Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/931d975c-752a-45e8-8225-0ca8cc1ecdcb.roa
File: 931d975c-752a-45e8-8225-0ca8cc1ecdcb.roa (raw, json)
Hash identifier: nJV15Tef0mWd/TYbW9LInwqwh+KPK1siYDTJLAT8Uj4=
Subject key identifier: 43:C2:E8:92:0E:5C:40:02:80:0C:AB:7A:7C:9F:B1:79:44:92:31:69
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3A07D0002F79AA7D0BC74E63238DE670DBD3A315
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/931d975c-752a-45e8-8225-0ca8cc1ecdcb.roa
Signing time: Sat 22 Feb 2025 00:00:58 +0000
ROA not before: Sat 22 Feb 2025 00:00:58 +0000
ROA not after: Sat 29 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 13.160.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:07:d0:00:2f:79:aa:7d:0b:c7:4e:63:23:8d:e6:70:db:d3:a3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Feb 22 00:00:58 2025 GMT
Not After : Mar 29 23:59:59 2025 GMT
Subject: serialNumber=dfaa266020f6b97a5d80673397a450cc9731d00bc1e687f7536437de49e5c8ca, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:ac:b7:45:b9:a4:ec:be:77:74:81:eb:95:
62:ce:9e:52:fc:84:1f:98:f2:9f:59:4c:6c:ef:b7:
35:b3:78:19:66:be:0c:68:48:72:9b:6c:6b:b1:72:
2c:32:b8:09:6e:08:d6:f6:63:eb:87:d8:61:1b:03:
58:c2:2f:6e:88:92:b6:d1:12:04:a2:54:54:06:8c:
ac:bc:08:c5:ad:fa:0b:48:de:45:11:58:79:bb:4d:
46:88:01:d8:40:88:90:25:82:c2:55:70:2d:7d:35:
ed:bb:24:f5:3c:44:ad:b8:06:14:45:3d:f6:b0:6a:
0e:87:b8:43:bd:cb:72:11:13:0f:37:2a:36:ab:00:
7a:93:61:8e:d7:16:06:43:7e:21:2f:1f:a8:93:9b:
1e:cb:24:a9:5e:f2:04:22:66:59:f6:09:46:01:bb:
d0:8c:fa:a7:1b:55:b8:83:b1:be:ee:dd:1e:6e:42:
7a:19:01:b0:a5:92:40:f8:6b:68:7f:e8:83:93:eb:
31:9e:b6:96:de:f6:48:a3:94:d3:6f:b2:5e:5c:db:
b0:5d:14:c9:66:16:ce:26:ff:5f:4e:8a:cd:fe:75:
77:7f:05:aa:89:bf:3c:29:cf:8c:f2:52:ae:b2:e1:
31:3f:88:8f:2f:a5:d5:d8:0d:9f:64:01:63:e9:38:
b1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C2:E8:92:0E:5C:40:02:80:0C:AB:7A:7C:9F:B1:79:44:92:31:69
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/931d975c-752a-45e8-8225-0ca8cc1ecdcb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:a2:34:95:7b:89:53:26:18:88:83:79:36:31:11:35:4c:0d:
61:0a:dd:18:6b:7a:76:a4:11:15:7b:15:1f:70:60:73:17:53:
ff:d1:cb:ba:b7:b9:35:a0:67:36:b7:8f:fb:51:b5:92:f6:f0:
3e:3e:70:06:5b:ca:a7:e2:ad:d2:26:bf:cf:ac:4f:5f:a4:b5:
5d:9d:b4:00:59:d9:91:69:9e:97:b8:bb:8b:d3:da:4e:ee:39:
f2:be:e8:08:cc:05:ac:a9:41:5c:f2:bb:15:14:02:f0:f1:e8:
a1:d7:ce:a5:fe:24:82:ba:10:b5:15:1a:77:86:56:35:61:97:
5f:bd:9b:b1:59:5f:e6:53:4e:fb:8a:33:9b:73:24:ac:bf:b4:
fc:37:63:65:5d:0c:70:4a:7c:33:50:0a:5e:e8:7e:80:32:98:
36:9c:10:ab:e6:b1:c9:75:e1:94:d1:8d:84:a8:0e:64:11:ad:
28:02:17:92:6b:30:5f:94:cb:e0:5d:8b:33:a2:a6:37:b8:f7:
6a:fe:74:51:68:cb:ce:d2:ad:41:23:bc:e8:94:7c:c0:c5:19:
9b:1c:ff:09:32:45:c3:c1:6e:63:c0:12:52:a7:fa:ff:90:e7:
8e:a3:21:f7:9e:f9:62:25:8a:48:8b:8d:9b:15:7a:04:99:0e:
65:42:e1:df
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOgfQAC95qn0Lx05jI43mcNvToxUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjIyMDAwMDU4WhcNMjUwMzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZmFhMjY2MDIwZjZiOTdhNWQ4MDY3MzM5N2E0NTBjYzk3
MzFkMDBiYzFlNjg3Zjc1MzY0MzdkZTQ5ZTVjOGNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC026y3Rbmk7L53dIHrlWLOnlL8hB+Y8p9ZTGzvtzWzeBlm
vgxoSHKbbGuxciwyuAluCNb2Y+uH2GEbA1jCL26IkrbREgSiVFQGjKy8CMWt+gtI
3kURWHm7TUaIAdhAiJAlgsJVcC19Ne27JPU8RK24BhRFPfawag6HuEO9y3IREw83
KjarAHqTYY7XFgZDfiEvH6iTmx7LJKle8gQiZln2CUYBu9CM+qcbVbiDsb7u3R5u
QnoZAbClkkD4a2h/6IOT6zGetpbe9kijlNNvsl5c27BdFMlmFs4m/19Ois3+dXd/
BaqJvzwpz4zyUq6y4TE/iI8vpdXYDZ9kAWPpOLHvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQ8Lokg5cQAKADKt6fJ+xeUSSMWkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkzMWQ5NzVjLTc1MmEtNDVlOC04MjI1LTBjYThjYzFlY2RjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwANoDANBgkqhkiG9w0BAQsFAAOCAQEAo6I0lXuJUyYYiIN5NjERNUwNYQrd
GGt6dqQRFXsVH3BgcxdT/9HLure5NaBnNreP+1G1kvbwPj5wBlvKp+Kt0ia/z6xP
X6S1XZ20AFnZkWmel7i7i9PaTu458r7oCMwFrKlBXPK7FRQC8PHoodfOpf4kgroQ
tRUad4ZWNWGXX72bsVlf5lNO+4ozm3MkrL+0/DdjZV0McEp8M1AKXuh+gDKYNpwQ
q+axyXXhlNGNhKgOZBGtKAIXkmswX5TL4F2LM6KmN7j3av50UWjLztKtQSO86JR8
wMUZmxz/CTJFw8FuY8ASUqf6/5DnjqMh9575YiWKSIuNmxV6BJkOZULh3w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:10:31 2025 by rpki-client