Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/67321819-e1b5-4c0c-a11a-0c1d65d6a4c6.roa
File: 67321819-e1b5-4c0c-a11a-0c1d65d6a4c6.roa (raw, json)
Hash identifier: 75ADD7Q4JtS6GlxCwIORl7R4wpLx/Ue6oZFCMlc+YGM=
Subject key identifier: C5:43:D7:1E:79:44:8C:A0:F4:CD:B0:58:28:BF:D3:DF:54:C0:39:D3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 55D4D3274A9C4FF6F538FB545D64923F9BD71728
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/67321819-e1b5-4c0c-a11a-0c1d65d6a4c6.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.108.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d4:d3:27:4a:9c:4f:f6:f5:38:fb:54:5d:64:92:3f:9b:d7:17:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=e8d35bd2cc4af908d8b924d85f30ba5e4cadbf321ccd26b35f9ffdc6898b76dd, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2f:43:6a:0b:b1:86:74:d0:81:e5:d9:af:df:
48:f4:1e:0e:d3:03:3d:9c:35:7f:06:30:e3:d9:11:
b9:53:de:2d:31:12:8f:e2:07:0a:b1:9e:f4:fd:4f:
0e:5f:b5:b4:ac:38:e4:92:6a:f7:78:38:0c:51:ae:
10:ed:03:e5:03:71:01:81:bb:29:aa:75:b6:16:29:
fd:c2:2d:7d:81:12:36:57:7e:00:be:dd:af:77:c6:
9e:2e:48:8e:16:37:e5:f9:0b:bd:68:78:7e:b2:13:
c7:44:db:40:99:3a:b5:19:ad:a5:e1:8c:34:e2:81:
1e:cb:46:26:fe:70:f3:6d:f7:0a:a7:74:3f:33:f9:
9b:ca:95:a8:be:63:58:03:08:05:38:89:e4:4a:72:
38:57:1c:aa:47:6b:01:21:d7:64:06:ff:ed:f4:62:
21:82:4b:6a:3d:b0:2d:1d:11:e0:2f:99:69:08:93:
cf:0d:6c:36:7d:43:87:75:17:2f:00:ec:e4:ca:88:
f4:1d:5a:d6:b6:a0:16:11:50:c2:83:a0:38:8c:42:
e0:f4:d7:d5:3b:66:ac:8f:01:ee:cf:2e:d8:a4:8b:
cf:8c:5a:ca:bd:2a:5f:55:0a:d6:c1:5a:7b:fb:5c:
0e:3e:27:e2:8d:dc:9e:e9:0e:f4:de:7a:de:e2:55:
07:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:43:D7:1E:79:44:8C:A0:F4:CD:B0:58:28:BF:D3:DF:54:C0:39:D3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/67321819-e1b5-4c0c-a11a-0c1d65d6a4c6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:fb:99:4c:45:27:8f:cf:23:c4:ba:bb:e3:cf:23:e5:52:f8:
ba:0d:d2:d0:9f:da:29:db:3b:4f:ed:87:63:85:48:12:16:22:
f7:4a:26:8c:b1:00:05:7d:e3:86:09:28:ad:93:3b:f5:26:66:
66:03:cf:e7:5a:6f:83:7a:f6:2b:bf:e5:1b:ac:6b:d7:7d:05:
7d:f2:08:da:a8:c9:54:61:26:ab:de:af:0e:4d:34:31:2f:19:
77:a3:b4:b5:bb:8f:c1:30:13:b1:ca:a0:b2:03:e5:1f:94:35:
16:57:a8:b4:7d:d5:62:c4:ff:81:20:a1:40:65:24:91:61:0d:
3c:f9:f0:8a:b5:c7:8d:85:e0:be:4e:52:61:f5:58:f5:88:48:
c4:5c:b3:a0:26:cd:bf:87:02:e1:83:6e:46:ba:2e:cc:d0:19:
59:95:ac:6e:f5:2f:47:22:4a:a8:a7:6a:20:af:f9:dd:61:9f:
7e:d5:10:75:8d:23:a6:c6:91:d8:76:0e:2c:c6:d7:a2:6d:b1:
86:9e:a0:e5:f4:65:f9:10:73:db:3b:87:63:07:b7:dd:00:2a:
34:3f:ad:20:ea:01:f4:dc:71:65:df:f9:43:eb:f6:5d:b6:3b:
33:2f:b2:37:d1:0c:fc:37:3f:0d:98:32:64:48:f8:22:99:b6:
e3:1b:ac:d8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVdTTJ0qcT/b1OPtUXWSSP5vXFygwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOGQzNWJkMmNjNGFmOTA4ZDhiOTI0ZDg1ZjMwYmE1ZTRj
YWRiZjMyMWNjZDI2YjM1ZjlmZmRjNjg5OGI3NmRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyL0NqC7GGdNCB5dmv30j0Hg7TAz2cNX8GMOPZEblT3i0x
Eo/iBwqxnvT9Tw5ftbSsOOSSavd4OAxRrhDtA+UDcQGBuymqdbYWKf3CLX2BEjZX
fgC+3a93xp4uSI4WN+X5C71oeH6yE8dE20CZOrUZraXhjDTigR7LRib+cPNt9wqn
dD8z+ZvKlai+Y1gDCAU4ieRKcjhXHKpHawEh12QG/+30YiGCS2o9sC0dEeAvmWkI
k88NbDZ9Q4d1Fy8A7OTKiPQdWta2oBYRUMKDoDiMQuD019U7ZqyPAe7PLtiki8+M
Wsq9Kl9VCtbBWnv7XA4+J+KN3J7pDvTeet7iVQdtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUxUPXHnlEjKD0zbBYKL/T31TAOdMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY3MzIxODE5LWUxYjUtNGMwYy1hMTFhLTBjMWQ2NWQ2YTRjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQbDANBgkqhkiG9w0BAQsFAAOCAQEAV/uZTEUnj88jxLq7488j5VL4ug3S
0J/aKds7T+2HY4VIEhYi90omjLEABX3jhgkorZM79SZmZgPP51pvg3r2K7/lG6xr
130FffII2qjJVGEmq96vDk00MS8Zd6O0tbuPwTATscqgsgPlH5Q1FleotH3VYsT/
gSChQGUkkWENPPnwirXHjYXgvk5SYfVY9YhIxFyzoCbNv4cC4YNuRrouzNAZWZWs
bvUvRyJKqKdqIK/53WGfftUQdY0jpsaR2HYOLMbXom2xhp6g5fRl+RBz2zuHYwe3
3QAqND+tIOoB9NxxZd/5Q+v2XbY7My+yN9EM/Dc/DZgyZEj4Ipm24xus2A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:58:54 2025 by rpki-client