Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a52e7aa4-e000-4192-b992-596e524ca11b.roa
File: a52e7aa4-e000-4192-b992-596e524ca11b.roa (raw, json)
Hash identifier: WDJtCJAtDb1bEm5bm+FaniMuk0bYYEvuXthrdO/dS3M=
Subject key identifier: E9:22:98:F0:74:A4:8F:F0:4A:A0:17:56:C5:8B:B3:9D:8E:CD:42:F7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1ECB32D4477BC441D3B2A968F9B328E3F24C37E6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a52e7aa4-e000-4192-b992-596e524ca11b.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 64.252.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:cb:32:d4:47:7b:c4:41:d3:b2:a9:68:f9:b3:28:e3:f2:4c:37:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=1b9381507aaa59f767245af4b6e3c99c1e984c6d35c0ad15f70f7319371b83c1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:40:e5:89:e2:dc:bf:ef:94:2d:b9:f9:ab:93:
32:ea:db:6c:18:ac:2e:da:b7:48:75:35:cc:83:15:
46:6d:82:65:6e:a0:43:d8:35:66:a7:c2:04:98:bd:
b5:b9:59:07:1e:d2:df:65:16:0f:f9:44:cc:ce:b7:
4f:ff:dc:15:f5:f7:96:20:de:d7:a8:93:3e:a6:84:
68:e2:8b:86:d6:c4:d6:01:3a:33:92:5d:4e:cb:c8:
15:35:6b:3b:96:d7:9b:75:d2:fe:ee:c1:2c:a4:64:
30:f7:54:e3:4d:eb:23:38:2d:51:ab:02:1f:db:7b:
9c:c6:56:0a:07:21:1f:af:27:4f:a0:e6:a6:f6:83:
40:a9:87:f2:fb:3a:74:0e:61:1f:e9:c7:be:e7:2c:
29:a6:53:61:04:4b:c2:bf:e4:f1:8b:de:e3:e9:a5:
84:49:2c:14:56:13:dd:81:d0:19:90:48:24:b0:9c:
58:98:de:e6:ef:ec:f6:4e:80:29:e4:80:5d:52:12:
91:f0:1d:e4:88:cd:c7:88:40:ff:72:46:94:f4:3b:
10:eb:23:3b:4e:0c:e7:91:a9:89:13:6a:d8:2b:30:
35:0b:c5:78:fb:24:cb:c5:f6:ac:04:bf:23:d9:f5:
b7:c8:ca:e0:f8:6b:33:c5:8d:0d:2c:d6:f0:65:88:
75:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:22:98:F0:74:A4:8F:F0:4A:A0:17:56:C5:8B:B3:9D:8E:CD:42:F7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a52e7aa4-e000-4192-b992-596e524ca11b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.252.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:b7:1e:be:27:7d:55:72:3d:0f:25:2e:d7:55:d0:8d:e1:37:
4b:a6:d7:45:30:1d:21:23:4c:51:8d:ea:69:27:7c:f0:4a:96:
92:db:8a:98:6f:bf:cd:7a:71:c4:8b:aa:cc:d1:6e:d1:70:74:
ff:36:d0:73:4c:20:9d:ac:ef:d2:26:d3:d8:f3:18:79:69:2f:
d2:a7:44:58:ff:49:0c:82:2b:e0:1e:c8:81:56:b8:03:0d:59:
cb:a5:e8:f3:39:d5:fd:bc:a1:87:7f:4c:de:8d:69:80:5a:eb:
05:52:f6:61:63:a4:bd:e1:48:59:33:63:52:5f:d4:f2:8d:1a:
26:e5:31:4b:d5:69:81:a1:d0:f4:36:f6:83:1a:ca:71:b2:7d:
40:12:c5:90:21:bc:3f:58:d7:7a:72:b8:30:19:bb:d1:2b:07:
94:be:9d:33:40:aa:24:4b:a6:cd:00:e0:9b:2c:c3:ac:8b:d7:
df:2e:4f:3f:6a:9a:93:e3:15:fa:53:be:b9:bc:c0:51:15:fe:
0e:bb:d2:0f:95:bb:8f:37:cc:9e:2d:4d:af:63:ca:55:5a:bf:
2f:0f:59:ea:7e:92:87:5c:52:5a:6a:82:5a:49:38:7b:b2:f7:
08:1e:5e:14:42:36:09:e6:0d:ce:6c:4d:3b:ec:c6:52:83:30:
f3:f1:b2:f9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHssy1Ed7xEHTsqlo+bMo4/JMN+YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjkzODE1MDdhYWE1OWY3NjcyNDVhZjRiNmUzYzk5YzFl
OTg0YzZkMzVjMGFkMTVmNzBmNzMxOTM3MWI4M2MxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8QOWJ4ty/75QtufmrkzLq22wYrC7at0h1NcyDFUZtgmVu
oEPYNWanwgSYvbW5WQce0t9lFg/5RMzOt0//3BX195Yg3teokz6mhGjii4bWxNYB
OjOSXU7LyBU1azuW15t10v7uwSykZDD3VONN6yM4LVGrAh/be5zGVgoHIR+vJ0+g
5qb2g0Cph/L7OnQOYR/px77nLCmmU2EES8K/5PGL3uPppYRJLBRWE92B0BmQSCSw
nFiY3ubv7PZOgCnkgF1SEpHwHeSIzceIQP9yRpT0OxDrIztODOeRqYkTatgrMDUL
xXj7JMvF9qwEvyPZ9bfIyuD4azPFjQ0s1vBliHU3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6SKY8HSkj/BKoBdWxYuznY7NQvcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1MmU3YWE0LWUwMDAtNDE5Mi1iOTkyLTU5NmU1MjRjYTExYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZA/IAwDQYJKoZIhvcNAQELBQADggEBAEy3Hr4nfVVyPQ8lLtdV0I3hN0um
10UwHSEjTFGN6mknfPBKlpLbiphvv816ccSLqszRbtFwdP820HNMIJ2s79Im09jz
GHlpL9KnRFj/SQyCK+AeyIFWuAMNWcul6PM51f28oYd/TN6NaYBa6wVS9mFjpL3h
SFkzY1Jf1PKNGiblMUvVaYGh0PQ29oMaynGyfUASxZAhvD9Y13pyuDAZu9ErB5S+
nTNAqiRLps0A4Jssw6yL198uTz9qmpPjFfpTvrm8wFEV/g670g+Vu483zJ4tTa9j
ylVavy8PWep+kodcUlpqglpJOHuy9wgeXhRCNgnmDc5sTTvsxlKDMPPxsvk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:47:52 2025 by rpki-client