Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f4bd5c9-d01c-4b95-a044-b1af6cc470cd.roa
File: 3f4bd5c9-d01c-4b95-a044-b1af6cc470cd.roa (raw, json)
Hash identifier: TAZMQgMti85PI+W/RqXU0Yc9a0ez9U8ee1yBWWIN/DY=
Subject key identifier: 21:24:2F:5C:9B:A2:DE:97:9C:BE:CA:E8:68:F5:F6:1D:D7:8F:72:13
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 70AA3667F3886B32FD895DB1645C690D571AD8F6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f4bd5c9-d01c-4b95-a044-b1af6cc470cd.roa
Signing time: Sat 28 Dec 2024 00:00:00 +0000
ROA not before: Sat 28 Dec 2024 00:00:00 +0000
ROA not after: Sat 01 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.12.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:aa:36:67:f3:88:6b:32:fd:89:5d:b1:64:5c:69:0d:57:1a:d8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 28 00:00:00 2024 GMT
Not After : Feb 1 23:59:59 2025 GMT
Subject: serialNumber=b7ceabb34511d6f3e04738686395ac40d4a3051f4db1efdf3727a16e79eff735, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:23:78:b0:5e:e9:a4:95:e9:50:31:28:0e:1d:
5e:c5:e5:a1:52:5e:27:db:da:3d:c0:8d:be:ee:11:
ee:55:ae:44:dc:69:41:2d:d0:13:05:e0:2b:6b:20:
fd:b2:71:d7:b4:90:56:e4:36:87:cf:ca:7c:6d:98:
aa:05:51:33:b2:85:1d:d5:ab:59:a4:5d:2c:46:bc:
44:39:0d:7d:60:f5:45:74:a0:f4:89:50:7e:91:ff:
27:b5:ce:9e:da:70:e3:5f:fe:1a:1f:4a:dd:1b:35:
77:3c:94:0d:52:68:e3:07:22:dc:5c:24:8f:b5:85:
03:2a:5f:66:5c:83:b9:0a:00:24:c9:b4:d7:ab:39:
9f:85:92:89:fa:7d:ec:b2:0b:09:34:d4:ba:24:28:
9c:87:8f:71:b2:a3:e5:8c:be:1f:43:e9:24:7f:c7:
fe:b3:48:1b:5f:9a:38:c3:80:c1:7a:8c:41:56:7c:
01:22:a9:66:94:79:09:aa:f3:92:b4:a8:61:13:9d:
23:fb:32:9b:ed:b8:3e:17:79:5e:78:ca:11:d9:e7:
47:49:59:0c:d3:f4:fe:4a:96:56:3e:df:fa:97:9a:
c7:f1:59:e7:16:62:d5:a2:4b:6b:67:41:01:7c:8e:
2c:ef:99:cb:cd:eb:fc:fc:15:19:24:b9:85:9c:1e:
9b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:24:2F:5C:9B:A2:DE:97:9C:BE:CA:E8:68:F5:F6:1D:D7:8F:72:13
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f4bd5c9-d01c-4b95-a044-b1af6cc470cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.12.80.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:9e:eb:19:07:6b:5e:53:4b:94:15:a8:bc:51:58:d6:fa:34:
02:cc:03:cc:0f:50:3d:9a:85:4f:ba:b5:38:bd:09:52:04:5b:
a7:a3:63:00:09:8b:8e:64:61:be:50:2c:b5:04:2e:5b:96:a9:
77:62:00:4b:8e:a4:60:ce:3c:56:32:62:ce:b3:12:97:4e:ff:
e1:36:5b:e2:f8:11:ee:3b:13:eb:a8:9c:ef:5d:36:c1:2b:6d:
27:f2:57:44:e8:09:19:75:19:c9:4e:d5:fa:e9:ee:63:10:95:
31:67:7b:66:40:19:75:11:22:f4:8f:be:72:01:e9:00:32:8d:
a3:22:16:ad:d6:ff:26:28:2c:21:1d:2e:bd:ec:ec:f9:e9:e3:
86:5c:57:74:f1:a8:77:d9:d3:10:c3:df:99:ed:af:16:d3:6b:
f9:17:49:bb:fc:0d:25:35:4b:e0:47:2d:56:54:86:b3:61:07:
a0:c6:22:23:27:de:5f:d0:32:00:67:b4:02:6e:a1:fc:fb:3d:
15:0b:1a:60:d8:9b:20:53:d7:15:e8:19:5c:0f:bf:87:8f:b0:
59:79:15:fb:5c:1f:9a:61:4c:90:a7:02:0e:eb:88:d4:65:e8:
ad:26:b3:df:b5:9f:e9:06:6a:c8:ee:5e:0b:29:74:c3:c2:8c:
ff:b6:64:1f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcKo2Z/OIazL9iV2xZFxpDVca2PYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI4MDAwMDAwWhcNMjUwMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiN2NlYWJiMzQ1MTFkNmYzZTA0NzM4Njg2Mzk1YWM0MGQ0
YTMwNTFmNGRiMWVmZGYzNzI3YTE2ZTc5ZWZmNzM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkI3iwXumklelQMSgOHV7F5aFSXifb2j3Ajb7uEe5VrkTc
aUEt0BMF4CtrIP2ycde0kFbkNofPynxtmKoFUTOyhR3Vq1mkXSxGvEQ5DX1g9UV0
oPSJUH6R/ye1zp7acONf/hofSt0bNXc8lA1SaOMHItxcJI+1hQMqX2Zcg7kKACTJ
tNerOZ+Fkon6feyyCwk01LokKJyHj3Gyo+WMvh9D6SR/x/6zSBtfmjjDgMF6jEFW
fAEiqWaUeQmq85K0qGETnSP7MpvtuD4XeV54yhHZ50dJWQzT9P5KllY+3/qXmsfx
WecWYtWiS2tnQQF8jizvmcvN6/z8FRkkuYWcHpsFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUISQvXJui3pecvsroaPX2HdePchMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNmNGJkNWM5LWQwMWMtNGI5NS1hMDQ0LWIxYWY2Y2M0NzBjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAQDFAwDQYJKoZIhvcNAQELBQADggEBAKme6xkHa15TS5QVqLxRWNb6NALM
A8wPUD2ahU+6tTi9CVIEW6ejYwAJi45kYb5QLLUELluWqXdiAEuOpGDOPFYyYs6z
EpdO/+E2W+L4Ee47E+uonO9dNsErbSfyV0ToCRl1GclO1frp7mMQlTFne2ZAGXUR
IvSPvnIB6QAyjaMiFq3W/yYoLCEdLr3s7Pnp44ZcV3TxqHfZ0xDD35ntrxbTa/kX
Sbv8DSU1S+BHLVZUhrNhB6DGIiMn3l/QMgBntAJuofz7PRULGmDYmyBT1xXoGVwP
v4ePsFl5FftcH5phTJCnAg7riNRl6K0ms9+1n+kGasjuXgspdMPCjP+2ZB8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:03:17 2025 by rpki-client