Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c8e649a-a8e8-4e54-893f-95042a022cae.roa
File: 8c8e649a-a8e8-4e54-893f-95042a022cae.roa (raw, json)
Hash identifier: U/cEj6w0BThNmPGdvsYua/PCtpv0pzdRaz84/jrmgF4=
Subject key identifier: 72:71:ED:38:09:6F:6A:A0:DE:5D:ED:05:AD:03:CC:EF:A0:2C:4F:17
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1DD29D0F2D3145260BAC159510435EFB3D5FEC96
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c8e649a-a8e8-4e54-893f-95042a022cae.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f16::/35 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:d2:9d:0f:2d:31:45:26:0b:ac:15:95:10:43:5e:fb:3d:5f:ec:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=19508b45a3d538c58873ea3188239527d7ef9d65e13a96f166cf808483c97797, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fa:04:68:75:1e:0f:e7:aa:af:2d:77:65:1d:
93:43:9f:ad:c9:67:c0:41:79:1b:67:cd:47:4a:ae:
e8:07:e3:50:11:8c:21:8d:fe:82:45:d4:da:2f:97:
fc:5c:7c:a4:28:ca:10:30:0a:c8:19:8c:3c:88:c4:
de:d6:79:2e:4b:3c:e3:a7:f1:df:c6:0b:a1:cb:66:
7e:c8:a6:f6:7d:ba:0c:1d:14:d5:ba:a8:17:3b:16:
a8:0a:20:5b:45:d1:1d:75:10:3c:3c:21:1d:b9:ed:
f6:5e:48:31:2c:af:83:eb:a7:89:a4:49:59:58:41:
42:03:57:30:3a:c9:c6:e3:7c:67:0b:09:1d:8c:16:
9f:cf:23:90:2a:43:cd:d6:b8:2d:ec:04:fe:83:05:
bb:ed:39:9c:92:8f:82:ad:e4:e2:9e:1f:f9:1d:bb:
dd:6d:f8:92:bc:ac:50:62:bb:71:7a:96:2d:01:da:
5c:0d:95:5c:6f:7d:5b:eb:fe:fe:79:84:44:66:ae:
80:d3:da:e6:87:c4:1a:f9:25:85:a3:ff:6a:03:19:
eb:13:55:79:ed:3d:14:1b:6d:f5:0d:59:78:12:c2:
37:b2:04:8e:cb:8f:2a:da:8c:9d:79:dc:67:7f:09:
40:3c:af:17:81:65:22:32:40:2e:05:a9:70:bc:a5:
94:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:71:ED:38:09:6F:6A:A0:DE:5D:ED:05:AD:03:CC:EF:A0:2C:4F:17
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c8e649a-a8e8-4e54-893f-95042a022cae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f16::/35
Signature Algorithm: sha256WithRSAEncryption
67:b2:0e:44:55:f0:10:26:ff:87:f5:78:d3:37:37:0e:07:0a:
55:12:e7:bc:cb:07:f4:86:31:40:6f:2b:00:7a:db:a8:f4:00:
ce:b2:1c:79:ea:df:2a:dc:d8:61:88:01:df:a7:45:0c:71:18:
7d:6c:86:86:1f:87:8f:5b:26:b0:1d:18:8f:2c:95:cb:e2:2f:
04:31:4b:16:49:36:27:1d:5c:e9:00:fb:1b:a8:48:8e:28:a1:
47:77:e1:ef:db:b3:b2:56:20:54:0f:c6:a8:26:f1:8a:a1:95:
fd:fd:c2:8d:50:d0:36:6e:74:4b:71:25:a5:cb:6f:66:aa:b0:
5e:35:9c:41:49:8e:26:29:de:95:7b:1c:4e:e8:84:29:37:38:
9a:1a:74:89:d9:9b:99:96:21:74:5a:af:cf:c7:d6:d5:eb:31:
1d:be:cf:67:6e:25:15:2d:7f:ed:0b:ad:a8:46:c4:0f:d5:07:
34:af:1e:6e:b4:98:f9:f0:9e:cb:b7:32:02:f1:cd:d1:da:4f:
2e:ee:9b:26:13:c8:ce:4b:71:2d:a6:d9:d5:fe:32:4e:cb:be:
83:a6:43:bd:1b:54:1b:d3:f8:bb:d6:66:3b:d7:a9:a4:f5:84:
20:1c:3b:b0:a7:8b:74:f4:b6:92:00:24:c3:80:4c:d2:72:37:
d6:66:b5:b8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHdKdDy0xRSYLrBWVEENe+z1f7JYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTUwOGI0NWEzZDUzOGM1ODg3M2VhMzE4ODIzOTUyN2Q3
ZWY5ZDY1ZTEzYTk2ZjE2NmNmODA4NDgzYzk3Nzk3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCS+gRodR4P56qvLXdlHZNDn63JZ8BBeRtnzUdKrugH41AR
jCGN/oJF1Novl/xcfKQoyhAwCsgZjDyIxN7WeS5LPOOn8d/GC6HLZn7IpvZ9ugwd
FNW6qBc7FqgKIFtF0R11EDw8IR257fZeSDEsr4Prp4mkSVlYQUIDVzA6ycbjfGcL
CR2MFp/PI5AqQ83WuC3sBP6DBbvtOZySj4Kt5OKeH/kdu91t+JK8rFBiu3F6li0B
2lwNlVxvfVvr/v55hERmroDT2uaHxBr5JYWj/2oDGesTVXntPRQbbfUNWXgSwjey
BI7LjyrajJ153Gd/CUA8rxeBZSIyQC4FqXC8pZR/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUcnHtOAlvaqDeXe0FrQPM76AsTxcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhjOGU2NDlhLWE4ZTgtNGU1NC04OTNmLTk1MDQyYTAyMmNhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgUmAB8WADANBgkqhkiG9w0BAQsFAAOCAQEAZ7IORFXwECb/h/V40zc3DgcK
VRLnvMsH9IYxQG8rAHrbqPQAzrIceerfKtzYYYgB36dFDHEYfWyGhh+Hj1smsB0Y
jyyVy+IvBDFLFkk2Jx1c6QD7G6hIjiihR3fh79uzslYgVA/GqCbxiqGV/f3CjVDQ
Nm50S3ElpctvZqqwXjWcQUmOJinelXscTuiEKTc4mhp0idmbmZYhdFqvz8fW1esx
Hb7PZ24lFS1/7QutqEbED9UHNK8ebrSY+fCey7cyAvHN0dpPLu6bJhPIzktxLabZ
1f4yTsu+g6ZDvRtUG9P4u9ZmO9eppPWEIBw7sKeLdPS2kgAkw4BM0nI31ma1uA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:19:20 2025 by rpki-client