Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f1a410b-4fcb-46b7-92eb-4e2730e01468.roa
File: 8f1a410b-4fcb-46b7-92eb-4e2730e01468.roa (raw, json)
Hash identifier: sbMUk2w3UDTRvVEf6wJPZU+saFch1uUSVzKpQXgHBGM=
Subject key identifier: B4:1E:DE:EF:78:5F:F2:6B:96:CA:41:C2:DA:9F:32:62:C8:33:5D:23
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 53753DD103CE6E972E0C11230050728B9438BE56
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f1a410b-4fcb-46b7-92eb-4e2730e01468.roa
Signing time: Wed 12 Mar 2025 00:20:35 +0000
ROA not before: Wed 12 Mar 2025 00:20:35 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.126.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:75:3d:d1:03:ce:6e:97:2e:0c:11:23:00:50:72:8b:94:38:be:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 12 00:20:35 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: serialNumber=9116b594ebf4f42e796abeb990b95cdef9b5eb0e64a6241a24a6440995057ec3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:49:d8:ef:42:07:29:a3:5a:83:8c:81:33:91:
dc:05:c1:42:b9:78:29:b7:80:cd:35:4d:7f:b4:7b:
ae:5a:75:6d:cc:21:aa:2b:a4:1b:4c:92:4b:09:66:
0b:3e:0f:33:de:7a:c5:bd:65:12:09:18:74:39:8c:
6e:20:66:f9:03:16:6a:75:d4:58:b7:51:3a:61:5b:
c6:40:89:71:23:85:fe:f9:a7:a2:df:88:fe:ff:af:
f8:45:07:83:21:04:6d:bd:04:f9:65:d8:e2:b7:42:
52:ba:b2:93:84:1b:84:f5:3d:d9:56:b4:7d:28:67:
7b:30:a2:94:72:ce:7c:21:aa:9a:a1:f9:d5:0e:8e:
8f:e1:78:f3:d2:df:f6:d9:b4:0d:82:be:da:27:83:
fb:09:f2:d1:67:b6:1e:f4:7c:83:b2:56:47:d3:e7:
2d:36:fa:c4:34:ff:dd:d2:cd:53:16:ef:64:08:60:
a3:05:b5:ad:92:60:84:2f:39:da:eb:31:a0:ff:f9:
b5:64:81:e8:55:7b:a1:03:a1:40:03:b9:b6:02:27:
77:9a:48:59:86:15:68:6d:a5:a3:e3:12:02:0a:81:
d0:97:b5:2e:8f:ee:de:71:ed:33:1f:49:f9:89:18:
aa:49:eb:5c:52:35:84:72:b6:e1:18:56:b6:1f:f8:
e7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1E:DE:EF:78:5F:F2:6B:96:CA:41:C2:DA:9F:32:62:C8:33:5D:23
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f1a410b-4fcb-46b7-92eb-4e2730e01468.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.126.25.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:95:5b:6a:7c:be:06:65:5c:05:a6:b8:75:c7:c7:51:3d:a7:
ec:aa:17:76:0d:3b:55:dd:db:02:2c:e2:54:16:89:86:66:6c:
49:bf:e8:7f:b9:93:88:5e:e3:48:13:bb:93:0e:bb:4a:ed:41:
94:37:d8:dd:9a:b1:f9:33:14:22:91:ee:e1:88:4d:70:9d:62:
e1:9e:73:7f:2d:91:04:bf:7f:0c:05:99:07:3d:13:a3:c5:81:
57:42:15:f8:07:97:b8:5b:ad:3c:2d:c5:b4:e2:37:fc:f2:f2:
1b:97:15:ce:e8:82:26:af:ab:1d:a6:4d:59:8a:9c:17:33:a6:
98:10:52:7a:8d:62:6a:db:91:45:c8:bc:a9:dd:35:86:95:45:
38:f6:40:c5:06:f2:fd:8b:59:84:0a:0f:ec:5e:5f:9e:42:3b:
59:76:68:39:ba:bd:c7:47:b0:e4:8a:3a:8a:7c:85:ce:6d:f4:
f7:66:a9:ba:0f:a9:ba:d7:e1:89:b7:41:b3:62:22:63:ca:15:
5a:50:72:cb:b4:73:17:c7:20:be:37:a5:bb:a5:fe:d7:f6:9c:
4e:49:23:0b:5e:28:b1:2e:a5:03:43:3c:ff:42:8b:6a:ad:c7:
60:3c:d2:eb:b8:03:19:fc:da:0a:73:d3:8f:8e:04:69:b3:a8:
e9:02:4d:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU3U90QPObpcuDBEjAFByi5Q4vlYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAyMDM1WhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTE2YjU5NGViZjRmNDJlNzk2YWJlYjk5MGI5NWNkZWY5
YjVlYjBlNjRhNjI0MWEyNGE2NDQwOTk1MDU3ZWMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcSdjvQgcpo1qDjIEzkdwFwUK5eCm3gM01TX+0e65adW3M
IaorpBtMkksJZgs+DzPeesW9ZRIJGHQ5jG4gZvkDFmp11Fi3UTphW8ZAiXEjhf75
p6LfiP7/r/hFB4MhBG29BPll2OK3QlK6spOEG4T1PdlWtH0oZ3swopRyznwhqpqh
+dUOjo/hePPS3/bZtA2Cvtong/sJ8tFnth70fIOyVkfT5y02+sQ0/93SzVMW72QI
YKMFta2SYIQvOdrrMaD/+bVkgehVe6EDoUADubYCJ3eaSFmGFWhtpaPjEgIKgdCX
tS6P7t5x7TMfSfmJGKpJ61xSNYRytuEYVrYf+OfFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtB7e73hf8muWykHC2p8yYsgzXSMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhmMWE0MTBiLTRmY2ItNDZiNy05MmViLTRlMjczMGUwMTQ2OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADMfhkwDQYJKoZIhvcNAQELBQADggEBAKSVW2p8vgZlXAWmuHXHx1E9p+yq
F3YNO1Xd2wIs4lQWiYZmbEm/6H+5k4he40gTu5MOu0rtQZQ32N2asfkzFCKR7uGI
TXCdYuGec38tkQS/fwwFmQc9E6PFgVdCFfgHl7hbrTwtxbTiN/zy8huXFc7ogiav
qx2mTVmKnBczppgQUnqNYmrbkUXIvKndNYaVRTj2QMUG8v2LWYQKD+xeX55CO1l2
aDm6vcdHsOSKOop8hc5t9PdmqboPqbrX4Ym3QbNiImPKFVpQcsu0cxfHIL43pbul
/tf2nE5JIwteKLEupQNDPP9Ci2qtx2A80uu4Axn82gpz04+OBGmzqOkCTRo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:33:23 2025 by rpki-client