Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40705876-1e7f-44f7-97a1-252c529caa08.roa
File: 40705876-1e7f-44f7-97a1-252c529caa08.roa (raw, json)
Hash identifier: BXcEat4JA1N8ak8g5Twk7CC0Wf7kEqZ0r000R06Ebhg=
Subject key identifier: 2C:5F:D8:F3:2A:65:69:E7:99:DC:68:90:D8:E6:81:90:D4:84:B5:C5
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 57099824A185FECE36017ADB77F16DCFB2925072
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40705876-1e7f-44f7-97a1-252c529caa08.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 108.171.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:09:98:24:a1:85:fe:ce:36:01:7a:db:77:f1:6d:cf:b2:92:50:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=46567ed536259d32c2d56f77e57bae523f5254afec12fd8f44f317257d482fce, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:47:f3:48:81:83:b4:7c:b2:d7:df:9b:4b:aa:
7e:ca:02:a0:ea:ac:af:fb:76:26:30:1a:d8:24:d3:
51:8f:2b:d7:b2:ee:ef:47:f3:85:ac:7a:0e:63:2f:
64:3f:72:43:c0:36:20:56:cd:99:e3:1f:1a:a1:20:
06:e2:7e:c2:34:5e:4d:8a:dc:b4:51:c2:44:ed:86:
6b:c9:87:6f:73:10:38:75:1d:64:83:d6:e4:27:2d:
f7:e8:0c:43:b4:b2:72:d7:e9:cf:1c:6a:a0:85:bd:
25:dc:90:18:ce:57:8e:a8:de:70:5d:6a:49:b5:78:
62:8b:de:9d:5e:52:01:2c:d4:c5:cd:0f:d8:89:09:
2e:7d:c1:7d:f6:30:6a:fd:51:f5:a1:05:94:1a:3d:
a1:69:8b:19:62:4b:0d:f3:2e:90:df:5a:5c:45:09:
ae:89:00:a8:22:c1:53:9c:4a:c8:4c:a2:26:b7:17:
26:bf:06:c0:7e:2e:a0:b8:4a:0c:23:75:f5:b8:95:
0f:16:8f:53:bb:fe:21:e6:8e:33:dd:dd:42:fb:0b:
cb:71:5f:c3:af:5a:3e:8a:f3:87:45:80:0e:2b:bd:
d6:a2:72:1d:2a:1b:4b:0c:7f:08:40:b0:3b:2b:6e:
f4:58:9b:9b:ad:75:4f:fd:3b:05:f7:5b:bf:a1:ff:
ce:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5F:D8:F3:2A:65:69:E7:99:DC:68:90:D8:E6:81:90:D4:84:B5:C5
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40705876-1e7f-44f7-97a1-252c529caa08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.171.240.0/20
Signature Algorithm: sha256WithRSAEncryption
57:de:bd:7b:cc:51:58:63:97:78:39:53:d7:e0:5f:b6:20:da:
9a:af:4f:42:c6:c8:14:7e:1f:58:c3:76:44:2c:18:13:3c:80:
af:60:51:16:7e:72:f2:b6:b0:66:bf:6a:46:be:2c:03:45:70:
90:bc:87:65:89:e5:34:4b:2e:e1:67:74:14:7b:c8:c2:1e:be:
69:7e:c9:b2:a0:35:3d:85:33:84:b4:50:62:68:93:06:51:b3:
08:7a:a8:4a:f5:7d:26:c3:fc:15:d2:62:2f:87:f6:fa:ff:2e:
5c:1b:86:e7:06:71:24:92:10:ac:de:1b:2a:85:d2:06:5a:d8:
77:d9:c2:03:15:4e:b0:00:66:c5:04:e1:84:5f:f9:d3:41:c6:
b6:eb:1a:11:0b:d3:98:ef:5e:d8:24:9f:e0:ca:4c:fc:9e:43:
5d:42:6c:29:50:53:a4:17:1f:e4:3c:8a:e1:f1:cd:fb:af:7d:
6f:20:64:f9:c0:ea:07:19:35:fd:0c:f9:7b:33:ea:7f:bb:67:
07:1b:5a:c7:1b:81:41:e7:d7:0c:fa:41:1d:31:b0:32:99:f2:
a0:c4:5b:4f:0d:c0:1c:a6:11:c2:45:46:9f:38:6e:06:48:70:
b9:db:23:f1:ed:6e:91:b6:ec:d2:18:0f:ec:e1:05:9d:51:e7:
5a:1d:8e:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVwmYJKGF/s42AXrbd/Ftz7KSUHIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NjU2N2VkNTM2MjU5ZDMyYzJkNTZmNzdlNTdiYWU1MjNm
NTI1NGFmZWMxMmZkOGY0NGYzMTcyNTdkNDgyZmNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcR/NIgYO0fLLX35tLqn7KAqDqrK/7diYwGtgk01GPK9ey
7u9H84Wseg5jL2Q/ckPANiBWzZnjHxqhIAbifsI0Xk2K3LRRwkTthmvJh29zEDh1
HWSD1uQnLffoDEO0snLX6c8caqCFvSXckBjOV46o3nBdakm1eGKL3p1eUgEs1MXN
D9iJCS59wX32MGr9UfWhBZQaPaFpixliSw3zLpDfWlxFCa6JAKgiwVOcSshMoia3
Fya/BsB+LqC4SgwjdfW4lQ8Wj1O7/iHmjjPd3UL7C8txX8OvWj6K84dFgA4rvdai
ch0qG0sMfwhAsDsrbvRYm5utdU/9OwX3W7+h/87dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULF/Y8yplaeeZ3GiQ2OaBkNSEtcUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQwNzA1ODc2LTFlN2YtNDRmNy05N2ExLTI1MmM1MjljYWEwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARsq/AwDQYJKoZIhvcNAQELBQADggEBAFfevXvMUVhjl3g5U9fgX7Yg2pqv
T0LGyBR+H1jDdkQsGBM8gK9gURZ+cvK2sGa/aka+LANFcJC8h2WJ5TRLLuFndBR7
yMIevml+ybKgNT2FM4S0UGJokwZRswh6qEr1fSbD/BXSYi+H9vr/LlwbhucGcSSS
EKzeGyqF0gZa2HfZwgMVTrAAZsUE4YRf+dNBxrbrGhEL05jvXtgkn+DKTPyeQ11C
bClQU6QXH+Q8iuHxzfuvfW8gZPnA6gcZNf0M+Xsz6n+7ZwcbWscbgUHn1wz6QR0x
sDKZ8qDEW08NwBymEcJFRp84bgZIcLnbI/HtbpG27NIYD+zhBZ1R51odjnc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:27:13 2025 by rpki-client