Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7674b9ce-f436-4132-8cec-d9fd050b1a07.roa
File: 7674b9ce-f436-4132-8cec-d9fd050b1a07.roa (raw, json)
Hash identifier: xpdKoJnCnLGmMwxZ4+2LMZA7/5lfQD3ZVaTy6kVTlQk=
Subject key identifier: 1D:33:A1:56:D2:FB:C0:5A:C6:E7:90:72:B6:7B:CF:C7:45:13:EC:52
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6A2421273556DDB868ED10776E5CCC15D8F252A0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7674b9ce-f436-4132-8cec-d9fd050b1a07.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 198.99.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:24:21:27:35:56:dd:b8:68:ed:10:77:6e:5c:cc:15:d8:f2:52:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=8503d7ef2a50bb5be71735831cea004d62f449768884267ea0f3bb588eef488e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:48:94:89:56:6c:45:79:6b:0b:e7:ba:3f:90:
ae:1a:2a:67:47:59:32:e1:f0:4d:af:b3:fc:4f:0b:
bd:53:a6:69:64:d8:e5:96:91:6a:32:59:04:8a:d3:
06:7f:a4:67:36:4c:f9:8d:79:f1:9d:5f:87:e7:46:
8b:5e:f9:09:56:e1:68:82:11:c0:a8:9b:2e:60:2c:
75:e3:4c:99:c2:b9:de:fa:d7:31:94:80:32:e0:4f:
a6:0b:97:7d:31:6d:59:9b:e2:67:b5:d6:7f:99:18:
31:b2:ab:02:73:cb:b4:cf:4e:49:1a:f6:5b:c0:a8:
3c:cf:6b:8b:f5:cf:fd:fa:c9:77:1e:00:1f:40:fe:
12:c6:c6:0d:72:3f:4b:ff:69:f8:16:8f:3b:20:cf:
b9:03:7f:57:3a:7e:d1:be:11:0d:92:33:5e:d1:e1:
18:93:1e:15:e4:ba:0c:9b:55:e2:7f:09:ec:f7:26:
d8:7c:3b:48:ce:5d:45:54:15:6b:f2:e2:6b:bc:15:
d6:c1:c2:7a:97:49:02:49:1a:3b:7f:40:70:03:7a:
27:4b:32:2d:81:9f:78:da:0e:63:a2:a3:11:b7:95:
43:ef:01:16:03:51:54:78:29:eb:10:14:7b:2d:a8:
5c:78:fe:f8:09:02:8a:bd:ce:cf:6c:55:d3:59:21:
b2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:A1:56:D2:FB:C0:5A:C6:E7:90:72:B6:7B:CF:C7:45:13:EC:52
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7674b9ce-f436-4132-8cec-d9fd050b1a07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.99.3.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c7:e8:26:b0:59:3f:40:14:2a:6f:0e:9e:a9:3c:c4:1f:2d:
41:f3:7c:d4:aa:57:d6:2f:b3:24:5b:36:7a:b7:7f:cb:2f:de:
78:cb:83:f0:83:54:bb:fe:69:98:4f:c1:c9:ad:d2:07:e1:f2:
5e:b8:44:85:b4:5a:13:0e:39:63:34:b8:c9:90:b1:ad:d2:46:
1c:10:12:6d:44:d8:5b:19:e0:3c:92:2a:ba:0f:51:ec:2f:1f:
38:38:9b:e8:26:56:93:99:8d:ef:e4:47:71:03:b4:b0:83:bd:
fa:bb:10:84:ca:af:62:29:ee:64:4b:dc:69:b6:d4:02:b0:ff:
93:59:16:e5:7b:14:c3:5b:c6:a9:ad:43:53:7a:d8:9e:0a:c5:
62:7c:f8:82:9a:d7:c1:43:10:b0:2f:ef:27:95:6e:57:00:cb:
a1:75:38:5f:52:5e:e0:77:da:6e:23:e2:80:79:da:b1:a8:1c:
2b:5c:a5:d9:76:a6:c2:7a:c1:89:44:e4:e3:52:30:fd:d6:3e:
cc:ae:90:00:f0:5e:a1:cd:72:09:2b:9e:5d:a7:a4:ee:9a:cd:
24:87:c7:41:ea:3d:bb:a2:7a:7b:3b:4a:64:76:2d:c7:8b:41:
af:56:15:e8:4e:b9:fb:1c:07:48:bd:8b:51:5e:93:14:1b:4d:
42:36:52:b4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaiQhJzVW3bho7RB3blzMFdjyUqAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NTAzZDdlZjJhNTBiYjViZTcxNzM1ODMxY2VhMDA0ZDYy
ZjQ0OTc2ODg4NDI2N2VhMGYzYmI1ODhlZWY0ODhlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4SJSJVmxFeWsL57o/kK4aKmdHWTLh8E2vs/xPC71Tpmlk
2OWWkWoyWQSK0wZ/pGc2TPmNefGdX4fnRote+QlW4WiCEcComy5gLHXjTJnCud76
1zGUgDLgT6YLl30xbVmb4me11n+ZGDGyqwJzy7TPTkka9lvAqDzPa4v1z/36yXce
AB9A/hLGxg1yP0v/afgWjzsgz7kDf1c6ftG+EQ2SM17R4RiTHhXkugybVeJ/Cez3
Jth8O0jOXUVUFWvy4mu8FdbBwnqXSQJJGjt/QHADeidLMi2Bn3jaDmOioxG3lUPv
ARYDUVR4KesQFHstqFx4/vgJAoq9zs9sVdNZIbJPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHTOhVtL7wFrG55BytnvPx0UT7FIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc2NzRiOWNlLWY0MzYtNDEzMi04Y2VjLWQ5ZmQwNTBiMWEwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGYwMwDQYJKoZIhvcNAQELBQADggEBAIHH6CawWT9AFCpvDp6pPMQfLUHz
fNSqV9YvsyRbNnq3f8sv3njLg/CDVLv+aZhPwcmt0gfh8l64RIW0WhMOOWM0uMmQ
sa3SRhwQEm1E2FsZ4DySKroPUewvHzg4m+gmVpOZje/kR3EDtLCDvfq7EITKr2Ip
7mRL3Gm21AKw/5NZFuV7FMNbxqmtQ1N62J4KxWJ8+IKa18FDELAv7yeVblcAy6F1
OF9SXuB32m4j4oB52rGoHCtcpdl2psJ6wYlE5ONSMP3WPsyukADwXqHNcgkrnl2n
pO6azSSHx0HqPbuiens7SmR2LceLQa9WFehOufscB0i9i1FekxQbTUI2UrQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:41:32 2025 by rpki-client