Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa78435d-ccc3-419b-a696-96aa33c228c4.roa
File: aa78435d-ccc3-419b-a696-96aa33c228c4.roa (raw, json)
Hash identifier: REEtOg7eEvT6LNqVnKqTSaNjF03CEosp7wfrScTx180=
Subject key identifier: 97:E3:0A:05:A3:EE:45:FA:09:9A:AC:B4:8F:91:90:BF:0C:DE:93:2A
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 268D915BC95C923D2F8E9555003E3D708B4023F0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa78435d-ccc3-419b-a696-96aa33c228c4.roa
Signing time: Thu 26 Dec 2024 00:00:00 +0000
ROA not before: Thu 26 Dec 2024 00:00:00 +0000
ROA not after: Thu 30 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 74.166.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:8d:91:5b:c9:5c:92:3d:2f:8e:95:55:00:3e:3d:70:8b:40:23:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 26 00:00:00 2024 GMT
Not After : Jan 30 23:59:59 2025 GMT
Subject: serialNumber=d3e0440e53a5f638363d6d46b3e7a956307b7c55e92b191ea8cf7c8f22cdb462, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3b:52:63:04:61:33:e0:d2:b5:bf:0e:36:e8:
9d:be:15:0c:9a:4e:c2:3c:84:8a:8f:bf:c9:47:a2:
0e:9c:a5:62:a4:0d:0a:5c:7c:1a:43:bf:5f:29:b0:
bc:38:a1:a6:49:86:01:7e:a5:40:b6:54:28:3c:0e:
59:6b:00:b2:c7:b0:39:69:71:e4:fd:86:5e:c1:62:
42:44:8c:1e:db:52:f1:93:1b:e0:0b:c2:82:6f:63:
3f:79:ee:c5:43:4b:b4:f6:ac:12:15:79:2a:3f:6b:
0a:a2:a5:1c:8c:c5:84:bb:d8:6f:54:10:48:28:7f:
97:f8:50:a6:07:af:05:78:0e:1b:82:29:d2:b5:60:
35:1f:2d:d1:17:ce:27:42:4f:3b:ed:ae:b1:32:34:
1a:e9:0f:f5:ee:2e:3f:47:79:6c:e6:8a:9f:c9:9b:
94:58:f0:51:43:7b:28:02:ce:74:31:56:be:f0:5f:
c7:cb:27:2e:43:d2:71:55:12:e3:7f:dd:51:2b:0c:
14:6e:0f:72:30:66:82:80:0a:c7:90:b3:91:9c:3a:
91:a5:d3:37:bb:23:a7:2a:52:e0:49:1c:0e:fd:1c:
ff:45:ae:af:ca:3b:ba:f9:5c:4a:ce:7f:10:b7:e5:
58:1e:b1:98:62:6f:92:b4:7e:7d:3b:f8:5d:0e:94:
d2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E3:0A:05:A3:EE:45:FA:09:9A:AC:B4:8F:91:90:BF:0C:DE:93:2A
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa78435d-ccc3-419b-a696-96aa33c228c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.166.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:38:41:39:b6:4e:a4:2a:3c:f6:3e:07:34:13:fa:2b:c0:73:
d3:f9:58:98:3e:f8:f1:de:89:3b:c9:40:c0:d1:fa:a4:aa:d5:
81:6c:5f:fb:84:9a:96:9c:64:40:4f:e4:ea:b8:56:6f:d8:b6:
fb:f1:b9:73:28:9b:c4:a8:29:12:45:bf:9c:96:1d:ae:e1:72:
b5:f9:b6:70:63:09:68:2c:fc:c3:93:3a:73:c5:60:13:52:63:
69:c7:e4:e3:ae:27:f2:de:16:9e:72:6c:eb:08:6a:04:5e:3d:
82:b1:9f:0e:c7:fd:b0:11:6d:e1:d8:3b:bd:3a:4e:2a:27:50:
9a:14:39:c9:18:09:8c:80:26:76:8c:9d:25:76:ac:ba:da:83:
83:75:44:41:84:b4:f0:41:60:12:1b:8f:48:6b:0a:ed:87:47:
f2:a8:5a:ce:3f:ad:cc:8a:ac:ab:2f:b4:b3:7d:59:b3:30:61:
52:56:2e:dd:44:3b:1c:c7:ba:4e:df:26:94:26:f4:a7:90:b7:
5f:fb:4c:0f:b4:d8:57:1f:59:de:f9:48:b9:94:85:18:ed:22:
3d:dc:57:97:a9:dd:46:af:1d:f8:67:f2:b3:4e:20:ee:d7:3f:
2e:47:11:55:ab:aa:fb:26:f8:34:f2:8c:3e:cb:5d:f2:ff:b9:
33:3c:6e:19
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJo2RW8lckj0vjpVVAD49cItAI/AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI2MDAwMDAwWhcNMjUwMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkM2UwNDQwZTUzYTVmNjM4MzYzZDZkNDZiM2U3YTk1NjMw
N2I3YzU1ZTkyYjE5MWVhOGNmN2M4ZjIyY2RiNDYyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXO1JjBGEz4NK1vw426J2+FQyaTsI8hIqPv8lHog6cpWKk
DQpcfBpDv18psLw4oaZJhgF+pUC2VCg8DllrALLHsDlpceT9hl7BYkJEjB7bUvGT
G+ALwoJvYz957sVDS7T2rBIVeSo/awqipRyMxYS72G9UEEgof5f4UKYHrwV4DhuC
KdK1YDUfLdEXzidCTzvtrrEyNBrpD/XuLj9HeWzmip/Jm5RY8FFDeygCznQxVr7w
X8fLJy5D0nFVEuN/3VErDBRuD3IwZoKACseQs5GcOpGl0ze7I6cqUuBJHA79HP9F
rq/KO7r5XErOfxC35VgesZhib5K0fn07+F0OlNIzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUl+MKBaPuRfoJmqy0j5GQvwzekyowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FhNzg0MzVkLWNjYzMtNDE5Yi1hNjk2LTk2YWEzM2MyMjhjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBKpjANBgkqhkiG9w0BAQsFAAOCAQEAkDhBObZOpCo89j4HNBP6K8Bz0/lY
mD748d6JO8lAwNH6pKrVgWxf+4SalpxkQE/k6rhWb9i2+/G5cyibxKgpEkW/nJYd
ruFytfm2cGMJaCz8w5M6c8VgE1Jjacfk464n8t4WnnJs6whqBF49grGfDsf9sBFt
4dg7vTpOKidQmhQ5yRgJjIAmdoydJXasutqDg3VEQYS08EFgEhuPSGsK7YdH8qha
zj+tzIqsqy+0s31ZszBhUlYu3UQ7HMe6Tt8mlCb0p5C3X/tMD7TYVx9Z3vlIuZSF
GO0iPdxXl6ndRq8d+Gfys04g7tc/LkcRVauq+yb4NPKMPstd8v+5MzxuGQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:08:14 2025 by rpki-client