Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e5798e2-535b-4806-aecc-3b0f2b66b887.roa
File: 5e5798e2-535b-4806-aecc-3b0f2b66b887.roa (raw, json)
Hash identifier: 3bK3Iy/b5MZNbiMW1SHfyuF+9RS1W08U26U0EPJPogI=
Subject key identifier: 88:40:1B:57:3F:F7:23:CE:4C:A9:8C:C9:8F:5B:CA:B2:46:2E:C4:49
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 40387F0F3C2DF5D14766358B3B7C2E7532FBCF39
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e5798e2-535b-4806-aecc-3b0f2b66b887.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 56.71.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:38:7f:0f:3c:2d:f5:d1:47:66:35:8b:3b:7c:2e:75:32:fb:cf:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=d18e01fbcf22e9d79e57fb722d78349a890e2fbda37e2a621f7775200be2670d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:57:71:ee:38:26:71:12:2d:a6:0c:6e:83:f9:
25:cf:1e:2a:38:b5:2a:d3:a1:37:b9:4d:a7:50:63:
e2:5e:cd:97:ca:5a:96:6d:4b:b1:5d:d1:4a:9f:37:
1a:af:0a:9a:b3:f1:81:7b:1c:7e:73:ae:c5:12:ad:
e0:83:a7:85:e1:1e:7d:31:31:cf:df:0d:a0:2e:c6:
e9:ce:d2:59:31:fd:b3:e9:b1:d5:04:28:b5:12:47:
64:8a:b8:d2:01:a2:28:54:c1:78:f8:7c:b0:5d:88:
5e:59:08:52:2e:09:71:e6:fb:70:22:fe:e4:74:71:
33:e5:1b:38:6a:19:3c:09:e7:5c:32:b8:19:50:df:
aa:34:74:35:86:39:06:53:69:1e:fe:83:89:27:fc:
4f:a5:2c:a2:c0:01:65:24:02:fc:8f:bd:17:4b:3c:
bb:3f:19:9c:11:e4:4e:a4:68:b1:d5:01:6c:a5:d4:
30:52:90:b1:3f:57:53:41:46:5e:09:88:3d:bc:69:
5c:32:47:20:f0:55:e0:03:0f:32:f4:b2:0e:a4:05:
74:08:a4:2b:7b:ca:bb:03:6a:ac:99:89:db:98:91:
bb:b6:fa:d3:06:3f:4b:68:ee:07:07:c7:e0:eb:8e:
aa:70:02:8b:5c:f2:1f:f7:c6:35:f2:55:3e:b6:a2:
7b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:40:1B:57:3F:F7:23:CE:4C:A9:8C:C9:8F:5B:CA:B2:46:2E:C4:49
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e5798e2-535b-4806-aecc-3b0f2b66b887.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
56.71.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:30:af:5f:ce:d0:7e:12:49:7e:b6:71:01:6a:76:64:a5:fb:
89:d0:71:62:73:6b:2d:7b:c2:aa:ac:32:83:79:35:a0:b9:b5:
fa:77:04:70:93:63:c2:b3:73:c0:bc:6f:3a:49:c3:a2:f7:08:
d9:e0:b1:88:68:ea:2b:c5:9e:25:86:2a:5d:e8:9b:17:04:9d:
b9:d7:3b:d5:50:6b:45:a2:5e:23:ae:77:1e:a7:7e:5e:20:dc:
b4:c1:a5:c0:dc:c9:ef:08:07:6f:23:b4:68:71:06:22:a6:dd:
0a:07:db:c3:80:04:25:29:25:19:c7:d6:c9:cd:6c:f0:e7:c1:
93:87:81:d9:9b:01:6d:34:ec:0c:d8:21:dc:92:0e:93:0d:d1:
5d:ee:42:f2:60:43:32:ec:59:ca:33:13:55:4b:73:b4:9c:aa:
9c:a1:de:74:5c:25:ab:65:cb:56:b0:42:2f:dd:bc:43:3b:79:
0a:c3:90:91:85:3b:4f:0f:be:76:ff:8d:5a:d9:21:86:36:f5:
fd:84:9a:30:d7:a9:a2:08:22:5b:25:1f:c4:ae:1d:79:d1:ab:
9f:ee:24:aa:c8:03:32:03:91:c3:5a:dd:48:fb:af:24:35:c5:
9a:23:03:35:39:35:2f:d6:d8:35:57:c0:33:da:0a:88:a9:22:
23:b9:7b:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQDh/Dzwt9dFHZjWLO3wudTL7zzkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMThlMDFmYmNmMjJlOWQ3OWU1N2ZiNzIyZDc4MzQ5YTg5
MGUyZmJkYTM3ZTJhNjIxZjc3NzUyMDBiZTI2NzBkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMV3HuOCZxEi2mDG6D+SXPHio4tSrToTe5TadQY+JezZfK
WpZtS7Fd0UqfNxqvCpqz8YF7HH5zrsUSreCDp4XhHn0xMc/fDaAuxunO0lkx/bPp
sdUEKLUSR2SKuNIBoihUwXj4fLBdiF5ZCFIuCXHm+3Ai/uR0cTPlGzhqGTwJ51wy
uBlQ36o0dDWGOQZTaR7+g4kn/E+lLKLAAWUkAvyPvRdLPLs/GZwR5E6kaLHVAWyl
1DBSkLE/V1NBRl4JiD28aVwyRyDwVeADDzL0sg6kBXQIpCt7yrsDaqyZiduYkbu2
+tMGP0to7gcHx+DrjqpwAotc8h/3xjXyVT62ontrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUiEAbVz/3I85MqYzJj1vKskYuxEkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVlNTc5OGUyLTUzNWItNDgwNi1hZWNjLTNiMGYyYjY2Yjg4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4RzANBgkqhkiG9w0BAQsFAAOCAQEARTCvX87QfhJJfrZxAWp2ZKX7idBx
YnNrLXvCqqwyg3k1oLm1+ncEcJNjwrNzwLxvOknDovcI2eCxiGjqK8WeJYYqXeib
FwSdudc71VBrRaJeI653Hqd+XiDctMGlwNzJ7wgHbyO0aHEGIqbdCgfbw4AEJSkl
GcfWyc1s8OfBk4eB2ZsBbTTsDNgh3JIOkw3RXe5C8mBDMuxZyjMTVUtztJyqnKHe
dFwlq2XLVrBCL928Qzt5CsOQkYU7Tw++dv+NWtkhhjb1/YSaMNepoggiWyUfxK4d
edGrn+4kqsgDMgORw1rdSPuvJDXFmiMDNTk1L9bYNVfAM9oKiKkiI7l7Hg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:55:27 2025 by rpki-client