Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b237239e-c1ea-462c-94ce-5a18f99f3fbe.roa
File: b237239e-c1ea-462c-94ce-5a18f99f3fbe.roa (raw, json)
Hash identifier: gwESUdAlsqzFd/iLx9MxfFS5EbFiuRup+9q6tob6Z98=
Subject key identifier: 42:24:79:F9:54:07:CB:76:27:10:F4:76:B9:F8:46:0E:1B:2A:6C:1F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 051C48A1B1FB10D6B5DF3905504982858E71032F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b237239e-c1ea-462c-94ce-5a18f99f3fbe.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 96.0.36.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:1c:48:a1:b1:fb:10:d6:b5:df:39:05:50:49:82:85:8e:71:03:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=7b4fd6ead1ea51a7843f7087472c0afc87a876ef9e5cd0eaa992de819f4e3283, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:18:fc:1c:15:67:db:dc:14:99:ae:9a:30:
8f:9f:fa:3e:5c:5e:9f:d0:66:23:1b:01:0d:b9:69:
6e:a9:3b:df:1d:bf:c8:ae:3f:1c:27:8e:eb:77:a6:
dc:b2:cc:0b:13:a3:9c:62:cd:30:2f:90:f2:6e:a0:
12:f6:55:3a:ff:36:f1:a9:5b:b2:d7:75:64:65:fa:
49:18:f2:12:7e:f5:78:50:ee:c0:e9:1d:2d:28:eb:
ac:cf:a4:1d:ce:ae:a0:f0:e4:82:2d:88:29:b0:85:
a6:28:aa:f4:db:d2:a4:75:c0:f2:b3:1e:12:c3:31:
ee:cc:d2:fe:fc:76:ca:bc:18:67:8d:f7:6a:f1:86:
1c:82:44:6d:e0:82:0d:90:e9:55:fa:a1:c2:66:19:
a8:f3:13:8c:68:93:df:7e:6a:61:d7:c9:69:93:30:
6a:97:23:4a:5c:50:4d:48:b1:ee:c4:2a:e0:ca:fe:
3b:d1:cf:ba:11:83:d9:fa:1d:14:14:84:de:76:82:
0d:75:5b:01:18:ff:3c:36:f8:74:40:34:9e:ad:d6:
f0:a9:6b:8f:a7:71:bf:9e:eb:b6:1e:86:64:a8:9b:
f7:0b:b6:e3:20:b0:94:87:5e:73:84:a5:02:4b:bc:
04:06:97:bc:aa:cc:8b:c0:d9:f3:09:d3:b5:5c:91:
19:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:24:79:F9:54:07:CB:76:27:10:F4:76:B9:F8:46:0E:1B:2A:6C:1F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b237239e-c1ea-462c-94ce-5a18f99f3fbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.0.36.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:f9:8e:cc:4c:ab:64:e1:c0:98:2f:6d:6b:f4:dd:47:5c:35:
72:11:bc:f0:ed:b9:8c:68:7e:a0:5f:25:f1:d0:c2:a7:f0:65:
76:8b:9d:96:82:9d:06:30:7f:75:b0:43:56:54:db:bf:3b:de:
17:35:72:d4:1b:d0:22:64:00:bc:ce:cd:48:02:dc:21:ba:01:
81:4f:71:a4:67:4c:da:8c:72:ce:8e:2c:1d:85:7d:dc:23:d8:
d1:36:2f:27:68:75:db:87:32:24:b6:07:df:17:25:2e:c4:a4:
1a:39:cc:77:c5:4a:57:1b:d7:ac:bc:9b:0d:3c:2d:5f:e0:2e:
dd:56:00:7d:6a:aa:59:0a:ee:a8:c4:8d:65:37:99:b6:f9:7e:
5c:98:8c:e9:47:6b:77:97:8d:09:5d:3d:41:9f:58:df:a1:69:
3e:40:89:b0:d7:af:22:61:98:0a:24:43:3a:69:51:f5:83:2d:
d8:db:fc:cb:1a:72:9a:97:40:a4:45:6c:ca:8c:30:02:f3:a4:
a4:61:81:ae:34:1e:ad:04:c3:e6:07:3d:51:be:ce:fb:76:b3:
56:ae:34:b8:6e:cd:3d:15:ca:3e:66:cd:1b:ab:14:4e:41:30:
5a:9d:f6:05:1f:4f:d0:0e:ec:a3:5d:cd:b1:b6:0e:c8:94:30:
2a:0b:50:c3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBRxIobH7ENa13zkFUEmChY5xAy8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YjRmZDZlYWQxZWE1MWE3ODQzZjcwODc0NzJjMGFmYzg3
YTg3NmVmOWU1Y2QwZWFhOTkyZGU4MTlmNGUzMjgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6chj8HBVn29wUma6aMI+f+j5cXp/QZiMbAQ25aW6pO98d
v8iuPxwnjut3ptyyzAsTo5xizTAvkPJuoBL2VTr/NvGpW7LXdWRl+kkY8hJ+9XhQ
7sDpHS0o66zPpB3OrqDw5IItiCmwhaYoqvTb0qR1wPKzHhLDMe7M0v78dsq8GGeN
92rxhhyCRG3ggg2Q6VX6ocJmGajzE4xok99+amHXyWmTMGqXI0pcUE1Ise7EKuDK
/jvRz7oRg9n6HRQUhN52gg11WwEY/zw2+HRANJ6t1vCpa4+ncb+e67YehmSom/cL
tuMgsJSHXnOEpQJLvAQGl7yqzIvA2fMJ07VckRnfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQiR5+VQHy3YnEPR2ufhGDhsqbB8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IyMzcyMzllLWMxZWEtNDYyYy05NGNlLTVhMThmOTlmM2ZiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJgACQwDQYJKoZIhvcNAQELBQADggEBAMr5jsxMq2ThwJgvbWv03UdcNXIR
vPDtuYxofqBfJfHQwqfwZXaLnZaCnQYwf3WwQ1ZU27873hc1ctQb0CJkALzOzUgC
3CG6AYFPcaRnTNqMcs6OLB2Ffdwj2NE2LydodduHMiS2B98XJS7EpBo5zHfFSlcb
16y8mw08LV/gLt1WAH1qqlkK7qjEjWU3mbb5flyYjOlHa3eXjQldPUGfWN+haT5A
ibDXryJhmAokQzppUfWDLdjb/MsacpqXQKRFbMqMMALzpKRhga40Hq0Ew+YHPVG+
zvt2s1auNLhuzT0Vyj5mzRurFE5BMFqd9gUfT9AO7KNdzbG2DsiUMCoLUMM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:18:20 2025 by rpki-client