Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b42d78ea-c64c-43b0-96f1-a5dcd64278d0.roa
File: b42d78ea-c64c-43b0-96f1-a5dcd64278d0.roa (raw, json)
Hash identifier: WdBMG7uXDRBCABb2x4jtrmZclNcTbttBdLK5dIPM/II=
Subject key identifier: BD:C9:48:19:65:E4:9B:25:FD:D8:FC:FF:E3:CD:06:B4:61:C5:7F:AB
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 157CB2657D38EA87923B4486BE72E9EA49470141
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b42d78ea-c64c-43b0-96f1-a5dcd64278d0.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f36:a400::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:7c:b2:65:7d:38:ea:87:92:3b:44:86:be:72:e9:ea:49:47:01:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=4300c04fccf3b346b85deb0b2b1ea9f9f1700a419757b85d90d315fcae33e3c7, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8b:a0:1c:2e:05:51:0a:be:a8:22:d4:ae:a6:
9a:ce:e5:5d:6a:c0:ad:86:e1:cd:2c:e1:1e:50:5f:
c5:58:2f:b2:b8:a7:37:fb:8f:13:5f:cd:c8:1f:f5:
ff:68:5e:59:f3:16:c5:be:eb:39:6c:0f:e2:33:4d:
1f:d8:f7:ff:9e:1e:89:7f:7e:36:bb:b4:92:d5:91:
98:b7:1e:4f:99:f2:25:d6:37:70:27:88:60:49:f9:
86:d2:d3:8f:c0:c3:55:0b:0a:dd:6d:38:7b:20:23:
63:34:4d:4a:e1:9b:5f:64:b7:f7:26:a6:e1:82:27:
8b:5f:92:83:e1:55:01:4d:8e:e5:81:e4:71:88:e6:
08:d7:a2:1c:05:fa:28:16:ae:9e:6d:51:5b:74:57:
30:4d:c8:4b:b4:d0:39:8c:10:7b:5b:b9:cd:d7:60:
96:a5:bc:d7:d9:58:8c:05:e8:24:67:5e:b5:59:79:
24:5e:e9:d3:68:2f:ed:c1:bf:0c:e9:b1:46:d0:e9:
e7:fb:f3:e0:92:a9:41:be:30:8c:a5:42:1b:68:73:
64:fc:80:fb:a4:66:53:34:fd:9e:40:03:ee:cb:41:
da:ee:40:2e:28:eb:1e:3a:39:82:71:63:13:b1:50:
89:6e:ca:3c:30:49:df:90:7a:1c:b6:92:ac:d0:fe:
5f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C9:48:19:65:E4:9B:25:FD:D8:FC:FF:E3:CD:06:B4:61:C5:7F:AB
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b42d78ea-c64c-43b0-96f1-a5dcd64278d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f36:a400::/40
Signature Algorithm: sha256WithRSAEncryption
0d:34:78:8d:38:5d:81:1e:81:89:a9:86:d1:b4:47:12:2b:ba:
13:1f:7b:6f:6c:b9:eb:ca:49:5d:ff:61:b9:2d:72:07:25:88:
1f:af:c9:0f:af:96:ad:0f:79:b0:0f:74:9e:63:e6:65:9c:90:
3d:b6:45:d3:4d:8a:60:56:d3:d4:9d:f2:8b:f9:78:5e:e1:f0:
5d:7a:03:4f:f9:04:30:40:6f:e1:6f:06:36:a0:d0:92:67:1a:
ca:d8:d8:61:fa:d6:06:15:d7:79:e1:28:a2:1f:63:95:51:10:
46:92:e7:dd:ae:e2:5e:f6:cb:b6:48:36:f7:a3:45:10:cb:1d:
7e:3e:f2:f2:cc:b8:70:85:13:b7:bf:6c:80:56:91:80:c5:c1:
34:33:b8:47:ee:ce:56:a1:49:8f:26:0d:32:b1:28:d2:b6:d7:
1c:91:85:c2:ce:14:1c:c5:f2:71:7b:01:a0:40:fd:53:04:7a:
e6:47:9e:37:bf:f2:81:90:75:d1:24:3f:56:bf:be:55:b6:f5:
bb:ec:f5:24:92:3e:4a:2f:28:a2:6b:fd:0a:84:a5:29:29:d4:
36:c2:b4:e3:d8:d2:12:2a:d8:f9:c2:d9:08:fb:4f:45:b0:99:
b6:95:76:3c:03:94:c7:a6:98:e9:95:2d:ce:88:44:e3:94:0b:
09:cd:fa:e8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUFXyyZX046oeSO0SGvnLp6klHAUEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MzAwYzA0ZmNjZjNiMzQ2Yjg1ZGViMGIyYjFlYTlmOWYx
NzAwYTQxOTc1N2I4NWQ5MGQzMTVmY2FlMzNlM2M3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRi6AcLgVRCr6oItSupprO5V1qwK2G4c0s4R5QX8VYL7K4
pzf7jxNfzcgf9f9oXlnzFsW+6zlsD+IzTR/Y9/+eHol/fja7tJLVkZi3Hk+Z8iXW
N3AniGBJ+YbS04/Aw1ULCt1tOHsgI2M0TUrhm19kt/cmpuGCJ4tfkoPhVQFNjuWB
5HGI5gjXohwF+igWrp5tUVt0VzBNyEu00DmMEHtbuc3XYJalvNfZWIwF6CRnXrVZ
eSRe6dNoL+3BvwzpsUbQ6ef78+CSqUG+MIylQhtoc2T8gPukZlM0/Z5AA+7LQdru
QC4o6x46OYJxYxOxUIluyjwwSd+Qehy2kqzQ/l/FAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUvclIGWXkmyX92Pz/480GtGHFf6swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0MmQ3OGVhLWM2NGMtNDNiMC05NmYxLWE1ZGNkNjQyNzhkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB82pDANBgkqhkiG9w0BAQsFAAOCAQEADTR4jThdgR6BiamG0bRHEiu6
Ex97b2y568pJXf9huS1yByWIH6/JD6+WrQ95sA90nmPmZZyQPbZF002KYFbT1J3y
i/l4XuHwXXoDT/kEMEBv4W8GNqDQkmcaytjYYfrWBhXXeeEooh9jlVEQRpLn3a7i
XvbLtkg296NFEMsdfj7y8sy4cIUTt79sgFaRgMXBNDO4R+7OVqFJjyYNMrEo0rbX
HJGFws4UHMXycXsBoED9UwR65keeN7/ygZB10SQ/Vr++Vbb1u+z1JJI+Si8oomv9
CoSlKSnUNsK049jSEirY+cLZCPtPRbCZtpV2PAOUx6aY6ZUtzohE45QLCc366A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:40:45 2025 by rpki-client