Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49e638f6-0362-4c37-b8e1-db367d04f229.roa
File: 49e638f6-0362-4c37-b8e1-db367d04f229.roa (raw, json)
Hash identifier: NmQ8JfJOSi0mRqRysJCgcyXKjstw+wyUuh+/3QRmryw=
Subject key identifier: AC:E4:91:7E:A0:32:8D:38:D6:8F:C7:A6:A7:1A:85:06:5D:3C:C6:7C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6BC48A378C20C4A6240E115C47612F38986D7CF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49e638f6-0362-4c37-b8e1-db367d04f229.roa
Signing time: Tue 21 Jan 2025 00:00:00 +0000
ROA not before: Tue 21 Jan 2025 00:00:00 +0000
ROA not after: Tue 25 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 75.45.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:c4:8a:37:8c:20:c4:a6:24:0e:11:5c:47:61:2f:38:98:6d:7c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 21 00:00:00 2025 GMT
Not After : Feb 25 23:59:59 2025 GMT
Subject: serialNumber=6ef9fd4411869088e76419de8e8b072871df10d4ec853201b2d5b83dea8e6f46, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ba:d2:db:fd:61:01:b5:4d:b0:e7:47:15:a5:
d9:c5:87:52:fd:cb:04:72:f3:64:2d:23:c8:f4:22:
06:73:97:f3:d9:5f:68:c6:ea:ee:d0:7a:6f:c1:d7:
04:bd:be:d5:c4:96:07:f0:9d:04:3e:d6:35:fa:0f:
c9:5b:87:5e:1d:29:af:3e:67:06:8c:76:2d:1c:34:
fc:49:33:fa:b4:03:cd:2c:21:c7:cb:46:b2:4a:fb:
40:1f:5a:80:9e:f4:f2:1e:1a:5e:14:50:9b:d7:f1:
d5:b8:29:cf:7b:39:3a:2b:01:97:95:6f:43:5f:a0:
80:4b:72:03:18:b3:96:ae:92:7f:05:44:bb:3e:ff:
59:e7:9c:54:e3:b2:0a:21:c9:f4:3a:af:6c:5c:45:
d8:a4:2d:aa:c8:50:d8:49:07:39:88:69:9f:f0:d7:
ac:3d:1b:18:19:12:f1:3f:38:3a:9a:cd:97:25:72:
ea:01:d9:2a:f1:d2:36:f9:ee:db:85:eb:76:74:d7:
bc:27:4b:43:52:31:51:ea:98:98:02:50:5e:87:ca:
50:f4:50:3b:b9:6d:10:77:35:fc:36:12:cb:ad:d6:
72:3b:3f:12:6a:2c:17:d5:0d:94:c2:a2:30:65:53:
64:1f:92:24:37:15:e7:94:24:70:e8:3e:d7:00:6e:
af:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E4:91:7E:A0:32:8D:38:D6:8F:C7:A6:A7:1A:85:06:5D:3C:C6:7C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49e638f6-0362-4c37-b8e1-db367d04f229.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
75.45.128.0/18
Signature Algorithm: sha256WithRSAEncryption
47:ce:ad:a5:06:77:89:31:91:b2:ea:f3:10:d5:8a:fb:5c:3c:
19:5f:1a:b8:91:87:79:1f:5a:38:77:8d:0c:bb:fb:3c:35:bb:
4d:c0:cc:8d:ab:49:3a:b6:08:6b:0f:31:a4:46:54:89:06:3d:
9a:d0:c8:68:24:86:56:7a:b1:05:06:ad:3e:85:60:70:51:a0:
b0:88:91:82:38:21:74:51:e2:5b:54:c3:a6:0c:86:53:57:98:
13:b1:43:13:35:9c:9d:c6:54:7a:74:a8:f6:01:70:03:c6:c3:
ea:1c:c7:cc:73:4b:eb:91:96:5e:66:b6:f3:b0:15:5d:b6:2d:
15:1d:f4:20:33:77:8e:cf:69:6e:f4:7b:1a:e4:3d:30:5f:99:
83:ef:48:fa:e1:04:a9:44:c6:5d:a4:da:b9:63:5d:d8:4e:9f:
39:f9:bf:eb:17:b9:e8:68:3f:17:bb:d3:2f:08:1a:75:a9:cd:
71:ae:7f:a8:7e:c5:0e:db:72:aa:f2:47:7d:5a:f6:cd:47:3c:
20:4d:04:dd:a8:78:f8:3b:7b:da:cf:8c:52:34:d6:11:37:d4:
c8:fc:5a:b3:f3:9d:42:63:87:0b:e7:ee:e1:32:13:23:99:1d:
8f:19:5f:a9:22:6b:20:3c:35:f7:9b:ab:56:00:7b:05:f5:77:
e3:42:a4:0d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa8SKN4wgxKYkDhFcR2EvOJhtfPMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZWY5ZmQ0NDExODY5MDg4ZTc2NDE5ZGU4ZThiMDcyODcx
ZGYxMGQ0ZWM4NTMyMDFiMmQ1YjgzZGVhOGU2ZjQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrutLb/WEBtU2w50cVpdnFh1L9ywRy82QtI8j0IgZzl/PZ
X2jG6u7Qem/B1wS9vtXElgfwnQQ+1jX6D8lbh14dKa8+ZwaMdi0cNPxJM/q0A80s
IcfLRrJK+0AfWoCe9PIeGl4UUJvX8dW4Kc97OTorAZeVb0NfoIBLcgMYs5aukn8F
RLs+/1nnnFTjsgohyfQ6r2xcRdikLarIUNhJBzmIaZ/w16w9GxgZEvE/ODqazZcl
cuoB2Srx0jb57tuF63Z017wnS0NSMVHqmJgCUF6HylD0UDu5bRB3Nfw2Esut1nI7
PxJqLBfVDZTCojBlU2QfkiQ3FeeUJHDoPtcAbq+tAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrOSRfqAyjTjWj8empxqFBl08xnwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ5ZTYzOGY2LTAzNjItNGMzNy1iOGUxLWRiMzY3ZDA0ZjIyOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZLLYAwDQYJKoZIhvcNAQELBQADggEBAEfOraUGd4kxkbLq8xDVivtcPBlf
GriRh3kfWjh3jQy7+zw1u03AzI2rSTq2CGsPMaRGVIkGPZrQyGgkhlZ6sQUGrT6F
YHBRoLCIkYI4IXRR4ltUw6YMhlNXmBOxQxM1nJ3GVHp0qPYBcAPGw+ocx8xzS+uR
ll5mtvOwFV22LRUd9CAzd47PaW70exrkPTBfmYPvSPrhBKlExl2k2rljXdhOnzn5
v+sXuehoPxe70y8IGnWpzXGuf6h+xQ7bcqryR31a9s1HPCBNBN2oePg7e9rPjFI0
1hE31Mj8WrPznUJjhwvn7uEyEyOZHY8ZX6kiayA8Nfebq1YAewX1d+NCpA0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:43:27 2025 by rpki-client