Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/464b5447-fd38-4db2-a34f-68da27701130.roa
File: 464b5447-fd38-4db2-a34f-68da27701130.roa (raw, json)
Hash identifier: HEoi0aEFb3+ZhGUXAixHCAFg2pbDajLaPfzDs1gZT2g=
Subject key identifier: A9:58:6D:8E:6D:4E:32:0C:9B:2A:4D:B8:05:A0:BC:C7:B4:82:39:0B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 27018667661AC80026FD6DC9AD4CAFF7160C9F37
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/464b5447-fd38-4db2-a34f-68da27701130.roa
Signing time: Sat 28 Dec 2024 00:00:00 +0000
ROA not before: Sat 28 Dec 2024 00:00:00 +0000
ROA not after: Sat 01 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 138.90.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:01:86:67:66:1a:c8:00:26:fd:6d:c9:ad:4c:af:f7:16:0c:9f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 28 00:00:00 2024 GMT
Not After : Feb 1 23:59:59 2025 GMT
Subject: serialNumber=971bbf63f166c11ace34a61fa8b63a10948b962709ce0294a49c18df70f3a226, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:10:78:19:69:5e:52:c7:89:73:fa:34:5a:25:
55:40:5d:e6:8a:f2:d3:50:64:c5:78:91:6e:8d:88:
96:2a:e5:10:00:d3:5d:a1:d9:04:84:42:b4:cf:13:
eb:fa:b0:54:7d:9f:37:4a:3a:5f:b2:00:bc:04:10:
0e:01:46:10:d3:86:b5:a4:de:a1:b9:2f:62:ae:8a:
e2:46:85:7a:e4:51:71:c4:69:60:d7:c7:79:af:55:
40:c0:c0:06:1a:85:ff:9a:8d:12:53:0c:01:52:fa:
fd:d4:23:b9:ff:3c:47:e1:ee:5d:55:5b:7c:76:bf:
ff:b9:5e:e1:13:3f:72:da:88:30:47:07:9d:c6:dc:
24:24:03:30:d8:3e:28:f5:80:c1:87:7f:f5:96:3d:
92:d5:7b:09:84:16:9c:52:5b:9e:6c:e8:55:30:8c:
5c:97:5e:e3:31:2d:47:45:74:95:0e:aa:7d:84:18:
21:58:01:68:3d:51:57:01:88:79:05:94:ca:9c:6f:
f2:6a:84:fd:10:69:21:4f:6f:84:b8:48:a7:f8:d0:
e5:9b:d3:50:2c:38:ac:58:b3:13:5a:b2:42:19:b5:
18:ff:6b:60:ba:54:22:82:41:e7:b8:ca:aa:30:f8:
fc:a1:8d:d8:df:3f:d9:b3:e3:7e:6b:97:fe:09:5a:
c6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:58:6D:8E:6D:4E:32:0C:9B:2A:4D:B8:05:A0:BC:C7:B4:82:39:0B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/464b5447-fd38-4db2-a34f-68da27701130.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:b0:b7:9d:ab:34:3f:6f:13:19:21:36:54:95:cc:d2:9c:b9:
cf:8c:07:ea:83:5e:3d:46:00:98:aa:1f:b1:9e:20:72:93:8a:
0a:2c:3c:86:e0:6d:25:a4:93:7c:c6:3f:61:a9:3e:2e:20:02:
d6:13:bf:d5:0f:ec:31:ca:a0:03:fc:c0:95:6b:a4:d2:44:a2:
56:79:57:7d:0b:97:84:fc:56:ad:28:27:86:c4:19:e6:a9:a2:
50:34:df:54:26:61:6d:f1:79:70:8b:9f:49:8d:b2:e9:20:e5:
9a:e4:9e:73:57:03:59:47:c3:4e:f3:3f:4b:b4:2d:75:99:87:
cc:a2:06:ee:71:c4:0c:b0:b9:3b:aa:cc:39:b2:c9:a5:24:94:
11:54:be:1b:74:e5:b2:33:ad:a2:6c:15:2b:c3:ff:49:ae:01:
e8:ef:cc:b7:48:c4:71:71:ad:2f:72:1f:27:1a:f2:9d:2f:75:
41:09:e5:bd:e4:52:6e:39:57:63:be:eb:ba:d4:dc:2b:8f:ad:
34:0c:be:d3:15:f1:87:6f:1d:91:ef:5f:25:1f:fe:4d:4f:ff:
9b:15:84:0d:00:9b:47:54:3a:2d:3c:c3:0e:83:8c:f3:cb:c2:
58:5f:05:df:e5:9f:56:d1:ee:fa:69:29:c6:7a:57:c6:25:f9:
a5:39:a1:6b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJwGGZ2YayAAm/W3JrUyv9xYMnzcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI4MDAwMDAwWhcNMjUwMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NzFiYmY2M2YxNjZjMTFhY2UzNGE2MWZhOGI2M2ExMDk0
OGI5NjI3MDljZTAyOTRhNDljMThkZjcwZjNhMjI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsEHgZaV5Sx4lz+jRaJVVAXeaK8tNQZMV4kW6NiJYq5RAA
012h2QSEQrTPE+v6sFR9nzdKOl+yALwEEA4BRhDThrWk3qG5L2KuiuJGhXrkUXHE
aWDXx3mvVUDAwAYahf+ajRJTDAFS+v3UI7n/PEfh7l1VW3x2v/+5XuETP3LaiDBH
B53G3CQkAzDYPij1gMGHf/WWPZLVewmEFpxSW55s6FUwjFyXXuMxLUdFdJUOqn2E
GCFYAWg9UVcBiHkFlMqcb/JqhP0QaSFPb4S4SKf40OWb01AsOKxYsxNaskIZtRj/
a2C6VCKCQee4yqow+PyhjdjfP9mz435rl/4JWsbRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUqVhtjm1OMgybKk24BaC8x7SCOQswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ2NGI1NDQ3LWZkMzgtNGRiMi1hMzRmLTY4ZGEyNzcwMTEzMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCKWjANBgkqhkiG9w0BAQsFAAOCAQEAcrC3nas0P28TGSE2VJXM0py5z4wH
6oNePUYAmKofsZ4gcpOKCiw8huBtJaSTfMY/Yak+LiAC1hO/1Q/sMcqgA/zAlWuk
0kSiVnlXfQuXhPxWrSgnhsQZ5qmiUDTfVCZhbfF5cIufSY2y6SDlmuSec1cDWUfD
TvM/S7QtdZmHzKIG7nHEDLC5O6rMObLJpSSUEVS+G3TlsjOtomwVK8P/Sa4B6O/M
t0jEcXGtL3IfJxrynS91QQnlveRSbjlXY77rutTcK4+tNAy+0xXxh28dke9fJR/+
TU//mxWEDQCbR1Q6LTzDDoOM88vCWF8F3+WfVtHu+mkpxnpXxiX5pTmhaw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:30:44 2025 by rpki-client