Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/967a27ba-1aa0-4102-b736-357bdb52d9b8.roa
File: 967a27ba-1aa0-4102-b736-357bdb52d9b8.roa (raw, json)
Hash identifier: YG/kCmEKzhkcdg3KECGFrv8oIqmbgXt9QF5JaLb4yIg=
Subject key identifier: 19:BA:37:8D:23:B1:AB:D5:32:0F:89:52:C7:84:8A:E0:D3:1E:2F:F4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0D2B8B0C9E66F8D5E3E4C08E2F8A49E2A6A5AFB0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/967a27ba-1aa0-4102-b736-357bdb52d9b8.roa
Signing time: Sat 11 Jan 2025 00:00:00 +0000
ROA not before: Sat 11 Jan 2025 00:00:00 +0000
ROA not after: Sat 15 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 185.251.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2b:8b:0c:9e:66:f8:d5:e3:e4:c0:8e:2f:8a:49:e2:a6:a5:af:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 11 00:00:00 2025 GMT
Not After : Feb 15 23:59:59 2025 GMT
Subject: serialNumber=4a88655d0356d70c6b64f9e0c1eaef24be3fb850850f3f966ea437a41b9b2153, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:05:1d:fc:f8:18:7a:d2:2e:47:e4:a5:ee:
2e:83:ce:18:2e:d8:14:b9:34:1d:d7:2d:7e:3c:16:
2b:48:b3:ff:79:d8:31:06:16:af:0a:c4:d9:e4:f1:
ea:10:71:1c:f5:c3:49:34:79:94:27:fd:5b:4f:44:
7b:36:70:e4:31:28:a6:0d:de:fd:95:de:2d:73:31:
e8:51:52:70:49:44:72:3f:91:b7:ff:0a:b7:55:e9:
27:10:44:72:cc:f9:a3:ae:13:55:d3:ba:5a:ad:3c:
1f:4f:e4:ed:cb:83:93:d9:0a:1d:29:85:63:b9:04:
c5:bd:fe:82:a5:1f:67:21:25:0b:7c:26:04:ba:15:
ee:bd:bf:a3:c4:51:67:55:2b:16:3b:bd:64:63:66:
df:47:c7:22:c4:77:4e:f4:00:be:45:34:35:18:98:
af:3d:37:52:c9:16:4d:ce:45:88:f2:2b:c6:29:36:
17:78:08:ed:04:32:34:7f:e4:e8:73:90:5e:fc:d5:
57:88:a4:81:78:7a:6e:af:ba:81:7f:bf:40:0a:1c:
5d:a2:f8:51:d2:c0:cb:12:f0:53:32:d5:2e:c7:9a:
c0:93:af:f8:36:f7:d1:a4:17:67:aa:a0:72:f0:da:
e3:84:8f:30:86:94:e7:c8:5d:c4:a4:f7:ce:42:1f:
cd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BA:37:8D:23:B1:AB:D5:32:0F:89:52:C7:84:8A:E0:D3:1E:2F:F4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/967a27ba-1aa0-4102-b736-357bdb52d9b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.116.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:a2:a4:dd:4f:ce:20:d0:fd:79:17:cf:74:86:90:85:ec:04:
d1:61:66:31:3f:25:a6:3f:c8:22:87:7a:ad:2b:6c:da:22:b3:
4c:49:2d:38:e8:2f:94:b1:89:83:42:37:3a:cc:4b:ea:28:1e:
e2:7d:30:80:45:ed:d5:3c:3a:3b:37:85:76:36:f2:62:99:18:
23:65:f0:9f:4f:ef:69:f8:2e:4a:26:34:b8:ef:bc:d4:b1:e0:
c5:15:9a:2d:b3:3e:2e:b5:bd:0e:2e:c3:7f:7d:30:21:d1:cf:
24:61:02:36:c4:5e:1e:5b:a4:05:d5:8d:51:87:ec:01:8c:e3:
01:cf:0c:44:28:77:90:ec:47:02:de:55:34:7a:ac:57:4e:52:
b7:d0:9e:d7:b5:3f:a1:38:90:e4:9e:06:12:03:e2:f3:93:be:
7b:6b:76:e2:e9:22:e1:92:40:ba:ba:98:38:59:08:ac:6a:08:
e4:7a:61:c8:f3:ac:83:21:de:f5:79:a3:e1:a2:91:61:56:0c:
b9:7b:99:a1:fd:0a:54:70:38:77:92:ec:fb:ef:0a:4f:e1:d5:
f2:b9:ad:f9:d3:67:2f:c5:59:23:07:d0:c2:c6:40:32:3c:50:
34:8f:e2:17:8a:e3:14:66:26:09:b6:c2:38:59:4d:84:cd:08:
94:9a:a3:67
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDSuLDJ5m+NXj5MCOL4pJ4qalr7AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTExMDAwMDAwWhcNMjUwMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTg4NjU1ZDAzNTZkNzBjNmI2NGY5ZTBjMWVhZWYyNGJl
M2ZiODUwODUwZjNmOTY2ZWE0MzdhNDFiOWIyMTUzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiqwUd/PgYetIuR+Sl7i6Dzhgu2BS5NB3XLX48FitIs/95
2DEGFq8KxNnk8eoQcRz1w0k0eZQn/VtPRHs2cOQxKKYN3v2V3i1zMehRUnBJRHI/
kbf/CrdV6ScQRHLM+aOuE1XTulqtPB9P5O3Lg5PZCh0phWO5BMW9/oKlH2chJQt8
JgS6Fe69v6PEUWdVKxY7vWRjZt9HxyLEd070AL5FNDUYmK89N1LJFk3ORYjyK8Yp
Nhd4CO0EMjR/5OhzkF781VeIpIF4em6vuoF/v0AKHF2i+FHSwMsS8FMy1S7HmsCT
r/g299GkF2eqoHLw2uOEjzCGlOfIXcSk985CH80HAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGbo3jSOxq9UyD4lSx4SK4NMeL/QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk2N2EyN2JhLTFhYTAtNDEwMi1iNzM2LTM1N2JkYjUyZDliOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAK5+3QwDQYJKoZIhvcNAQELBQADggEBAK2ipN1PziDQ/XkXz3SGkIXsBNFh
ZjE/JaY/yCKHeq0rbNois0xJLTjoL5SxiYNCNzrMS+ooHuJ9MIBF7dU8Ojs3hXY2
8mKZGCNl8J9P72n4LkomNLjvvNSx4MUVmi2zPi61vQ4uw399MCHRzyRhAjbEXh5b
pAXVjVGH7AGM4wHPDEQod5DsRwLeVTR6rFdOUrfQnte1P6E4kOSeBhID4vOTvntr
duLpIuGSQLq6mDhZCKxqCOR6YcjzrIMh3vV5o+GikWFWDLl7maH9ClRwOHeS7Pvv
Ck/h1fK5rfnTZy/FWSMH0MLGQDI8UDSP4heK4xRmJgm2wjhZTYTNCJSao2c=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:30:18 2025 by rpki-client