Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/790acf16-ed18-4049-99fe-fe5d7b719385.roa
File: 790acf16-ed18-4049-99fe-fe5d7b719385.roa (raw, json)
Hash identifier: gbeLYfYyeKut1DLNCqSicmFFMh8eCrfNnuf9w0p90XM=
Subject key identifier: 69:18:4F:63:16:8B:C8:67:F0:DF:55:A0:AD:BA:AC:DA:7C:D6:83:65
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6A1B08A63AF02BD9C1024E23D0C84E96FB8D534D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/790acf16-ed18-4049-99fe-fe5d7b719385.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 16.179.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:1b:08:a6:3a:f0:2b:d9:c1:02:4e:23:d0:c8:4e:96:fb:8d:53:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=494ea6579bf5f616d0335e703e9f0429a1e09fc3f78cdcc85d471a72f6992378, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e2:e6:4a:e8:b8:eb:5f:d8:3a:42:21:b6:84:
c7:3d:28:62:fa:ae:79:13:08:3a:81:dd:99:71:1a:
b0:83:83:6a:86:1b:9b:5e:d9:8d:f8:97:28:4b:97:
be:19:c2:30:f9:04:d6:f4:20:0f:eb:97:3a:25:97:
5c:18:85:06:3d:07:5d:33:9a:25:be:cf:c9:13:ac:
07:f3:ef:45:58:f6:05:60:f7:f8:c3:48:18:f5:59:
81:70:f4:6f:ea:3e:e0:86:20:9c:7a:ef:74:2f:e0:
ae:4c:a5:b4:c5:2a:86:bf:ce:fb:f2:e5:3a:9e:6b:
46:27:f3:f3:b2:6b:8e:47:53:ce:79:3a:6a:a3:b2:
80:d3:01:1f:6c:a5:ff:46:e0:04:14:32:d9:e4:7a:
5c:60:48:37:dd:60:ac:c0:9d:e9:fd:fa:e2:96:54:
c3:48:00:79:fa:a6:c6:2a:e9:93:da:d2:8b:22:2c:
0a:6b:b4:48:74:7b:40:6d:80:2f:81:3a:23:41:a9:
ce:f8:a8:b0:66:c7:42:49:ea:14:2c:cf:a4:30:ac:
35:32:7b:cf:ec:e2:3d:6f:6b:fc:02:cb:03:2a:ae:
45:e8:46:22:4f:56:f7:f1:a9:fe:bb:82:7a:bd:4e:
5d:5e:c4:8e:05:8c:78:8d:6e:61:2c:e0:8f:62:8d:
e9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:18:4F:63:16:8B:C8:67:F0:DF:55:A0:AD:BA:AC:DA:7C:D6:83:65
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/790acf16-ed18-4049-99fe-fe5d7b719385.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.179.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:03:7f:68:54:ec:9e:82:22:c0:1c:6e:9e:a1:17:4a:eb:2e:
09:2b:4d:b9:a5:2e:f5:83:77:e6:b7:3e:d2:2e:c4:a9:01:3b:
c2:62:7d:5c:c1:1d:25:6f:42:e2:ea:5c:1b:b5:f2:6a:ee:0c:
0b:63:9c:c8:33:dd:c3:47:ee:8d:91:53:69:ca:6c:f5:64:12:
d2:73:0e:aa:e2:fd:b2:dc:a3:61:a8:81:17:33:57:5f:73:30:
67:35:eb:aa:5d:08:cf:f6:5f:4a:de:23:ff:dc:f6:4c:e3:b8:
30:2f:b8:17:a6:90:3e:b7:34:e7:ad:6a:43:16:cb:2e:32:04:
46:f0:a3:66:3c:74:3c:f1:49:12:75:6d:f2:cc:69:d7:6d:ab:
49:c9:f1:57:4e:0e:4b:c9:c5:b2:05:8b:e4:a2:07:8d:43:56:
5b:e8:c6:6b:8c:93:56:de:5f:75:7a:9c:33:6d:b8:07:59:f5:
f5:e3:03:26:0f:09:bd:79:2b:55:7e:b4:07:9a:b4:97:b0:2d:
8c:54:25:9d:c5:9c:ed:3b:d2:51:46:c0:37:42:5c:49:f6:fa:
ef:60:cb:46:d7:dd:96:09:63:11:a0:fe:7e:44:e5:f8:d8:97:
8a:a4:16:7c:fa:9e:22:98:3c:d8:e6:2f:8a:8c:c9:f8:a3:25:
02:a2:01:a5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUahsIpjrwK9nBAk4j0MhOlvuNU00wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTRlYTY1NzliZjVmNjE2ZDAzMzVlNzAzZTlmMDQyOWEx
ZTA5ZmMzZjc4Y2RjYzg1ZDQ3MWE3MmY2OTkyMzc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC74uZK6LjrX9g6QiG2hMc9KGL6rnkTCDqB3ZlxGrCDg2qG
G5te2Y34lyhLl74ZwjD5BNb0IA/rlzoll1wYhQY9B10zmiW+z8kTrAfz70VY9gVg
9/jDSBj1WYFw9G/qPuCGIJx673Qv4K5MpbTFKoa/zvvy5Tqea0Yn8/Oya45HU855
OmqjsoDTAR9spf9G4AQUMtnkelxgSDfdYKzAnen9+uKWVMNIAHn6psYq6ZPa0osi
LAprtEh0e0BtgC+BOiNBqc74qLBmx0JJ6hQsz6QwrDUye8/s4j1va/wCywMqrkXo
RiJPVvfxqf67gnq9Tl1exI4FjHiNbmEs4I9ijekFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUaRhPYxaLyGfw31Wgrbqs2nzWg2UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5MGFjZjE2LWVkMTgtNDA0OS05OWZlLWZlNWQ3YjcxOTM4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQszANBgkqhkiG9w0BAQsFAAOCAQEAwgN/aFTsnoIiwBxunqEXSusuCStN
uaUu9YN35rc+0i7EqQE7wmJ9XMEdJW9C4upcG7Xyau4MC2OcyDPdw0fujZFTacps
9WQS0nMOquL9styjYaiBFzNXX3MwZzXrql0Iz/ZfSt4j/9z2TOO4MC+4F6aQPrc0
561qQxbLLjIERvCjZjx0PPFJEnVt8sxp122rScnxV04OS8nFsgWL5KIHjUNWW+jG
a4yTVt5fdXqcM224B1n19eMDJg8JvXkrVX60B5q0l7AtjFQlncWc7TvSUUbAN0Jc
Sfb672DLRtfdlgljEaD+fkTl+NiXiqQWfPqeIpg82OYviozJ+KMlAqIBpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:03 2025 by rpki-client