Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e91058d-1af3-40b3-946f-0ad03f8d1259.roa
File: 7e91058d-1af3-40b3-946f-0ad03f8d1259.roa (raw, json)
Hash identifier: hrQY7D7O0Fe2LL7lhXFNSdZNYPGIYmVln+4JmU4jZAQ=
Subject key identifier: 3F:AA:5D:CD:25:C9:EC:85:66:A5:E1:7C:B9:B3:BD:E6:AE:8E:94:BB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2854E1D130E2116302BA1E5798298A492895F2F8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e91058d-1af3-40b3-946f-0ad03f8d1259.roa
Signing time: Wed 12 Mar 2025 00:21:20 +0000
ROA not before: Wed 12 Mar 2025 00:21:20 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 162.219.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:54:e1:d1:30:e2:11:63:02:ba:1e:57:98:29:8a:49:28:95:f2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 12 00:21:20 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: serialNumber=8620019ee94350793888df19487635293150828b02c9d9d838cffc3907452bcd, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2d:4a:e0:1e:87:43:f0:7e:3c:df:55:66:9d:
07:1a:e8:17:e9:f7:40:ee:fd:d5:53:41:f7:aa:e6:
ca:10:84:b3:8e:f7:6a:77:9b:b3:58:28:0a:84:cb:
a7:98:92:c6:8a:0d:6b:ba:ca:ab:88:39:f2:b8:ea:
fe:2b:70:bd:40:6c:24:cb:17:cb:0d:0d:69:74:d3:
44:03:0c:aa:a6:ec:38:5f:3c:c4:a2:7c:2c:68:33:
a1:c2:68:dd:ff:9f:2a:a4:c2:05:87:d0:9b:48:3e:
84:4a:6a:50:b5:a7:60:5d:82:a0:04:36:ff:30:30:
cb:55:f2:4c:34:81:1f:a3:8a:fa:b5:fe:f4:17:d9:
7f:6f:11:ea:b0:a3:c8:9f:3c:be:ea:70:a8:ef:31:
a6:cb:8f:73:58:44:08:12:39:24:8b:ea:bf:35:aa:
86:12:5f:58:bc:fd:c4:d5:29:3e:8d:c5:7f:c4:9b:
e6:b5:2e:51:9a:1e:bf:f9:43:d9:95:e0:22:22:db:
d4:ea:46:b8:c0:4b:a0:48:2e:05:55:ba:67:f6:8b:
a6:24:dc:ff:e6:c6:52:0f:67:93:b5:78:8b:f4:d7:
a0:ec:f4:e4:e7:5f:73:db:af:9f:9b:9e:23:4c:91:
8b:db:44:ec:c1:5d:49:cf:f8:05:34:4c:44:65:81:
56:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AA:5D:CD:25:C9:EC:85:66:A5:E1:7C:B9:B3:BD:E6:AE:8E:94:BB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e91058d-1af3-40b3-946f-0ad03f8d1259.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.219.224.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:43:98:1c:d7:3b:55:72:1d:eb:6e:c7:b4:f1:53:54:65:34:
c0:12:cf:32:29:48:8b:9f:0e:90:20:4b:0a:bf:61:62:4a:a0:
30:71:82:70:1e:e4:8d:3f:ab:ac:f4:67:d1:a6:f4:3b:b6:cd:
18:71:5a:fa:03:65:fc:56:9d:13:93:53:6b:33:c6:f4:99:dd:
f8:0f:40:bb:05:5b:22:ff:1f:be:91:94:90:21:19:cf:3d:ca:
ab:44:d8:3f:a2:e2:c0:15:a2:ef:73:ca:32:d2:87:00:00:fe:
63:3c:08:e9:b5:bc:3d:1d:e1:18:2b:3d:8f:a2:e9:44:e2:71:
6e:c5:09:99:a0:a0:0a:fe:8a:4a:d4:e0:21:7b:95:93:fb:d0:
6e:8a:54:a5:fa:93:2c:76:7a:ff:6a:8f:f3:4a:7f:a3:36:6e:
f3:53:a4:9d:e4:2c:71:aa:4e:4b:5b:36:6e:9c:4b:89:97:b8:
24:ab:a4:1c:95:55:2c:16:b8:05:5d:93:da:85:10:46:1c:81:
09:e2:3f:40:79:e5:8a:33:f2:1f:b7:ad:85:75:df:18:1c:0c:
4f:a7:e8:1e:ee:7f:5b:11:29:4a:b0:b8:12:ac:d2:fe:7f:70:
fb:58:39:99:fb:09:1f:75:96:99:83:15:32:b4:4d:08:45:03:
b6:3e:43:a0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKFTh0TDiEWMCuh5XmCmKSSiV8vgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAyMTIwWhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NjIwMDE5ZWU5NDM1MDc5Mzg4OGRmMTk0ODc2MzUyOTMx
NTA4MjhiMDJjOWQ5ZDgzOGNmZmMzOTA3NDUyYmNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVLUrgHodD8H4831VmnQca6Bfp90Du/dVTQfeq5soQhLOO
92p3m7NYKAqEy6eYksaKDWu6yquIOfK46v4rcL1AbCTLF8sNDWl000QDDKqm7Dhf
PMSifCxoM6HCaN3/nyqkwgWH0JtIPoRKalC1p2BdgqAENv8wMMtV8kw0gR+jivq1
/vQX2X9vEeqwo8ifPL7qcKjvMabLj3NYRAgSOSSL6r81qoYSX1i8/cTVKT6NxX/E
m+a1LlGaHr/5Q9mV4CIi29TqRrjAS6BILgVVumf2i6Yk3P/mxlIPZ5O1eIv016Ds
9OTnX3Pbr5+bniNMkYvbROzBXUnP+AU0TERlgVZRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUP6pdzSXJ7IVmpeF8ubO95q6OlLswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdlOTEwNThkLTFhZjMtNDBiMy05NDZmLTBhZDAzZjhkMTI1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKi2+AwDQYJKoZIhvcNAQELBQADggEBAKZDmBzXO1VyHetux7TxU1RlNMAS
zzIpSIufDpAgSwq/YWJKoDBxgnAe5I0/q6z0Z9Gm9Du2zRhxWvoDZfxWnROTU2sz
xvSZ3fgPQLsFWyL/H76RlJAhGc89yqtE2D+i4sAVou9zyjLShwAA/mM8COm1vD0d
4RgrPY+i6UTicW7FCZmgoAr+ikrU4CF7lZP70G6KVKX6kyx2ev9qj/NKf6M2bvNT
pJ3kLHGqTktbNm6cS4mXuCSrpByVVSwWuAVdk9qFEEYcgQniP0B55Yoz8h+3rYV1
3xgcDE+n6B7uf1sRKUqwuBKs0v5/cPtYOZn7CR91lpmDFTK0TQhFA7Y+Q6A=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:26:47 2025 by rpki-client