Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e9c88b8-0479-4aad-933a-66c192cc65c9.roa
File: 9e9c88b8-0479-4aad-933a-66c192cc65c9.roa (raw, json)
Hash identifier: +qqnCs/+l0kFEYktdhg6KJZNrtAVUUxPEpkxc3wzFzs=
Subject key identifier: 0B:DC:0D:4E:D6:E8:AE:0E:D3:9E:6C:F2:C9:2A:BF:B9:7B:52:22:F6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4C89F05B725A4C150C800D14AA8F3AF41614854B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e9c88b8-0479-4aad-933a-66c192cc65c9.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 16.20.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:89:f0:5b:72:5a:4c:15:0c:80:0d:14:aa:8f:3a:f4:16:14:85:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=85ca7baab49572d7968b269067740be806b7eab8ae8a5d8515055caa658765df, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ee:5e:ef:f2:e1:70:e1:12:09:89:12:3b:75:
be:ea:36:93:ee:29:3b:f8:94:f5:fd:87:50:a2:24:
7b:fb:a3:66:15:d5:c6:36:fd:09:1a:dc:b6:fd:5b:
34:07:21:6e:94:a2:b9:a2:c3:d8:47:ed:ad:b1:31:
5b:e6:73:0b:9f:f8:f9:40:0a:e8:31:e2:e1:2b:b5:
27:d4:14:03:6c:36:0c:ba:45:17:a3:a6:9a:d8:e0:
1a:b6:37:01:66:4f:b5:e7:7c:cc:f9:ed:c4:37:ee:
17:e6:87:b7:6e:16:64:59:7b:20:44:2b:73:af:52:
24:93:ba:3f:89:e2:59:dc:e3:29:c4:1d:21:81:12:
d7:a2:93:f8:94:b9:d8:e8:45:1a:aa:cc:9c:81:66:
ab:e1:e6:fd:fd:11:eb:7b:1b:aa:0f:90:1e:99:b8:
6e:0f:35:52:d1:94:6e:e7:d7:54:24:d2:dc:21:04:
ec:08:50:37:2a:1f:e0:97:5c:cc:25:90:27:28:13:
81:5b:85:7f:8c:37:d9:f2:81:e1:cd:5a:01:7c:59:
d5:3d:62:7b:12:31:da:d5:9e:ce:30:55:00:74:85:
00:a5:75:83:c4:5f:d9:5f:69:d8:e4:57:fe:af:8f:
70:58:19:ea:60:ca:e2:1d:76:c2:51:4c:c6:04:08:
eb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DC:0D:4E:D6:E8:AE:0E:D3:9E:6C:F2:C9:2A:BF:B9:7B:52:22:F6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e9c88b8-0479-4aad-933a-66c192cc65c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.20.232.0/22
Signature Algorithm: sha256WithRSAEncryption
29:65:69:53:ba:64:63:a4:12:38:3a:c0:56:7b:06:05:d6:ee:
41:c8:9a:a7:01:c4:5c:43:8d:46:40:bd:aa:37:a4:68:ef:78:
a1:3a:97:5d:74:25:ce:d0:88:e2:7b:9f:1e:57:a5:65:13:e4:
de:31:7d:d7:bf:ba:1c:74:23:69:65:c7:8c:61:8c:98:09:4b:
c2:b2:89:11:ba:c7:a7:09:d5:9f:12:82:b6:cb:2c:e9:b2:0b:
29:b3:42:27:e6:f4:ef:01:5c:fc:11:1f:f2:66:57:3d:2c:c7:
03:84:4d:85:13:a9:79:74:0b:0d:0f:af:63:f2:dd:54:62:05:
2d:09:4f:de:f6:bb:d9:b9:13:f8:f4:da:ed:04:a6:7e:6b:b2:
df:df:be:5c:ea:50:2a:5b:96:27:59:3a:1e:20:48:cb:91:c7:
93:28:09:bf:4d:58:95:8d:47:c6:f9:fb:c7:cc:e4:0a:94:a3:
82:d3:fd:10:ae:19:38:06:ca:36:69:f4:f7:54:a5:cd:16:25:
77:83:8e:fe:a8:c7:c5:69:ec:0d:39:93:0d:e5:7e:4d:24:52:
1d:0d:0d:94:89:ff:0c:79:a1:48:16:98:58:38:00:10:68:81:
59:84:7c:c5:f7:21:74:74:d9:4e:88:31:90:d1:89:da:50:ae:
45:13:6c:6c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTInwW3JaTBUMgA0Uqo869BYUhUswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NWNhN2JhYWI0OTU3MmQ3OTY4YjI2OTA2Nzc0MGJlODA2
YjdlYWI4YWU4YTVkODUxNTA1NWNhYTY1ODc2NWRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDS7l7v8uFw4RIJiRI7db7qNpPuKTv4lPX9h1CiJHv7o2YV
1cY2/Qka3Lb9WzQHIW6Uormiw9hH7a2xMVvmcwuf+PlACugx4uErtSfUFANsNgy6
RRejpprY4Bq2NwFmT7XnfMz57cQ37hfmh7duFmRZeyBEK3OvUiSTuj+J4lnc4ynE
HSGBEteik/iUudjoRRqqzJyBZqvh5v39Eet7G6oPkB6ZuG4PNVLRlG7n11Qk0twh
BOwIUDcqH+CXXMwlkCcoE4FbhX+MN9nygeHNWgF8WdU9YnsSMdrVns4wVQB0hQCl
dYPEX9lfadjkV/6vj3BYGepgyuIddsJRTMYECOsvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUC9wNTtborg7TnmzyySq/uXtSIvYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllOWM4OGI4LTA0NzktNGFhZC05MzNhLTY2YzE5MmNjNjVjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIQFOgwDQYJKoZIhvcNAQELBQADggEBACllaVO6ZGOkEjg6wFZ7BgXW7kHI
mqcBxFxDjUZAvao3pGjveKE6l110Jc7QiOJ7nx5XpWUT5N4xfde/uhx0I2llx4xh
jJgJS8KyiRG6x6cJ1Z8SgrbLLOmyCymzQifm9O8BXPwRH/JmVz0sxwOETYUTqXl0
Cw0Pr2Py3VRiBS0JT972u9m5E/j02u0Epn5rst/fvlzqUCpblidZOh4gSMuRx5Mo
Cb9NWJWNR8b5+8fM5AqUo4LT/RCuGTgGyjZp9PdUpc0WJXeDjv6ox8Vp7A05kw3l
fk0kUh0NDZSJ/wx5oUgWmFg4ABBogVmEfMX3IXR02U6IMZDRidpQrkUTbGw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:33:13 2025 by rpki-client