Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/681c110a-64e6-4ad5-b96f-a920e4addc54.roa
File: 681c110a-64e6-4ad5-b96f-a920e4addc54.roa (raw, json)
Hash identifier: IbCJPYcIZ1E2xabS4TJJ/lhvxysWPPbqnlDaCih8XzM=
Subject key identifier: 46:33:D6:B4:76:2B:FD:14:C0:98:B7:E8:0A:E0:7F:D9:07:A2:3D:D2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 202033AA5A353999FB65D40996BA93968ACEC4B2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/681c110a-64e6-4ad5-b96f-a920e4addc54.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 130.101.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:20:33:aa:5a:35:39:99:fb:65:d4:09:96:ba:93:96:8a:ce:c4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=ad3685fcd7d2dd393b5de174a0b75f9bb751895e28b30abf2cdb2068187cd3ba, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:0e:10:16:72:17:1b:d8:05:b6:4b:d8:61:
b7:f6:fe:8f:a2:c5:ee:a1:b6:0a:7c:5c:f6:11:a6:
37:8a:e9:02:48:e6:f4:c4:77:3c:42:13:54:92:25:
2e:6f:a9:39:07:7c:f8:c8:4f:76:59:38:6c:2f:ad:
83:15:42:44:da:8e:30:a4:7a:23:5f:ec:dd:1a:9f:
81:11:b8:5d:74:6c:8a:17:46:6f:b8:d7:eb:12:fd:
ad:c4:24:f8:de:11:f4:c9:55:7d:ee:d0:47:a7:4b:
2d:ef:b3:dd:d4:b9:2a:ce:22:ac:b3:de:19:5b:b7:
52:e6:53:1d:0e:de:61:4e:f9:51:50:43:41:d5:db:
15:cc:42:3f:5e:b0:7d:da:76:22:bb:f6:db:d4:c0:
c6:28:e4:2f:d8:e4:55:d7:e8:e8:a7:dd:b7:1a:9a:
65:9d:7e:1e:aa:54:a6:fd:31:49:4d:ed:74:cd:75:
cb:39:b5:54:1e:95:49:40:38:21:7a:37:cb:d6:be:
19:69:bc:47:a9:d9:9b:b5:35:21:6d:57:57:a0:e8:
b0:42:cc:d9:a6:22:93:cb:e6:35:49:c8:8a:ff:78:
50:be:d5:f9:2b:be:27:f6:e5:a2:30:ed:f4:fc:31:
d1:d2:1e:61:0d:95:4c:f8:6c:d7:92:3c:a3:40:fc:
b0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:33:D6:B4:76:2B:FD:14:C0:98:B7:E8:0A:E0:7F:D9:07:A2:3D:D2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/681c110a-64e6-4ad5-b96f-a920e4addc54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.101.0.0/17
Signature Algorithm: sha256WithRSAEncryption
bc:f3:cc:05:ab:90:25:79:49:b9:64:82:07:a9:a4:c9:88:72:
db:bd:56:da:44:f2:2b:16:90:01:d4:97:9a:a2:df:3b:27:2f:
3d:b4:ec:ce:c8:ad:63:4f:3b:5b:55:48:7f:61:7f:ae:57:31:
95:49:19:36:31:81:3d:c2:ce:86:f8:98:05:37:ca:2c:a5:85:
c4:6d:ca:24:47:90:ef:b8:24:1b:53:f6:e3:0d:0d:77:87:34:
26:25:31:08:e2:e5:8d:c9:4f:96:d0:ae:4a:1b:f2:98:f6:b1:
89:9e:d9:ff:fb:38:ac:9d:99:49:6e:b2:48:aa:75:55:55:ca:
53:1b:ec:b4:3e:ad:70:96:31:56:e7:9f:4b:5b:c3:74:08:05:
b7:6a:f6:5c:ce:68:db:ef:9b:ac:dd:64:6c:40:7e:e9:93:58:
c2:07:30:a6:5e:9f:71:57:9f:49:12:08:31:c8:c9:77:97:cf:
06:fe:81:9a:0b:51:05:78:26:49:29:c8:d4:da:f7:af:29:8b:
4a:3d:16:f5:46:42:78:8e:39:30:14:b2:e5:70:a5:26:77:65:
eb:03:02:52:66:b0:90:10:be:10:0f:12:4f:27:ed:11:17:16:
a9:62:f1:84:d5:41:56:c1:1f:bc:e0:e0:1d:10:de:71:38:37:
21:d6:3b:06
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUICAzqlo1OZn7ZdQJlrqTlorOxLIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDM2ODVmY2Q3ZDJkZDM5M2I1ZGUxNzRhMGI3NWY5YmI3
NTE4OTVlMjhiMzBhYmYyY2RiMjA2ODE4N2NkM2JhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0yQ4QFnIXG9gFtkvYYbf2/o+ixe6htgp8XPYRpjeK6QJI
5vTEdzxCE1SSJS5vqTkHfPjIT3ZZOGwvrYMVQkTajjCkeiNf7N0an4ERuF10bIoX
Rm+41+sS/a3EJPjeEfTJVX3u0EenSy3vs93UuSrOIqyz3hlbt1LmUx0O3mFO+VFQ
Q0HV2xXMQj9esH3adiK79tvUwMYo5C/Y5FXX6Oin3bcammWdfh6qVKb9MUlN7XTN
dcs5tVQelUlAOCF6N8vWvhlpvEep2Zu1NSFtV1eg6LBCzNmmIpPL5jVJyIr/eFC+
1fkrvif25aIw7fT8MdHSHmENlUz4bNeSPKNA/LA5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURjPWtHYr/RTAmLfoCuB/2QeiPdIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4MWMxMTBhLTY0ZTYtNGFkNS1iOTZmLWE5MjBlNGFkZGM1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeCZQAwDQYJKoZIhvcNAQELBQADggEBALzzzAWrkCV5SblkggeppMmIctu9
VtpE8isWkAHUl5qi3zsnLz207M7IrWNPO1tVSH9hf65XMZVJGTYxgT3Czob4mAU3
yiylhcRtyiRHkO+4JBtT9uMNDXeHNCYlMQji5Y3JT5bQrkob8pj2sYme2f/7OKyd
mUluskiqdVVVylMb7LQ+rXCWMVbnn0tbw3QIBbdq9lzOaNvvm6zdZGxAfumTWMIH
MKZen3FXn0kSCDHIyXeXzwb+gZoLUQV4JkkpyNTa968pi0o9FvVGQniOOTAUsuVw
pSZ3ZesDAlJmsJAQvhAPEk8n7REXFqli8YTVQVbBH7zg4B0Q3nE4NyHWOwY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:02:47 2025 by rpki-client