Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b89e647-0f7a-4774-a3e1-1e23ea20f96f.roa
File: 3b89e647-0f7a-4774-a3e1-1e23ea20f96f.roa (raw, json)
Hash identifier: MYVSw3MEp9kp6zKa94EvGxbH0y1ol9nLv9d7eI/E+fw=
Subject key identifier: 09:E9:5F:BA:C0:75:7D:79:3F:56:5E:C8:9B:A2:25:3A:B4:A5:54:A4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5F33B3D747773BA9407A54B0C606F6061CAD2EC0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b89e647-0f7a-4774-a3e1-1e23ea20f96f.roa
Signing time: Sat 15 Mar 2025 00:30:29 +0000
ROA not before: Sat 15 Mar 2025 00:30:29 +0000
ROA not after: Sat 19 Apr 2025 23:59:59 +0000
asID: 19047
IP address blocks: 70.130.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:33:b3:d7:47:77:3b:a9:40:7a:54:b0:c6:06:f6:06:1c:ad:2e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 15 00:30:29 2025 GMT
Not After : Apr 19 23:59:59 2025 GMT
Subject: serialNumber=a5cd73ff2eb0d1243857a560d11637dd59d4b013acd5a14c5ffa62341daade91, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2e:69:bf:e1:d9:61:3a:28:26:4b:2a:71:2b:
69:fa:e2:00:33:cf:53:a7:22:ad:c3:09:ca:b6:d9:
e4:ed:ef:ae:01:11:3e:36:e1:89:3a:66:16:fd:a0:
70:47:74:6b:00:92:08:e0:a9:dd:36:73:ad:14:0a:
72:9b:5c:0e:a4:10:b1:02:7a:9e:98:04:e2:ca:74:
a6:ad:4d:86:aa:a2:ba:f2:85:5c:f8:43:00:cc:b4:
34:b4:ed:5e:b0:d1:fe:19:02:5a:46:30:e6:9b:28:
42:b1:29:df:ee:da:4f:53:1e:af:cb:93:f3:b1:a5:
b6:e4:ed:cc:25:9a:29:09:7c:fc:fc:a5:19:3b:82:
1d:6f:40:08:9d:62:80:73:f5:67:ef:6a:a0:89:7d:
db:a4:d4:84:d9:32:5d:c3:4d:c8:ae:e7:22:cc:94:
26:3b:cf:cc:5a:6e:83:ee:dc:1c:b0:19:84:26:46:
e1:58:9f:1c:4b:6d:d3:85:03:b9:1a:44:b7:05:d3:
51:f9:ad:dc:de:38:27:46:5c:2d:eb:5f:c6:81:09:
6e:6c:56:91:cf:7b:3b:48:50:74:70:23:7d:fa:5a:
4d:53:c8:0f:31:4b:da:3b:2e:96:2e:0c:ad:75:1d:
4d:3a:da:9d:b7:f7:8f:df:15:1e:6a:5f:54:28:60:
8d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E9:5F:BA:C0:75:7D:79:3F:56:5E:C8:9B:A2:25:3A:B4:A5:54:A4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b89e647-0f7a-4774-a3e1-1e23ea20f96f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.130.212.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:36:01:24:90:fa:a9:d5:c8:be:55:57:0b:b5:e7:c8:0d:62:
68:66:89:d4:21:65:18:03:76:8a:d7:18:04:df:53:5f:6c:ad:
47:2b:31:ee:48:2f:5b:5b:f4:6d:80:b9:36:2a:1d:45:3c:3f:
be:67:0e:ae:f5:e3:23:0f:ff:31:23:b7:b3:90:52:ea:24:7b:
fb:61:1a:01:90:28:93:91:43:36:3c:59:e4:94:61:60:fb:75:
2f:7c:ce:7d:f6:4d:1c:b8:cc:ef:02:9d:cd:cd:6c:13:9d:6c:
f7:1c:96:fe:18:df:86:13:49:b0:fc:b3:ce:6e:ad:e7:3e:fa:
72:12:15:ec:16:e4:bc:6f:91:d2:c3:85:c0:96:fa:fd:5f:25:
af:b2:0b:4e:bb:97:9d:bb:99:6f:4b:b0:7c:20:7c:94:9d:1d:
d7:73:7b:bf:6e:9f:69:96:ce:ce:70:34:e4:e7:1b:c0:17:c3:
9b:74:10:a0:52:03:c1:3c:26:fb:38:5d:1b:0a:4d:10:7d:0e:
91:9d:c4:fd:01:79:82:ff:88:9c:92:c6:38:8a:b8:95:0d:cf:
a1:bb:c1:70:14:0c:d2:81:99:8d:ec:56:f7:ad:e0:ad:ac:77:
49:77:54:77:aa:e0:72:41:f2:a4:b6:1d:e8:ad:e7:d8:ce:32:
03:b9:e3:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXzOz10d3O6lAelSwxgb2BhytLsAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDAzMDI5WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNWNkNzNmZjJlYjBkMTI0Mzg1N2E1NjBkMTE2MzdkZDU5
ZDRiMDEzYWNkNWExNGM1ZmZhNjIzNDFkYWFkZTkxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyLmm/4dlhOigmSypxK2n64gAzz1OnIq3DCcq22eTt764B
ET424Yk6Zhb9oHBHdGsAkgjgqd02c60UCnKbXA6kELECep6YBOLKdKatTYaqorry
hVz4QwDMtDS07V6w0f4ZAlpGMOabKEKxKd/u2k9THq/Lk/Oxpbbk7cwlmikJfPz8
pRk7gh1vQAidYoBz9WfvaqCJfduk1ITZMl3DTciu5yLMlCY7z8xaboPu3BywGYQm
RuFYnxxLbdOFA7kaRLcF01H5rdzeOCdGXC3rX8aBCW5sVpHPeztIUHRwI336Wk1T
yA8xS9o7LpYuDK11HU062p2394/fFR5qX1QoYI2vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCelfusB1fXk/Vl7Im6IlOrSlVKQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNiODllNjQ3LTBmN2EtNDc3NC1hM2UxLTFlMjNlYTIwZjk2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABGgtQwDQYJKoZIhvcNAQELBQADggEBALk2ASSQ+qnVyL5VVwu158gNYmhm
idQhZRgDdorXGATfU19srUcrMe5IL1tb9G2AuTYqHUU8P75nDq714yMP/zEjt7OQ
Uuoke/thGgGQKJORQzY8WeSUYWD7dS98zn32TRy4zO8Cnc3NbBOdbPcclv4Y34YT
SbD8s85urec++nISFewW5LxvkdLDhcCW+v1fJa+yC067l527mW9LsHwgfJSdHddz
e79un2mWzs5wNOTnG8AXw5t0EKBSA8E8Jvs4XRsKTRB9DpGdxP0BeYL/iJySxjiK
uJUNz6G7wXAUDNKBmY3sVvet4K2sd0l3VHeq4HJB8qS2Heit59jOMgO54zg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:10:49 2025 by rpki-client