Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d7c7b68-5c04-4169-bd00-6fee1b5f66af.roa
File: 8d7c7b68-5c04-4169-bd00-6fee1b5f66af.roa (raw, json)
Hash identifier: JFrX3+dzk2G1fbxkhmc9Ti7AKdkfdCIa593uo6Q0sNQ=
Subject key identifier: 99:9B:BD:0B:49:C8:07:83:4E:AE:66:DF:CA:08:5B:BE:10:AF:39:E1
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5BDBA569DAAE98D555C6991D7531A8DAFADE3953
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d7c7b68-5c04-4169-bd00-6fee1b5f66af.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 204.15.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:db:a5:69:da:ae:98:d5:55:c6:99:1d:75:31:a8:da:fa:de:39:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=c07fc64fd4df6a69062c9e57e9719d03b7381e9ccf0b8682a7aeed4a415a3b8f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a6:29:28:76:09:e3:17:6e:72:4f:3e:0f:a6:
72:02:d3:19:d7:30:1e:6d:d2:65:20:57:8f:99:4d:
e3:cf:47:46:f8:03:1b:2f:33:71:69:13:50:ec:a3:
23:97:20:89:90:5e:42:a2:ba:de:b3:32:f1:c3:1a:
41:e9:66:e4:86:97:12:a3:26:e4:4b:0b:e8:c2:db:
34:d3:70:f2:dc:83:45:b4:c8:cc:d1:b1:51:08:d3:
5d:19:6d:10:73:55:e2:55:07:d8:45:06:60:c0:95:
19:ce:e3:55:62:6c:ec:5f:8c:1f:19:0b:d8:ac:72:
ba:fc:e3:1c:30:09:1a:e4:e5:f5:30:b1:00:22:31:
2d:19:14:f7:7a:70:91:52:33:e2:c0:df:3c:12:9e:
e2:d9:47:52:2e:ed:cf:47:e8:06:84:1a:89:cb:73:
34:f8:5d:92:6d:68:95:3d:33:9a:f4:af:29:b6:e9:
7c:d2:cc:9a:b3:27:b0:1c:c2:59:d6:e3:1b:5e:87:
58:ff:d3:06:d1:2e:a6:98:6f:31:67:3d:9f:2c:f4:
6e:74:56:78:3c:0f:2d:3c:77:c8:60:01:b2:f5:5f:
2b:47:0a:d5:62:e6:29:49:6a:0c:9d:cb:18:e6:fc:
82:f6:55:41:3a:db:f1:7b:8e:15:d0:8a:b5:67:89:
b2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9B:BD:0B:49:C8:07:83:4E:AE:66:DF:CA:08:5B:BE:10:AF:39:E1
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d7c7b68-5c04-4169-bd00-6fee1b5f66af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.15.72.0/21
Signature Algorithm: sha256WithRSAEncryption
71:9e:1b:a0:61:6d:01:8e:75:fa:ce:fc:ef:5e:ff:59:13:72:
5b:ff:ca:0f:31:cd:b0:82:4c:c8:25:a7:07:0d:dd:3d:e0:3e:
b5:8a:12:32:59:52:4a:57:e8:00:93:54:1e:7b:3f:cc:9e:4b:
29:cb:e6:5a:41:33:d6:81:58:1b:f2:b1:2c:98:93:6b:40:f4:
84:1e:b4:ce:5d:5f:5a:ea:91:36:0a:ea:ac:68:97:94:ba:92:
12:f2:af:66:b4:99:08:ab:e8:62:af:1f:b8:fe:3a:f2:33:4f:
47:df:f1:2b:0e:d5:5c:e7:fe:a7:dc:a5:c6:3b:34:54:52:c8:
dc:92:38:79:08:bf:46:9a:f2:2f:5b:fd:7e:a9:0d:2e:ed:60:
17:91:65:8b:f7:5b:78:40:4e:c5:0b:3a:3f:d0:f2:23:29:63:
5d:69:b0:7e:4a:fd:58:af:44:4e:00:be:7c:36:87:7c:86:99:
fb:fa:e2:ba:da:28:4b:5c:ab:a4:55:f3:fe:2c:b7:b6:ec:21:
c5:80:08:f6:ac:c2:3d:13:96:80:22:ca:b4:82:2f:ed:1c:ea:
91:26:66:56:64:ab:70:26:a9:1d:56:c2:f8:9a:93:9e:ad:c6:
5c:fa:da:7d:32:fb:45:8b:fc:29:f6:6f:3a:ea:3e:c3:d9:ec:
a2:8f:e5:19
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUW9uladqumNVVxpkddTGo2vreOVMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMDdmYzY0ZmQ0ZGY2YTY5MDYyYzllNTdlOTcxOWQwM2I3
MzgxZTljY2YwYjg2ODJhN2FlZWQ0YTQxNWEzYjhmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzpikodgnjF25yTz4PpnIC0xnXMB5t0mUgV4+ZTePPR0b4
AxsvM3FpE1DsoyOXIImQXkKiut6zMvHDGkHpZuSGlxKjJuRLC+jC2zTTcPLcg0W0
yMzRsVEI010ZbRBzVeJVB9hFBmDAlRnO41VibOxfjB8ZC9iscrr84xwwCRrk5fUw
sQAiMS0ZFPd6cJFSM+LA3zwSnuLZR1Iu7c9H6AaEGonLczT4XZJtaJU9M5r0rym2
6XzSzJqzJ7AcwlnW4xteh1j/0wbRLqaYbzFnPZ8s9G50Vng8Dy08d8hgAbL1XytH
CtVi5ilJagydyxjm/IL2VUE62/F7jhXQirVnibKVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmZu9C0nIB4NOrmbfyghbvhCvOeEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhkN2M3YjY4LTVjMDQtNDE2OS1iZDAwLTZmZWUxYjVmNjZhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPMD0gwDQYJKoZIhvcNAQELBQADggEBAHGeG6BhbQGOdfrO/O9e/1kTclv/
yg8xzbCCTMglpwcN3T3gPrWKEjJZUkpX6ACTVB57P8yeSynL5lpBM9aBWBvysSyY
k2tA9IQetM5dX1rqkTYK6qxol5S6khLyr2a0mQir6GKvH7j+OvIzT0ff8SsO1Vzn
/qfcpcY7NFRSyNySOHkIv0aa8i9b/X6pDS7tYBeRZYv3W3hATsULOj/Q8iMpY11p
sH5K/VivRE4Avnw2h3yGmfv64rraKEtcq6RV8/4st7bsIcWACPaswj0TloAiyrSC
L+0c6pEmZlZkq3AmqR1Wwviak56txlz62n0y+0WL/Cn2bzrqPsPZ7KKP5Rk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:26:36 2025 by rpki-client