Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9cf60302-61c4-468d-a498-f3ea84f3cdf3.roa
File: 9cf60302-61c4-468d-a498-f3ea84f3cdf3.roa (raw, json)
Hash identifier: DCdbebegfGTnU9KBJbmtfLi3Ac60zCmQJvySKtwM1t0=
Subject key identifier: 2D:A1:D4:7D:EE:42:73:74:3E:C8:B0:FA:9F:AB:01:BB:6B:10:03:99
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 120DECBACDC22D5F3166424BC82BB743E1AADA92
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9cf60302-61c4-468d-a498-f3ea84f3cdf3.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ff7:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:0d:ec:ba:cd:c2:2d:5f:31:66:42:4b:c8:2b:b7:43:e1:aa:da:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=a3cd79719a8ff2386b55503c7acad002342222288ccecc6bd5a8da07e9583a8c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8e:e9:67:7b:73:21:85:87:87:14:39:3e:e8:
25:2b:03:3b:86:7a:18:9e:b6:89:c0:c9:45:80:15:
6b:ed:fe:a6:89:e9:48:ea:4e:f4:37:ff:13:71:02:
bc:d9:d2:3a:4b:c7:a2:eb:b3:2c:4d:a4:52:98:f9:
ca:d1:68:c1:64:38:48:c0:37:bb:2b:86:b6:2a:38:
d2:b7:b4:41:b8:91:96:fc:cf:9c:8b:85:c8:d6:ac:
e6:4d:f1:43:e7:4e:f9:47:2d:16:b1:3d:b9:74:58:
f3:78:f2:cd:a5:9c:19:b9:eb:71:ee:6e:34:08:1b:
47:4d:6d:4e:56:b9:4d:02:6c:9e:64:8e:e0:da:fe:
6c:af:55:6c:4c:7e:5d:a1:8c:4f:e1:94:6e:f8:6f:
84:c7:5b:9d:5c:86:9d:c1:91:bc:9b:23:e3:b3:4c:
cc:e0:70:f3:21:4f:c0:ee:5b:58:f6:8e:31:09:ba:
f4:93:80:47:ff:49:17:ca:4a:b1:e0:3e:a8:35:29:
ff:48:9f:d9:9a:ac:50:79:ee:8a:e4:a3:ff:d2:7a:
74:75:e2:5d:ab:88:3e:01:af:86:c8:a7:f8:bd:bc:
69:48:e0:7f:2a:52:84:3e:30:eb:dc:5b:6a:0f:00:
71:fd:f8:b7:9a:84:1f:a3:41:ef:53:c0:e0:4e:d2:
22:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A1:D4:7D:EE:42:73:74:3E:C8:B0:FA:9F:AB:01:BB:6B:10:03:99
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9cf60302-61c4-468d-a498-f3ea84f3cdf3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff7:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:d7:06:ef:de:45:3d:ef:6d:b7:33:bb:ab:bd:46:6f:0f:16:
42:a9:ef:0a:f6:ea:56:fa:a3:6f:9c:43:a2:d7:a5:29:42:8d:
65:83:18:44:12:2d:9e:1e:d3:06:7d:60:80:1c:ad:6f:e0:0a:
f2:52:1d:5d:65:af:ba:52:04:ac:03:e0:8a:ca:cb:a8:e6:89:
56:23:43:3a:29:7f:5b:d1:dd:70:d4:e7:34:4b:b7:c0:83:18:
eb:36:e9:0d:3e:6f:bb:e4:4d:d2:d6:85:e2:80:0b:0e:82:c8:
2a:09:34:13:fc:30:58:06:fb:25:66:65:3f:f8:5c:64:e7:b0:
d5:2d:88:6d:5b:90:eb:36:24:0c:60:39:04:a2:14:b8:4f:af:
45:3c:cd:92:d2:66:c5:f4:75:9a:a0:5d:2c:61:7f:8b:fd:c8:
66:7e:7d:21:89:f6:ca:7a:64:2c:7a:25:2e:9d:51:4a:6d:37:
59:4a:65:30:e9:e7:52:1f:c7:65:03:e6:66:01:05:b0:b4:98:
0c:a9:41:c8:f2:d2:42:27:82:e5:f7:89:ab:cd:bd:70:ad:94:
ab:34:0c:42:a2:5b:ba:24:40:40:e9:c1:3c:c7:ef:c4:bb:1a:
c3:ed:3a:e5:df:28:0b:14:45:2b:de:11:3c:3a:2c:81:f3:45:
bd:08:a1:77
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEg3sus3CLV8xZkJLyCu3Q+Gq2pIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhM2NkNzk3MTlhOGZmMjM4NmI1NTUwM2M3YWNhZDAwMjM0
MjIyMjI4OGNjZWNjNmJkNWE4ZGEwN2U5NTgzYThjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjjulne3MhhYeHFDk+6CUrAzuGehietonAyUWAFWvt/qaJ
6UjqTvQ3/xNxArzZ0jpLx6LrsyxNpFKY+crRaMFkOEjAN7srhrYqONK3tEG4kZb8
z5yLhcjWrOZN8UPnTvlHLRaxPbl0WPN48s2lnBm563HubjQIG0dNbU5WuU0CbJ5k
juDa/myvVWxMfl2hjE/hlG74b4THW51chp3BkbybI+OzTMzgcPMhT8DuW1j2jjEJ
uvSTgEf/SRfKSrHgPqg1Kf9In9marFB57orko//SenR14l2riD4Br4bIp/i9vGlI
4H8qUoQ+MOvcW2oPAHH9+LeahB+jQe9TwOBO0iI5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQULaHUfe5Cc3Q+yLD6n6sBu2sQA5kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzljZjYwMzAyLTYxYzQtNDY4ZC1hNDk4LWYzZWE4NGYzY2RmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/34DANBgkqhkiG9w0BAQsFAAOCAQEAsNcG795FPe9ttzO7q71Gbw8W
QqnvCvbqVvqjb5xDotelKUKNZYMYRBItnh7TBn1ggBytb+AK8lIdXWWvulIErAPg
isrLqOaJViNDOil/W9HdcNTnNEu3wIMY6zbpDT5vu+RN0taF4oALDoLIKgk0E/ww
WAb7JWZlP/hcZOew1S2IbVuQ6zYkDGA5BKIUuE+vRTzNktJmxfR1mqBdLGF/i/3I
Zn59IYn2ynpkLHolLp1RSm03WUplMOnnUh/HZQPmZgEFsLSYDKlByPLSQieC5feJ
q829cK2UqzQMQqJbuiRAQOnBPMfvxLsaw+065d8oCxRFK94RPDosgfNFvQihdw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:26:42 2025 by rpki-client