Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94521798-cbd3-472a-b6f4-a4236f4d6150.roa
File: 94521798-cbd3-472a-b6f4-a4236f4d6150.roa (raw, json)
Hash identifier: JImJyZKedQP+lcw/CfQyxr3d4DjHLm+vLz4oL4WSzYI=
Subject key identifier: DD:E3:D0:D9:F7:1D:41:7D:43:F4:07:FD:BF:BE:B5:4D:1B:DE:DF:EF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4C876B660FEC59F7349415D289DAAC200338759D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94521798-cbd3-472a-b6f4-a4236f4d6150.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f00:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:87:6b:66:0f:ec:59:f7:34:94:15:d2:89:da:ac:20:03:38:75:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=4ce681ae1c780e1985a1ec26d26bba0165738bb1782ae1a52b27c6b2c4b79dec, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:30:07:b1:ad:a0:0c:e3:17:d3:38:07:e9:90:
f6:52:5c:4e:ad:a6:6b:fa:9d:1c:6e:f1:ba:55:b6:
3c:ff:af:95:43:74:7c:d0:5a:12:0b:f6:47:f8:87:
37:ef:bf:67:7c:96:9a:fd:3b:30:89:1d:cb:0f:8c:
aa:e9:be:42:2e:23:cf:1b:69:aa:a6:57:67:be:fb:
8e:81:c1:d0:ec:9c:5f:0d:7d:e4:c4:04:ae:c0:0c:
23:06:8b:f7:96:e1:ff:ff:ed:35:79:65:a7:b6:d2:
99:f8:58:a3:ec:38:f3:ad:ea:81:5a:f9:f5:58:3b:
85:bb:f6:2e:68:b0:50:ca:28:df:db:de:99:6a:db:
0a:c2:c8:05:04:4c:1c:26:fd:8a:67:1a:9e:83:44:
e9:56:0a:09:51:da:04:e8:eb:07:6a:48:ee:6f:b7:
c8:08:5b:d1:9c:8c:1e:8b:83:87:3a:a5:a8:60:7b:
c5:7e:da:00:0a:db:f1:3f:e1:3b:8c:03:b8:6d:f7:
f0:15:ee:1f:e2:c6:5e:9c:4d:7b:3b:af:42:90:64:
99:85:66:70:b6:30:6c:17:c2:45:81:ed:a5:2a:51:
31:0c:5e:d7:9a:9f:b4:ee:42:56:60:9c:ce:5c:03:
6d:32:02:4f:a6:b6:32:80:37:61:d6:fc:f2:a5:36:
a3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E3:D0:D9:F7:1D:41:7D:43:F4:07:FD:BF:BE:B5:4D:1B:DE:DF:EF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94521798-cbd3-472a-b6f4-a4236f4d6150.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f00:2000::/40
Signature Algorithm: sha256WithRSAEncryption
17:b9:81:56:8b:72:d0:bb:c9:7d:9d:4a:93:bd:4b:7f:49:8d:
b4:94:04:15:a2:79:aa:d4:20:01:02:4f:92:b6:cc:4e:f1:e1:
aa:0a:10:d5:17:54:c9:0d:51:8e:d4:2d:91:7e:99:37:5b:17:
a5:bb:53:00:d1:0b:bf:d9:12:29:77:02:60:2a:3b:e8:fb:d1:
2f:87:c2:9c:4e:df:70:ad:b9:05:5c:f9:01:31:bf:5e:23:bc:
f3:d6:b7:5a:c5:e1:c0:5a:e5:09:8c:0c:c7:9c:1f:8b:af:71:
4f:91:5f:fe:08:18:68:fe:1c:f2:58:7f:a1:27:e4:e8:22:3f:
b4:06:30:36:ba:b3:88:00:cb:93:69:4b:44:50:45:5a:58:64:
12:71:5a:de:eb:3b:6c:04:19:47:f6:31:a6:d7:4a:04:f4:92:
d1:f7:90:3f:db:a6:4c:03:12:c0:41:c3:ae:ee:66:01:1a:14:
36:13:d1:d6:b1:bd:90:ed:2c:74:03:2b:ea:6b:2c:45:60:3b:
4d:bb:9c:81:61:23:60:1d:1f:1e:d8:05:2d:1a:18:b1:f2:5b:
2b:eb:d0:e8:2a:f4:c9:8b:97:e6:e7:b4:09:33:24:51:ae:66:
75:b1:d7:ee:2e:5c:03:28:b0:65:49:5f:1b:36:99:68:e8:3c:
a4:5c:30:4d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTIdrZg/sWfc0lBXSidqsIAM4dZ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0Y2U2ODFhZTFjNzgwZTE5ODVhMWVjMjZkMjZiYmEwMTY1
NzM4YmIxNzgyYWUxYTUyYjI3YzZiMmM0Yjc5ZGVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeMAexraAM4xfTOAfpkPZSXE6tpmv6nRxu8bpVtjz/r5VD
dHzQWhIL9kf4hzfvv2d8lpr9OzCJHcsPjKrpvkIuI88baaqmV2e++46BwdDsnF8N
feTEBK7ADCMGi/eW4f//7TV5Zae20pn4WKPsOPOt6oFa+fVYO4W79i5osFDKKN/b
3plq2wrCyAUETBwm/YpnGp6DROlWCglR2gTo6wdqSO5vt8gIW9GcjB6Lg4c6pahg
e8V+2gAK2/E/4TuMA7ht9/AV7h/ixl6cTXs7r0KQZJmFZnC2MGwXwkWB7aUqUTEM
Xtean7TuQlZgnM5cA20yAk+mtjKAN2HW/PKlNqN5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU3ePQ2fcdQX1D9Af9v761TRve3+8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NTIxNzk4LWNiZDMtNDcyYS1iNmY0LWE0MjM2ZjRkNjE1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8AIDANBgkqhkiG9w0BAQsFAAOCAQEAF7mBVoty0LvJfZ1Kk71Lf0mN
tJQEFaJ5qtQgAQJPkrbMTvHhqgoQ1RdUyQ1RjtQtkX6ZN1sXpbtTANELv9kSKXcC
YCo76PvRL4fCnE7fcK25BVz5ATG/XiO889a3WsXhwFrlCYwMx5wfi69xT5Ff/ggY
aP4c8lh/oSfk6CI/tAYwNrqziADLk2lLRFBFWlhkEnFa3us7bAQZR/YxptdKBPSS
0feQP9umTAMSwEHDru5mARoUNhPR1rG9kO0sdAMr6mssRWA7TbucgWEjYB0fHtgF
LRoYsfJbK+vQ6Cr0yYuX5ue0CTMkUa5mdbHX7i5cAyiwZUlfGzaZaOg8pFwwTQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:11 2025 by rpki-client