Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40838278-01cd-4862-8eba-a31cda35a757.roa
File: 40838278-01cd-4862-8eba-a31cda35a757.roa (raw, json)
Hash identifier: dh8xo3cBBn6IPqivC/2JyUW7KKsgULutGbg3Zp1nqJQ=
Subject key identifier: 93:9C:8A:DE:7C:70:B1:DF:19:B4:35:BD:BD:07:45:7E:8C:D1:D3:91
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 161470E38FD59D656D6DB6608D6989173FCD4CA9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40838278-01cd-4862-8eba-a31cda35a757.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 149.116.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:14:70:e3:8f:d5:9d:65:6d:6d:b6:60:8d:69:89:17:3f:cd:4c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=cefda8f7f982d1d7b589f2729adc59525dc8329242d4a6dc75db0d8c23870d19, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cc:a6:a9:9f:85:76:58:31:26:0e:40:78:42:
6a:61:52:bb:f8:02:6c:27:52:52:d9:59:8c:dc:96:
b4:35:e7:3d:a5:a1:9d:b9:04:3e:8b:3e:73:66:31:
88:5b:1b:f4:1a:d4:95:01:c5:98:fd:84:8a:f2:a1:
b7:34:b0:9e:f2:50:4c:e2:e8:2c:35:01:bf:52:0d:
01:92:55:67:d4:a7:f1:1e:7f:d4:49:ae:c9:3b:03:
05:28:29:3f:2b:17:bc:e3:21:d1:08:c5:ca:5f:5d:
72:91:3b:db:2b:16:38:68:70:bc:d2:5c:1b:05:51:
f1:1d:c3:57:8a:c2:f4:a0:c9:8a:ec:05:90:73:ab:
ca:cf:15:5a:ca:89:e7:93:ec:8a:ea:a4:8a:1c:b9:
0a:17:f6:e5:a1:ff:8e:d8:85:36:e5:2d:9b:7f:6b:
17:6b:f7:30:ed:2d:b4:91:5f:a0:1c:9b:c4:62:95:
d0:5b:1b:4e:75:17:95:93:da:59:81:a7:e9:61:a3:
64:f2:e3:5f:0d:57:61:56:35:75:7d:7d:8d:03:5f:
a3:d5:fa:ed:26:81:16:0a:49:fc:e0:c0:2a:ac:f1:
55:52:b6:91:95:27:7b:bc:97:85:a5:06:8e:b8:58:
e7:df:ef:b1:bb:03:5d:ab:31:a3:ed:a7:0d:bf:57:
62:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:9C:8A:DE:7C:70:B1:DF:19:B4:35:BD:BD:07:45:7E:8C:D1:D3:91
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40838278-01cd-4862-8eba-a31cda35a757.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.116.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:d2:c1:df:df:0d:6c:9e:e7:e7:b5:8c:50:15:f9:e2:f3:1d:
2a:ee:e0:d9:8c:d3:48:90:fd:be:13:07:8e:2c:35:07:2f:4a:
5c:29:e6:0c:1f:ac:57:ca:4e:7a:4a:57:99:3c:ea:4d:0d:d4:
4b:cf:c4:bf:6c:49:5c:a1:54:11:89:15:f5:27:14:78:06:d4:
62:9a:93:31:52:aa:28:1d:d0:52:f5:37:2f:1d:c9:27:8b:0b:
bd:7d:43:64:78:18:68:87:05:ba:04:3b:66:ef:fb:57:99:ce:
a8:bf:d7:fd:6b:13:99:20:ec:80:78:13:74:45:11:02:1f:d5:
d7:40:03:bf:34:84:9c:7e:e0:d6:5d:1a:ce:44:1a:fb:41:80:
03:a3:96:6c:aa:e2:5d:32:e0:fe:29:a2:4c:4a:bb:80:ce:6a:
11:26:2a:69:51:0f:9e:cb:9e:bf:23:6f:bf:66:13:b4:90:0e:
42:f1:92:2b:37:f5:40:8f:81:98:e3:fa:c0:31:91:4d:ba:57:
db:07:90:8b:7f:0f:19:3b:22:ad:19:1f:2c:f4:23:d2:7c:69:
fe:5f:28:3d:c4:ad:25:9e:03:63:0a:42:9a:2a:70:98:85:5a:
5d:71:40:b9:0f:05:8c:97:85:ee:0f:4c:86:41:17:a5:97:b8:
3d:6c:5d:98
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFhRw44/VnWVtbbZgjWmJFz/NTKkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZWZkYThmN2Y5ODJkMWQ3YjU4OWYyNzI5YWRjNTk1MjVk
YzgzMjkyNDJkNGE2ZGM3NWRiMGQ4YzIzODcwZDE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOzKapn4V2WDEmDkB4QmphUrv4AmwnUlLZWYzclrQ15z2l
oZ25BD6LPnNmMYhbG/Qa1JUBxZj9hIryobc0sJ7yUEzi6Cw1Ab9SDQGSVWfUp/Ee
f9RJrsk7AwUoKT8rF7zjIdEIxcpfXXKRO9srFjhocLzSXBsFUfEdw1eKwvSgyYrs
BZBzq8rPFVrKieeT7IrqpIocuQoX9uWh/47YhTblLZt/axdr9zDtLbSRX6Acm8Ri
ldBbG051F5WT2lmBp+lho2Ty418NV2FWNXV9fY0DX6PV+u0mgRYKSfzgwCqs8VVS
tpGVJ3u8l4WlBo64WOff77G7A12rMaPtpw2/V2LFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUk5yK3nxwsd8ZtDW9vQdFfozR05EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQwODM4Mjc4LTAxY2QtNDg2Mi04ZWJhLWEzMWNkYTM1YTc1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCVdDANBgkqhkiG9w0BAQsFAAOCAQEAUdLB398NbJ7n57WMUBX54vMdKu7g
2YzTSJD9vhMHjiw1By9KXCnmDB+sV8pOekpXmTzqTQ3US8/Ev2xJXKFUEYkV9ScU
eAbUYpqTMVKqKB3QUvU3Lx3JJ4sLvX1DZHgYaIcFugQ7Zu/7V5nOqL/X/WsTmSDs
gHgTdEURAh/V10ADvzSEnH7g1l0azkQa+0GAA6OWbKriXTLg/imiTEq7gM5qESYq
aVEPnsuevyNvv2YTtJAOQvGSKzf1QI+BmOP6wDGRTbpX2weQi38PGTsirRkfLPQj
0nxp/l8oPcStJZ4DYwpCmipwmIVaXXFAuQ8FjJeF7g9MhkEXpZe4PWxdmA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:07 2025 by rpki-client