Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/73c4295f-673a-4c0b-8757-c73b2a18288d.roa
File: 73c4295f-673a-4c0b-8757-c73b2a18288d.roa (raw, json)
Hash identifier: 9655szu9+DV9VJg5UMk0YJ5kB/4aPNeLC4iRC3vEAqY=
Subject key identifier: F1:89:8F:1C:2C:15:5B:44:05:8B:1E:9B:2A:06:EE:DC:E6:D8:E0:57
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2A9910232C3655CD3BD37A6CD30A5FC29355F290
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/73c4295f-673a-4c0b-8757-c73b2a18288d.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 167.241.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:99:10:23:2c:36:55:cd:3b:d3:7a:6c:d3:0a:5f:c2:93:55:f2:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=f8589765193afae48428abe90302e21b85cf39330b27c44de4e5e996e7b83920, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6b:a4:ae:bd:23:93:5e:32:ac:66:b9:43:52:
c0:c4:40:b6:f8:ba:dd:d1:7a:b6:f0:74:ca:6a:23:
29:69:07:6b:a5:c8:6e:e9:df:c6:6d:61:52:84:ac:
40:86:96:c3:a3:1d:3f:02:ca:7d:30:2e:2c:9a:bc:
e2:e8:96:70:16:b6:f5:b8:9e:7a:6e:f9:69:83:ae:
d0:ac:d6:f8:83:28:ff:f9:24:e4:06:60:4f:0f:0b:
02:43:13:08:40:f1:06:b7:a4:30:03:36:a1:cc:b0:
e5:b9:bc:e5:c1:87:b8:64:1c:9e:34:05:b8:45:0a:
20:ed:c9:2b:b3:43:ed:f7:30:68:d4:fa:1a:50:64:
5e:6c:14:a8:bb:ac:52:f8:2f:e7:d6:07:00:da:d6:
02:8c:95:39:ea:a8:de:09:f2:15:9f:86:3e:e4:12:
c9:20:6f:c6:9d:3f:c4:e0:92:f2:98:52:56:99:8f:
f4:19:b3:d0:c2:e9:74:57:99:13:90:99:31:ed:25:
b9:6e:f6:45:5c:2c:8d:e6:8e:89:d4:19:a2:b5:84:
cf:ca:0a:8b:11:4f:bb:5f:2b:28:4a:39:17:64:ff:
49:c2:0f:fa:71:de:c8:fc:e3:88:b6:ce:9a:f9:1b:
b9:b5:5f:02:e2:04:01:24:5e:5a:2a:a3:6a:1e:8f:
3d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:89:8F:1C:2C:15:5B:44:05:8B:1E:9B:2A:06:EE:DC:E6:D8:E0:57
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/73c4295f-673a-4c0b-8757-c73b2a18288d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.241.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:c9:48:15:ee:dc:1f:3f:7d:7c:0e:a0:73:02:2c:0a:e4:6f:
7d:d0:0f:43:2e:ef:dd:cb:53:75:9d:63:37:64:24:9e:10:69:
82:42:8a:94:42:08:89:c7:39:b0:7b:b4:fd:50:11:99:11:0d:
0e:d5:d2:26:b8:35:d9:38:ba:7a:e8:e3:48:61:c0:94:58:71:
79:82:42:d2:3b:52:37:17:12:37:40:98:4c:73:14:d9:b5:25:
f4:46:37:6d:da:f7:bc:ea:d2:be:2e:58:11:ef:e7:7c:02:01:
34:ac:9d:32:9f:bd:3f:d1:ff:93:4a:b2:02:b7:46:9a:22:e9:
a3:43:f3:f8:1f:58:32:16:dd:c9:27:68:1e:95:2d:bb:cd:bb:
93:d5:bd:9f:ab:52:5a:22:fe:2e:5b:e7:1d:f4:67:70:a2:56:
2c:34:34:ed:63:c1:a2:80:5f:93:6e:ef:24:76:21:b0:28:d4:
70:28:46:3a:26:6b:56:f3:49:95:2f:74:f5:33:d0:aa:34:af:
d0:51:03:cd:fe:1f:02:0d:c9:78:af:5f:1e:3e:9e:e7:13:2f:
ea:94:d0:3c:5b:b4:d5:48:97:51:f2:55:63:a0:00:2e:f9:fd:
0f:00:69:f7:d6:d9:ef:8e:a4:ec:50:84:df:a8:08:7d:b0:e9:
7a:cf:e9:7a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKpkQIyw2Vc0703ps0wpfwpNV8pAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmODU4OTc2NTE5M2FmYWU0ODQyOGFiZTkwMzAyZTIxYjg1
Y2YzOTMzMGIyN2M0NGRlNGU1ZTk5NmU3YjgzOTIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDba6SuvSOTXjKsZrlDUsDEQLb4ut3RerbwdMpqIylpB2ul
yG7p38ZtYVKErECGlsOjHT8Cyn0wLiyavOLolnAWtvW4nnpu+WmDrtCs1viDKP/5
JOQGYE8PCwJDEwhA8Qa3pDADNqHMsOW5vOXBh7hkHJ40BbhFCiDtySuzQ+33MGjU
+hpQZF5sFKi7rFL4L+fWBwDa1gKMlTnqqN4J8hWfhj7kEskgb8adP8TgkvKYUlaZ
j/QZs9DC6XRXmROQmTHtJblu9kVcLI3mjonUGaK1hM/KCosRT7tfKyhKORdk/0nC
D/px3sj844i2zpr5G7m1XwLiBAEkXloqo2oejz31AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8YmPHCwVW0QFix6bKgbu3ObY4FcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzczYzQyOTVmLTY3M2EtNGMwYi04NzU3LWM3M2IyYTE4Mjg4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCn8TANBgkqhkiG9w0BAQsFAAOCAQEAZslIFe7cHz99fA6gcwIsCuRvfdAP
Qy7v3ctTdZ1jN2QknhBpgkKKlEIIicc5sHu0/VARmRENDtXSJrg12Ti6eujjSGHA
lFhxeYJC0jtSNxcSN0CYTHMU2bUl9EY3bdr3vOrSvi5YEe/nfAIBNKydMp+9P9H/
k0qyArdGmiLpo0Pz+B9YMhbdySdoHpUtu827k9W9n6tSWiL+LlvnHfRncKJWLDQ0
7WPBooBfk27vJHYhsCjUcChGOiZrVvNJlS909TPQqjSv0FEDzf4fAg3JeK9fHj6e
5xMv6pTQPFu01UiXUfJVY6AALvn9DwBp99bZ746k7FCE36gIfbDpes/peg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:40:35 2025 by rpki-client