Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/735c77c2-71fa-4be3-832b-a90d38af5701.roa
File: 735c77c2-71fa-4be3-832b-a90d38af5701.roa (raw, json)
Hash identifier: fRdcSV6mGATd8DILHUn9Rx9wYECSyepTdFLr4zisrdQ=
Subject key identifier: C2:26:0D:B7:FB:C9:F2:1B:39:17:DD:91:C7:B6:0A:8A:42:52:33:C3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7196E061EA06BDCCBB269137EEC4DF9EA2A9DC6A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/735c77c2-71fa-4be3-832b-a90d38af5701.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 16.153.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:96:e0:61:ea:06:bd:cc:bb:26:91:37:ee:c4:df:9e:a2:a9:dc:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=d3552ceb60d71b274cee506bdcc5db5798b22d72c6b9c0516ae8304ee9ddd03d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:00:55:ef:63:e9:97:53:a3:03:50:e9:63:7a:
20:5c:0d:52:6b:70:08:44:24:ef:8c:14:1b:03:d8:
cb:c7:02:34:82:0e:40:d4:e8:21:a3:f3:16:7e:26:
6f:8d:f0:dc:28:f5:71:15:e5:ed:64:b7:49:12:ea:
e0:f2:88:3b:4c:72:8c:99:dc:6b:38:21:c3:05:be:
43:dc:05:07:1b:33:97:b9:55:3e:f3:04:0d:7f:91:
77:31:88:fb:c2:50:32:bb:7d:7d:71:72:5f:4f:9e:
81:da:93:3a:0f:30:72:51:3c:d4:08:7d:ba:3e:99:
e8:86:41:d5:a4:67:21:c2:af:7a:f8:cc:66:ce:ce:
88:1d:94:65:ce:9d:aa:d0:ee:ff:57:2c:5e:31:03:
8f:fc:90:d8:e8:9a:ee:e3:21:4e:b9:7e:ce:86:72:
6e:b7:c0:2f:1f:5d:b6:8b:fe:4f:26:57:ed:04:8b:
da:2a:06:c7:e3:5f:1e:ca:4d:06:f4:47:da:01:ed:
5d:95:26:64:cf:92:87:18:2a:22:66:a6:c7:7e:e4:
b8:a9:e2:70:f8:86:e1:4e:91:d3:cc:7c:bf:91:d5:
29:70:ed:c4:5e:61:bd:f5:cf:73:3c:da:a9:e2:0d:
4e:46:7d:1a:59:46:d9:51:c8:5c:a0:cf:ad:97:0a:
2f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:26:0D:B7:FB:C9:F2:1B:39:17:DD:91:C7:B6:0A:8A:42:52:33:C3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/735c77c2-71fa-4be3-832b-a90d38af5701.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.153.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:02:bd:bb:bc:a8:dc:98:18:30:e8:81:f1:09:58:d3:a6:5d:
9d:11:b2:84:6d:bc:fb:ab:0d:2a:fe:1f:aa:8b:2b:09:4d:30:
8d:17:1b:8b:80:18:fe:a0:ee:89:11:0f:c1:03:af:18:46:22:
be:7e:d8:79:e3:4d:fb:6d:86:c6:9c:b6:00:fb:e0:ca:1c:b9:
26:36:43:b6:64:da:1b:47:a0:b2:f0:62:42:8a:5a:2a:da:b1:
ae:68:d2:c0:ca:34:c4:02:25:c9:2f:8e:a9:5a:97:fb:d9:21:
ec:89:e7:99:7f:41:96:2b:10:1f:1f:57:5b:18:42:47:9c:ee:
5d:fd:0c:61:20:bc:a7:1d:2e:70:44:31:68:b4:eb:a7:b7:80:
e6:ee:5c:da:51:37:52:03:58:10:0d:40:21:f4:4a:10:5f:ad:
7f:ad:c7:dc:93:bc:0e:b9:ba:cb:91:97:4a:0b:d8:a2:dc:e9:
2d:a1:eb:ac:f9:a0:f8:99:f6:10:7e:cf:00:3e:c4:7c:6d:5f:
2e:70:86:21:ed:1b:e0:04:22:fd:9d:8e:08:a3:ea:20:f4:bb:
3f:ab:87:43:d2:47:18:d9:5c:6a:1e:6e:72:62:f6:d5:d0:b4:
5c:4f:15:05:d3:41:a6:f4:a6:6c:4c:7f:da:b1:2d:bc:21:fc:
47:59:a7:90
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcZbgYeoGvcy7JpE37sTfnqKp3GowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMzU1MmNlYjYwZDcxYjI3NGNlZTUwNmJkY2M1ZGI1Nzk4
YjIyZDcyYzZiOWMwNTE2YWU4MzA0ZWU5ZGRkMDNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoAFXvY+mXU6MDUOljeiBcDVJrcAhEJO+MFBsD2MvHAjSC
DkDU6CGj8xZ+Jm+N8Nwo9XEV5e1kt0kS6uDyiDtMcoyZ3Gs4IcMFvkPcBQcbM5e5
VT7zBA1/kXcxiPvCUDK7fX1xcl9PnoHakzoPMHJRPNQIfbo+meiGQdWkZyHCr3r4
zGbOzogdlGXOnarQ7v9XLF4xA4/8kNjomu7jIU65fs6Gcm63wC8fXbaL/k8mV+0E
i9oqBsfjXx7KTQb0R9oB7V2VJmTPkocYKiJmpsd+5Lip4nD4huFOkdPMfL+R1Slw
7cReYb31z3M82qniDU5GfRpZRtlRyFygz62XCi+/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwiYNt/vJ8hs5F92Rx7YKikJSM8MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzczNWM3N2MyLTcxZmEtNGJlMy04MzJiLWE5MGQzOGFmNTcwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQmTANBgkqhkiG9w0BAQsFAAOCAQEAlQK9u7yo3JgYMOiB8QlY06ZdnRGy
hG28+6sNKv4fqosrCU0wjRcbi4AY/qDuiREPwQOvGEYivn7YeeNN+22Gxpy2APvg
yhy5JjZDtmTaG0egsvBiQopaKtqxrmjSwMo0xAIlyS+OqVqX+9kh7InnmX9BlisQ
Hx9XWxhCR5zuXf0MYSC8px0ucEQxaLTrp7eA5u5c2lE3UgNYEA1AIfRKEF+tf63H
3JO8Drm6y5GXSgvYotzpLaHrrPmg+Jn2EH7PAD7EfG1fLnCGIe0b4AQi/Z2OCKPq
IPS7P6uHQ9JHGNlcah5ucmL21dC0XE8VBdNBpvSmbEx/2rEtvCH8R1mnkA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:40:49 2025 by rpki-client