Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b157ff1f-8fb4-4e3a-a6e3-09d40f8bc5a7.roa
File: b157ff1f-8fb4-4e3a-a6e3-09d40f8bc5a7.roa (raw, json)
Hash identifier: Wdu5Wt1SVKSox3buXKhEMOdopqRGzKZvoH9kcvjwUYQ=
Subject key identifier: CE:91:75:4A:36:6C:A2:F3:4C:C6:B2:BE:00:0B:CD:63:F9:06:04:86
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 38A1BC83BF2DDC79FB9FB2E45479335084648558
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b157ff1f-8fb4-4e3a-a6e3-09d40f8bc5a7.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 54.20.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:a1:bc:83:bf:2d:dc:79:fb:9f:b2:e4:54:79:33:50:84:64:85:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=acdc3401401f3195f77b26180710e5f4d03068672627c2ede0f88501f1673124, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:ad:53:c7:9c:31:b3:48:06:dd:e6:45:28:
d7:36:07:90:9e:05:28:0c:bf:6c:4a:49:12:c5:6b:
3a:49:27:59:92:93:00:79:c8:d9:fe:c4:69:c0:36:
07:5e:17:8a:45:3d:ef:49:70:eb:32:cc:0b:a1:04:
9f:65:54:ca:e1:90:1c:61:fd:43:9b:e0:38:08:bf:
27:18:53:6b:2a:d7:b3:f2:ad:6f:44:35:ac:6c:d3:
74:9d:12:3c:ff:23:f1:0b:6b:9d:39:1e:9e:f3:19:
71:43:dd:ef:ca:e1:b8:61:80:e6:d2:da:f5:b2:69:
c5:b0:08:25:fc:36:e2:90:86:b8:42:27:da:83:70:
ee:b9:f4:9d:27:08:b9:1d:55:0d:b7:7e:b2:c5:05:
7b:c0:28:9b:d7:9c:51:9d:d0:8a:f5:95:15:b0:5b:
26:86:27:20:56:84:97:9f:82:7e:8b:e4:03:ea:7d:
46:4c:86:13:e3:7a:08:35:4a:19:14:1e:77:5e:2e:
de:b0:4a:46:77:40:14:53:43:16:30:84:55:38:a1:
58:fe:43:52:37:e7:c3:9e:14:51:2c:5c:e6:49:33:
14:bb:98:c2:4c:0d:de:7d:6f:0d:27:5d:53:61:eb:
9a:f0:84:61:0a:70:83:73:d0:73:51:55:46:2e:a6:
9d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:91:75:4A:36:6C:A2:F3:4C:C6:B2:BE:00:0B:CD:63:F9:06:04:86
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b157ff1f-8fb4-4e3a-a6e3-09d40f8bc5a7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
54.20.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c0:4d:06:bc:31:7c:82:64:d5:20:d3:e7:8d:e2:af:77:28:66:
d0:ac:34:1a:03:26:d4:92:77:56:a9:3b:54:78:c3:4f:72:70:
25:15:39:40:0d:bf:11:29:d4:a4:82:40:3a:bc:b9:ac:01:34:
57:bf:72:b9:a7:9a:e9:92:f7:c2:f4:3c:38:2d:b1:13:8f:86:
3b:99:a4:07:ca:03:6b:57:a6:80:f7:d6:8d:23:55:27:b8:17:
f6:c9:70:88:9e:b4:46:7e:7d:93:f3:43:cc:c5:bd:6f:27:2f:
a1:8a:48:f4:7a:e4:e8:05:29:a8:22:05:8f:ec:7f:cd:69:82:
33:90:32:f2:e8:4a:0a:c0:c3:f5:87:86:dd:28:a9:b4:ad:d1:
48:a1:04:26:b5:2b:d3:00:03:78:42:c7:0c:a1:1d:af:e1:ae:
9e:f8:50:97:8f:19:8c:db:6b:d3:0a:fe:e4:4e:45:24:f2:43:
a3:fc:bf:80:ed:46:39:d2:bf:ee:cf:37:79:21:fe:1c:36:18:
9d:5a:e6:f8:3f:85:87:48:c3:eb:2b:48:70:5f:4d:02:e3:ce:
6e:a2:c1:d0:3d:ee:5f:77:97:d1:6f:34:30:75:a5:85:b8:22:
09:82:10:31:ef:bb:38:a8:55:53:8a:25:fb:08:6d:0f:5f:02:
3c:96:f6:0d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOKG8g78t3Hn7n7LkVHkzUIRkhVgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2RjMzQwMTQwMWYzMTk1Zjc3YjI2MTgwNzEwZTVmNGQw
MzA2ODY3MjYyN2MyZWRlMGY4ODUwMWYxNjczMTI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGja1Tx5wxs0gG3eZFKNc2B5CeBSgMv2xKSRLFazpJJ1mS
kwB5yNn+xGnANgdeF4pFPe9JcOsyzAuhBJ9lVMrhkBxh/UOb4DgIvycYU2sq17Py
rW9ENaxs03SdEjz/I/ELa505Hp7zGXFD3e/K4bhhgObS2vWyacWwCCX8NuKQhrhC
J9qDcO659J0nCLkdVQ23frLFBXvAKJvXnFGd0Ir1lRWwWyaGJyBWhJefgn6L5APq
fUZMhhPjegg1ShkUHndeLt6wSkZ3QBRTQxYwhFU4oVj+Q1I358OeFFEsXOZJMxS7
mMJMDd59bw0nXVNh65rwhGEKcINz0HNRVUYupp09AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzpF1SjZsovNMxrK+AAvNY/kGBIYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IxNTdmZjFmLThmYjQtNGUzYS1hNmUzLTA5ZDQwZjhiYzVhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2FDANBgkqhkiG9w0BAQsFAAOCAQEAwE0GvDF8gmTVINPnjeKvdyhm0Kw0
GgMm1JJ3Vqk7VHjDT3JwJRU5QA2/ESnUpIJAOry5rAE0V79yuaea6ZL3wvQ8OC2x
E4+GO5mkB8oDa1emgPfWjSNVJ7gX9slwiJ60Rn59k/NDzMW9bycvoYpI9Hrk6AUp
qCIFj+x/zWmCM5Ay8uhKCsDD9YeG3SiptK3RSKEEJrUr0wADeELHDKEdr+GunvhQ
l48ZjNtr0wr+5E5FJPJDo/y/gO1GOdK/7s83eSH+HDYYnVrm+D+Fh0jD6ytIcF9N
AuPObqLB0D3uX3eX0W80MHWlhbgiCYIQMe+7OKhVU4ol+whtD18CPJb2DQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:41:35 2025 by rpki-client