Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49999520-8763-4540-b6a9-ac1bba32ed9e.roa
File: 49999520-8763-4540-b6a9-ac1bba32ed9e.roa (raw, json)
Hash identifier: NI9NhTgHL8jkWuJ7Axo/nG66bxIiX/TYD5otk/MyQMo=
Subject key identifier: 1F:25:93:E9:8F:0E:94:C3:38:4D:11:42:21:EC:77:DE:F5:E2:C6:48
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: C4D05211DC700C614FC2295B3C032F74BE4275
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49999520-8763-4540-b6a9-ac1bba32ed9e.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 40.39.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
c4:d0:52:11:dc:70:0c:61:4f:c2:29:5b:3c:03:2f:74:be:42:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=983febb4ab5212a05fcaf391aa19b02efda1c5df19843f431a07dfb935f0d1c3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:10:4f:45:8f:78:c2:15:0e:a4:95:5b:74:ef:
cf:f8:6d:b1:ca:78:e9:a3:1f:43:fc:2c:30:b2:59:
db:4e:ef:45:91:d2:40:df:2b:11:57:8f:ea:0c:4d:
bc:99:ed:c2:55:9c:29:03:76:43:b7:6a:85:cd:3e:
c6:5d:0e:23:60:cd:22:1a:66:ff:ec:45:1e:a5:1a:
01:bd:40:e2:31:35:1f:69:ce:03:95:0c:4c:ac:2a:
36:72:4f:35:07:70:0f:2d:2c:c6:04:27:ca:7f:79:
1a:7d:13:da:14:f0:11:cb:20:15:35:c3:78:94:60:
fd:fd:1e:69:70:bd:88:a1:0a:d4:45:20:9a:ca:46:
67:f3:95:91:4c:f0:8d:3b:7b:16:4b:5c:37:87:6b:
42:a7:3b:77:33:5e:a1:fb:72:cb:10:72:68:e7:f5:
55:59:87:71:bb:34:9e:a5:b0:c8:7b:ea:1d:23:3b:
08:56:32:b8:de:c3:3b:4b:4c:94:24:cf:bd:e9:a6:
02:4c:a0:a7:42:69:cc:57:32:69:b1:de:15:72:bf:
8b:e0:c3:c2:a2:ae:21:75:68:5d:c2:3a:65:ea:91:
92:f6:f8:72:64:cc:5c:20:64:2e:89:b7:7a:7a:43:
d5:c9:d6:11:6b:de:1e:6c:b0:9e:34:fa:bb:14:11:
33:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:25:93:E9:8F:0E:94:C3:38:4D:11:42:21:EC:77:DE:F5:E2:C6:48
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49999520-8763-4540-b6a9-ac1bba32ed9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.39.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:da:aa:b8:d5:7c:c0:a2:6d:a9:18:2b:e5:0a:4f:ef:bd:62:
88:d4:f7:1b:8b:a7:af:da:8c:7b:0f:07:e7:aa:b4:f5:7d:a7:
76:db:7d:7f:08:a4:9d:c0:a7:71:3f:7c:d0:ee:b4:84:9d:fc:
48:92:76:19:2e:b0:d8:90:bb:89:97:d7:f5:c5:15:fc:a9:63:
09:3a:c9:18:08:db:ed:be:f1:6a:cd:32:74:62:2a:ca:95:4f:
9f:33:da:d1:8e:40:d6:b5:16:41:93:69:e6:04:9e:59:aa:71:
93:c1:bf:cf:87:53:52:f6:a5:f3:b4:b7:9d:c5:ce:90:15:f9:
6c:99:80:da:2d:52:17:ed:4f:82:82:60:03:2e:37:f4:26:9b:
41:c7:9c:5f:57:94:bd:2f:c3:67:70:f5:86:3f:ca:89:cc:54:
7a:55:03:72:52:81:df:f8:5d:e1:13:cb:ce:e6:91:de:96:18:
ea:e8:bb:10:17:dd:d7:a6:15:4c:97:07:f7:79:89:84:67:2e:
84:b7:48:d9:97:19:d1:07:50:91:85:22:b1:59:c6:a5:20:f7:
66:e0:2e:ff:04:05:89:59:dd:81:10:29:a0:9d:91:e3:b4:54:
55:3c:2c:a7:15:96:3a:cd:66:8d:11:3a:e9:62:52:2e:94:e7:
4b:df:bd:fc
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAMTQUhHccAxhT8IpWzwDL3S+QnUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODNmZWJiNGFiNTIxMmEwNWZjYWYzOTFhYTE5YjAyZWZk
YTFjNWRmMTk4NDNmNDMxYTA3ZGZiOTM1ZjBkMWMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaEE9Fj3jCFQ6klVt078/4bbHKeOmjH0P8LDCyWdtO70WR
0kDfKxFXj+oMTbyZ7cJVnCkDdkO3aoXNPsZdDiNgzSIaZv/sRR6lGgG9QOIxNR9p
zgOVDEysKjZyTzUHcA8tLMYEJ8p/eRp9E9oU8BHLIBU1w3iUYP39HmlwvYihCtRF
IJrKRmfzlZFM8I07exZLXDeHa0KnO3czXqH7cssQcmjn9VVZh3G7NJ6lsMh76h0j
OwhWMrjewztLTJQkz73ppgJMoKdCacxXMmmx3hVyv4vgw8KiriF1aF3COmXqkZL2
+HJkzFwgZC6Jt3p6Q9XJ1hFr3h5ssJ40+rsUETPlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUHyWT6Y8OlMM4TRFCIex33vXixkgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ5OTk5NTIwLTg3NjMtNDU0MC1iNmE5LWFjMWJiYTMyZWQ5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAoJzANBgkqhkiG9w0BAQsFAAOCAQEAAdqquNV8wKJtqRgr5QpP771iiNT3
G4unr9qMew8H56q09X2ndtt9fwikncCncT980O60hJ38SJJ2GS6w2JC7iZfX9cUV
/KljCTrJGAjb7b7xas0ydGIqypVPnzPa0Y5A1rUWQZNp5gSeWapxk8G/z4dTUval
87S3ncXOkBX5bJmA2i1SF+1PgoJgAy439CabQcecX1eUvS/DZ3D1hj/KicxUelUD
clKB3/hd4RPLzuaR3pYY6ui7EBfd16YVTJcH93mJhGcuhLdI2ZcZ0QdQkYUisVnG
pSD3ZuAu/wQFiVndgRApoJ2R47RUVTwspxWWOs1mjRE66WJSLpTnS9+9/A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:51:55 2025 by rpki-client