Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/746213b8-73de-4fe3-8de6-6da7407d8393.roa
File: 746213b8-73de-4fe3-8de6-6da7407d8393.roa (raw, json)
Hash identifier: WtShg62TTol8u1mZgR3nvYAr6JO0ddF31sJrO9qLy6k=
Subject key identifier: 7C:CF:66:BD:0A:10:0E:C0:C0:C1:46:69:7B:07:C8:3D:0D:30:ED:7D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 32E3BDDAAB6B8D82FE07DC44DA9E9EA6F46D6A92
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/746213b8-73de-4fe3-8de6-6da7407d8393.roa
Signing time: Wed 12 Mar 2025 00:20:37 +0000
ROA not before: Wed 12 Mar 2025 00:20:37 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 6167
IP address blocks: 204.126.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:e3:bd:da:ab:6b:8d:82:fe:07:dc:44:da:9e:9e:a6:f4:6d:6a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 12 00:20:37 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: serialNumber=1102659fa56643530f56d09eaa2b6c286653d315584701511efa6b6326611c83, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:04:69:00:35:b4:20:65:b6:b1:bc:71:86:ec:
2f:d1:ea:40:f3:b8:26:f7:5c:a7:3d:85:7c:f3:05:
ff:0b:0b:de:b6:26:00:4c:9d:29:b4:84:d2:7a:c8:
31:6d:f7:d2:49:b1:86:b8:75:63:37:04:94:95:dc:
ff:c5:fe:1b:b4:1c:15:9c:9d:af:73:da:00:94:20:
b6:d4:21:b4:90:11:24:f5:13:32:c8:d4:dd:ab:37:
1e:e6:19:74:fb:cc:53:2a:c6:7c:bd:5e:ce:bb:6e:
3d:87:bd:3c:2a:e1:0d:71:fc:41:23:fe:4d:2e:25:
b9:be:6e:9d:af:7e:30:a1:c4:7d:74:3a:b8:8b:7a:
17:b3:ec:90:77:6d:23:db:88:6b:cc:79:bc:a4:8a:
e6:11:a0:75:4d:e7:5f:0f:8f:e1:58:24:7b:36:78:
db:11:ac:f6:cf:cb:db:49:c9:70:dd:5d:4d:94:20:
79:43:e4:59:e6:c9:0d:21:4b:24:35:60:f5:21:15:
9c:ce:c0:15:10:cc:44:9e:b5:b2:35:74:8e:f2:4e:
b1:07:63:79:01:ce:cb:7f:bf:33:2a:5b:49:0b:bc:
59:5a:96:82:41:fe:a3:06:08:f5:48:d5:8e:a5:d5:
e5:7e:47:b0:38:94:cf:a5:fd:b4:40:77:d3:05:cd:
a1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CF:66:BD:0A:10:0E:C0:C0:C1:46:69:7B:07:C8:3D:0D:30:ED:7D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/746213b8-73de-4fe3-8de6-6da7407d8393.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.126.25.0/24
Signature Algorithm: sha256WithRSAEncryption
48:8f:40:5e:a0:80:23:98:06:e7:e1:45:3b:95:46:24:08:ed:
f9:d0:ff:a7:a9:0b:52:78:17:b6:a5:7a:53:96:79:76:55:cd:
1a:23:1f:b7:78:07:01:dd:b6:ec:27:11:f3:e9:7a:34:a4:fe:
0e:53:d6:0a:d9:48:bf:cf:1a:25:01:75:41:c7:1c:f3:c3:3d:
15:70:70:4b:86:c7:f9:e7:83:86:96:d4:22:60:fe:64:25:e5:
93:e6:a2:36:74:d4:ea:7a:9c:3c:aa:e5:ab:f1:55:cd:33:09:
40:39:a4:af:03:7c:7b:23:db:6a:95:fc:9f:5a:02:95:36:c1:
0d:22:62:ac:a8:63:a4:e6:99:50:be:3d:83:69:29:17:45:3c:
70:e2:33:d9:39:61:07:e5:97:9a:f0:81:6f:9f:a3:f9:11:56:
20:cd:a5:dd:bf:93:e8:99:cb:5d:87:9f:18:ba:37:25:20:72:
36:29:05:6e:3f:a6:1f:22:9c:7d:36:9d:be:16:3e:b2:69:e6:
e5:e6:3f:c5:af:af:eb:b3:b4:01:9a:4c:8d:e2:01:04:aa:4d:
4e:e3:70:8b:8d:e7:52:78:58:5b:d0:48:33:93:0b:00:2e:32:
a5:b2:e8:0f:0e:f2:52:2a:01:b7:8a:00:22:28:51:a7:93:e9:
f2:2a:7d:b1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMuO92qtrjYL+B9xE2p6epvRtapIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAyMDM3WhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMTAyNjU5ZmE1NjY0MzUzMGY1NmQwOWVhYTJiNmMyODY2
NTNkMzE1NTg0NzAxNTExZWZhNmI2MzI2NjExYzgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDABGkANbQgZbaxvHGG7C/R6kDzuCb3XKc9hXzzBf8LC962
JgBMnSm0hNJ6yDFt99JJsYa4dWM3BJSV3P/F/hu0HBWcna9z2gCUILbUIbSQEST1
EzLI1N2rNx7mGXT7zFMqxny9Xs67bj2HvTwq4Q1x/EEj/k0uJbm+bp2vfjChxH10
OriLehez7JB3bSPbiGvMebykiuYRoHVN518Pj+FYJHs2eNsRrPbPy9tJyXDdXU2U
IHlD5FnmyQ0hSyQ1YPUhFZzOwBUQzESetbI1dI7yTrEHY3kBzst/vzMqW0kLvFla
loJB/qMGCPVI1Y6l1eV+R7A4lM+l/bRAd9MFzaE5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfM9mvQoQDsDAwUZpewfIPQ0w7X0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc0NjIxM2I4LTczZGUtNGZlMy04ZGU2LTZkYTc0MDdkODM5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADMfhkwDQYJKoZIhvcNAQELBQADggEBAEiPQF6ggCOYBufhRTuVRiQI7fnQ
/6epC1J4F7alelOWeXZVzRojH7d4BwHdtuwnEfPpejSk/g5T1grZSL/PGiUBdUHH
HPPDPRVwcEuGx/nng4aW1CJg/mQl5ZPmojZ01Op6nDyq5avxVc0zCUA5pK8DfHsj
22qV/J9aApU2wQ0iYqyoY6TmmVC+PYNpKRdFPHDiM9k5YQfll5rwgW+fo/kRViDN
pd2/k+iZy12Hnxi6NyUgcjYpBW4/ph8inH02nb4WPrJp5uXmP8Wvr+uztAGaTI3i
AQSqTU7jcIuN51J4WFvQSDOTCwAuMqWy6A8O8lIqAbeKACIoUaeT6fIqfbE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:11 2025 by rpki-client