Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/970095ee-be81-47be-983e-3da570529cb4.roa
File: 970095ee-be81-47be-983e-3da570529cb4.roa (raw, json)
Hash identifier: 7sYJLJ/IlcwPz1E04/LpycGjWa1BkxAKBz3zFPNKQZk=
Subject key identifier: F5:95:C0:D6:8D:A4:0A:63:B9:59:9E:22:04:B4:A2:28:81:ED:C8:B2
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7A58FB5773FE60EA40706CA4BEF076CE6BE9DDFE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/970095ee-be81-47be-983e-3da570529cb4.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 40.178.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:58:fb:57:73:fe:60:ea:40:70:6c:a4:be:f0:76:ce:6b:e9:dd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=9a434b5cd07d51d688d26ee7b3e26bca581f18fee435638185d2b900763e6c4d, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2f:eb:29:94:c4:71:c6:f7:82:7f:aa:0e:d0:
d6:b3:9b:08:15:5c:9e:04:49:71:f8:7b:27:1e:a1:
6e:76:bb:40:b4:44:67:6c:8d:1e:08:3e:8b:7a:67:
1e:67:e1:e9:06:e3:f9:d3:ee:d1:9f:67:53:09:a6:
a2:64:e9:87:c4:02:01:91:0d:ba:df:c2:e7:35:03:
97:ca:d6:0c:fb:3f:13:4f:69:35:87:07:df:ae:f5:
3d:57:55:fb:91:1c:27:60:91:73:d7:47:dc:b7:9b:
37:2b:86:8a:f8:c6:af:e4:10:45:d0:b1:c6:13:9c:
4c:58:a8:fa:08:67:7c:69:08:39:54:be:f1:d3:79:
4e:2a:01:0e:9b:2c:e6:12:82:b6:56:d2:4b:bc:e2:
95:b1:14:40:e7:58:f4:c8:bc:16:be:17:a4:ed:49:
30:b0:ca:6a:0f:54:fd:c3:df:0b:8c:c1:f5:c8:88:
2b:d5:41:f0:43:8d:d0:5b:c9:70:63:a4:18:0d:bf:
8e:7e:a3:a1:4a:b1:34:dc:65:a5:94:48:3a:ea:6b:
b9:3c:5d:60:c8:81:cb:32:3b:7e:87:ae:7e:d8:ba:
31:aa:75:65:a7:ce:2d:90:91:f8:da:19:6c:37:9c:
d9:24:f6:5d:01:98:92:6d:81:ae:28:51:be:f6:0a:
fc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:95:C0:D6:8D:A4:0A:63:B9:59:9E:22:04:B4:A2:28:81:ED:C8:B2
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/970095ee-be81-47be-983e-3da570529cb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.178.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:ae:a3:85:58:b7:85:44:6f:4a:09:4a:73:91:02:bf:e1:df:
5d:56:ec:5f:8e:c6:aa:8e:bf:2f:6f:4e:15:e6:0d:17:1d:e3:
3c:e5:43:c0:3e:33:c4:4e:ca:84:c8:f1:81:9b:34:bb:d1:86:
80:a5:31:c9:39:3f:b2:d0:15:cb:35:fc:84:12:ec:5f:35:26:
67:61:74:87:c3:61:8b:e2:06:89:47:aa:15:67:b0:ff:87:92:
af:d7:39:72:c3:ad:87:82:bb:60:23:13:c8:41:30:14:59:04:
0f:e9:a2:b0:32:3c:2c:9b:ac:0d:32:b9:cd:70:e6:fc:b5:0f:
f6:9e:e8:81:0e:2f:76:46:1e:ac:0a:a9:73:e6:5e:eb:6b:4c:
b9:68:9a:60:0a:eb:71:55:81:ed:2e:70:6f:c7:f0:7f:91:5f:
e0:94:cf:88:22:30:ef:9a:9d:8a:60:76:ad:0a:e7:00:92:62:
57:4e:ed:d9:d8:20:71:06:f3:9e:1f:dc:74:ae:6c:0b:21:46:
eb:bc:9e:7d:a2:39:05:39:28:31:09:e6:b6:5c:7d:05:ba:f9:
57:8d:44:cc:63:23:53:47:84:ab:b6:45:2a:a3:3d:f1:dd:c2:
2e:23:67:6e:eb:18:75:10:f5:6a:62:ff:81:d1:71:aa:31:6a:
fe:b3:ce:3b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUelj7V3P+YOpAcGykvvB2zmvp3f4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTQzNGI1Y2QwN2Q1MWQ2ODhkMjZlZTdiM2UyNmJjYTU4
MWYxOGZlZTQzNTYzODE4NWQyYjkwMDc2M2U2YzRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2L+splMRxxveCf6oO0NazmwgVXJ4ESXH4eyceoW52u0C0
RGdsjR4IPot6Zx5n4ekG4/nT7tGfZ1MJpqJk6YfEAgGRDbrfwuc1A5fK1gz7PxNP
aTWHB9+u9T1XVfuRHCdgkXPXR9y3mzcrhor4xq/kEEXQscYTnExYqPoIZ3xpCDlU
vvHTeU4qAQ6bLOYSgrZW0ku84pWxFEDnWPTIvBa+F6TtSTCwymoPVP3D3wuMwfXI
iCvVQfBDjdBbyXBjpBgNv45+o6FKsTTcZaWUSDrqa7k8XWDIgcsyO36Hrn7YujGq
dWWnzi2QkfjaGWw3nNkk9l0BmJJtga4oUb72CvwnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9ZXA1o2kCmO5WZ4iBLSiKIHtyLIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk3MDA5NWVlLWJlODEtNDdiZS05ODNlLTNkYTU3MDUyOWNiNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAosjANBgkqhkiG9w0BAQsFAAOCAQEAMq6jhVi3hURvSglKc5ECv+HfXVbs
X47Gqo6/L29OFeYNFx3jPOVDwD4zxE7KhMjxgZs0u9GGgKUxyTk/stAVyzX8hBLs
XzUmZ2F0h8Nhi+IGiUeqFWew/4eSr9c5csOth4K7YCMTyEEwFFkED+misDI8LJus
DTK5zXDm/LUP9p7ogQ4vdkYerAqpc+Ze62tMuWiaYArrcVWB7S5wb8fwf5Ff4JTP
iCIw75qdimB2rQrnAJJiV07t2dggcQbznh/cdK5sCyFG67yefaI5BTkoMQnmtlx9
Bbr5V41EzGMjU0eEq7ZFKqM98d3CLiNnbusYdRD1amL/gdFxqjFq/rPOOw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:48:12 2025 by rpki-client