Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a342ee1c-79f2-4610-aabe-f45e1000e636.roa
File: a342ee1c-79f2-4610-aabe-f45e1000e636.roa (raw, json)
Hash identifier: tdBs95x/fXfhOAWxMR9JqatN6WOXFPDi7GsH1xiTEmY=
Subject key identifier: 41:BF:3F:A6:7C:E6:DF:AC:D8:B4:93:A5:2C:3A:78:43:D1:53:8B:58
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6A4B4491487B2DE3AB447EE7FA944D65657C0F8F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a342ee1c-79f2-4610-aabe-f45e1000e636.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 158.138.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:4b:44:91:48:7b:2d:e3:ab:44:7e:e7:fa:94:4d:65:65:7c:0f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=ec0a744cdd5525d1fa5d94e6d02332195f398c7c75839abe26c1adac8991761b, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:24:75:64:7b:cc:22:46:ff:c6:71:d1:99:64:
77:84:3c:de:38:8c:d7:6a:05:46:26:ae:59:52:62:
e1:81:62:a7:71:cb:94:9d:f1:fb:e5:91:ec:6e:83:
4b:84:0b:be:ef:57:5e:37:c6:00:68:28:77:f6:65:
51:53:e0:58:4e:e8:1e:e3:4d:c4:1f:57:ae:65:d8:
ef:dc:14:c1:6a:0b:90:8f:d1:b9:1a:5c:66:72:30:
6d:29:ac:ed:3e:fd:d8:76:94:0e:4f:bc:b9:2c:9d:
ea:90:82:5e:28:5a:ce:15:24:27:6b:cc:ae:ad:c7:
92:16:0f:3e:5f:86:d4:5d:0a:21:d4:6e:ab:ed:28:
3b:d7:e9:8b:73:0e:06:97:7f:37:9b:5f:2e:d2:c7:
ff:87:bb:02:10:5a:df:e6:4b:dd:24:39:d8:59:16:
96:5d:cd:0d:28:69:a3:9e:d8:69:46:4c:e6:b0:08:
dc:ea:95:07:62:80:d1:6b:df:bd:67:a7:8f:29:ea:
34:7c:9b:fe:07:85:2a:c2:3e:aa:bb:6f:2c:64:3c:
45:8d:7f:05:e9:00:52:80:a5:34:3e:c1:6d:b2:6d:
54:84:04:9c:16:81:e6:7f:ab:67:20:35:9b:fb:f3:
02:14:a4:2f:67:6a:6e:16:ae:63:21:be:40:ac:e9:
76:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BF:3F:A6:7C:E6:DF:AC:D8:B4:93:A5:2C:3A:78:43:D1:53:8B:58
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a342ee1c-79f2-4610-aabe-f45e1000e636.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.138.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:e2:73:91:fe:4b:5d:70:3b:c7:6e:b8:6c:52:f3:ae:97:14:
1c:c0:f4:ab:e3:5a:04:aa:bd:a4:b8:c8:f4:cd:fa:44:f6:e8:
c7:73:d1:c0:63:45:84:dc:27:75:51:f8:58:4f:a5:e2:ae:7a:
dd:fc:c6:83:e2:30:2d:db:5a:5d:c0:03:af:66:a1:10:f2:71:
b6:43:22:5b:78:8a:50:dd:7b:a2:12:56:cc:02:d1:e9:28:d4:
26:86:c3:da:f5:d4:df:3c:6a:07:e7:15:4c:17:c7:34:2e:b9:
db:14:45:f3:04:73:38:d3:63:a3:8f:d1:9c:af:ed:59:ee:e9:
8b:e6:44:f8:18:9e:f1:42:c7:52:9f:16:5d:ee:54:60:22:16:
72:7e:a4:65:06:62:4d:d1:c9:5e:14:58:1f:c8:c6:48:64:bc:
d3:66:51:79:1f:ef:28:92:68:11:0c:c0:65:bb:26:4b:98:26:
03:ca:41:83:63:31:ed:0b:ab:4c:96:8d:3d:c1:dd:2f:51:06:
85:cc:01:9f:fb:3c:bb:96:78:d9:a5:fd:ea:b5:b4:0a:e1:39:
ee:8b:21:92:b5:97:54:19:ac:f0:ac:06:66:ce:d2:43:58:af:
61:93:26:09:d7:f8:50:2a:68:e1:db:98:39:59:0e:5b:bf:20:
0d:ee:aa:b9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaktEkUh7LeOrRH7n+pRNZWV8D48wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYzBhNzQ0Y2RkNTUyNWQxZmE1ZDk0ZTZkMDIzMzIxOTVm
Mzk4YzdjNzU4MzlhYmUyNmMxYWRhYzg5OTE3NjFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnJHVke8wiRv/GcdGZZHeEPN44jNdqBUYmrllSYuGBYqdx
y5Sd8fvlkexug0uEC77vV143xgBoKHf2ZVFT4FhO6B7jTcQfV65l2O/cFMFqC5CP
0bkaXGZyMG0prO0+/dh2lA5PvLksneqQgl4oWs4VJCdrzK6tx5IWDz5fhtRdCiHU
bqvtKDvX6YtzDgaXfzebXy7Sx/+HuwIQWt/mS90kOdhZFpZdzQ0oaaOe2GlGTOaw
CNzqlQdigNFr371np48p6jR8m/4HhSrCPqq7byxkPEWNfwXpAFKApTQ+wW2ybVSE
BJwWgeZ/q2cgNZv78wIUpC9nam4WrmMhvkCs6XZvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQb8/pnzm36zYtJOlLDp4Q9FTi1gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EzNDJlZTFjLTc5ZjItNDYxMC1hYWJlLWY0NWUxMDAwZTYzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCeijANBgkqhkiG9w0BAQsFAAOCAQEAveJzkf5LXXA7x264bFLzrpcUHMD0
q+NaBKq9pLjI9M36RPbox3PRwGNFhNwndVH4WE+l4q563fzGg+IwLdtaXcADr2ah
EPJxtkMiW3iKUN17ohJWzALR6SjUJobD2vXU3zxqB+cVTBfHNC652xRF8wRzONNj
o4/RnK/tWe7pi+ZE+Bie8ULHUp8WXe5UYCIWcn6kZQZiTdHJXhRYH8jGSGS802ZR
eR/vKJJoEQzAZbsmS5gmA8pBg2Mx7QurTJaNPcHdL1EGhcwBn/s8u5Z42aX96rW0
CuE57oshkrWXVBms8KwGZs7SQ1ivYZMmCdf4UCpo4duYOVkOW78gDe6quQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:01:52 2025 by rpki-client