:7f:a9:80:92:ae:fb:e1:
79:df:58:a5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUN+frG4yvx8ujYI2buaZTE/AUTGUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTVhYjEyOTM0NDIxYjBhYWJhNDZjOGM4NTFjZWEyODEz
YmEwN2FmMjczZGY0MjIxZTJmYzI3ZDA5MzliOWQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL20s2mpnJ3EoReOeiO1eGTuM0D5j1QzGH+fjUZUHcM7Qx
35ySHe6SqfWD23rb+OLitDP1LC5lWJRekPZolw/xiYj+xyELf5UNbFcrw/i/z7QD
HbI70rc1fUnTFkC+xFAV71jNDLd9qRUnrSzld/Y7mACB5uOFHL4dATjUV7KOCjfZ
fj3W7U5uWjGdQzx3C15GjXeFY/5wChGxaGwATzPxzGHb9nxdHnWhoWKWikArwY/N
/9uizJppZjSriELCOcv8gJ/UVDlQA6pb04EaWaXV/zsBnGhqHEMnBFAnARt6GHO0
MouQ/aGsBZHs6KpZs4S5ZGNnTlObcbWgwyPQpWCxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUb1lAfWVxJtCWbvUKE+GwJ0tWMPcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM2N2ZhMjhhLTI4ZDktNDVlNS1hNzFlLTExNzg4M2JiMjI3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4bDANBgkqhkiG9w0BAQsFAAOCAQEAG9EoqtjH4YX0078YZ66JLUg3eEoM
7ARJ25PvuLwPdkhKG3r0cs0qTQFLp2ZG37jespmd+YWLvZqoW6aKkUTholmXVUTe
dwGT99iXC4IBtCJ/jRBgdDQpbOtbwx3cntcLiHaq23Yus0MCvz3zD3KtWUZTK6zm
okdxHPW0yE6zDPiJRDnrT9p5IYWZZm8b2EQizFwzg6Hjv1P7mOFjPBQ9lYk+6A4C
NyoXSlWBVtKiffQbi4qcVjWGDf/UGwGFJCg8WXop8sskc2mxYtex6YAzbA3CfpmO
E2Dbvre4/7b5wSWhC83l7Y/QwvWx9xAkHerpiyKHv2l/qYCSrvvhed9YpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:31:21 2025 by rpki-client