Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b57d81cf-a729-4905-b012-b8d293094c5b.roa
File: b57d81cf-a729-4905-b012-b8d293094c5b.roa (raw, json)
Hash identifier: dMf9b9Kg6S/7C6lcvXr+1klCZO8PPZAsbgJ2u3EogZ0=
Subject key identifier: C5:9C:6C:5F:98:03:32:BA:AF:74:10:17:63:6E:A4:79:10:E8:17:29
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7DD8DD85AF9CE705535C252982918A3ADDCF74A4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b57d81cf-a729-4905-b012-b8d293094c5b.roa
Signing time: Wed 11 Dec 2024 00:00:00 +0000
ROA not before: Wed 11 Dec 2024 00:00:00 +0000
ROA not after: Wed 15 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 136.18.254.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:d8:dd:85:af:9c:e7:05:53:5c:25:29:82:91:8a:3a:dd:cf:74:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 11 00:00:00 2024 GMT
Not After : Jan 15 23:59:59 2025 GMT
Subject: serialNumber=0ee46d8d30926ec9c32ea2674692be752e610d78589fe97f322a7030ed9d04f9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:49:0d:12:75:17:81:27:50:ac:cf:96:7a:b6:
0a:b0:a4:da:4c:b3:be:25:e9:cd:33:87:ba:5e:8f:
9a:4d:5a:f5:ef:be:de:f8:b3:c4:70:6c:60:12:a0:
17:3b:54:02:16:3c:43:3c:36:48:ac:64:cb:6f:c1:
ea:2c:cc:5c:b8:99:60:db:9c:35:43:18:b2:2c:b8:
8b:c2:8c:6b:12:6d:5e:05:70:a3:f0:be:11:b6:7c:
6e:58:ab:74:2c:5b:9b:06:69:4a:40:15:cd:c1:7f:
30:ac:ae:e2:9c:c0:5c:0c:2d:6a:a0:17:6a:c2:35:
e6:8b:83:fe:2e:ed:39:10:bc:45:da:be:0c:7d:71:
b0:cb:b7:b4:a9:90:8e:1b:b9:c1:11:90:05:69:5d:
44:3b:8a:95:7a:e4:4c:49:df:34:72:cd:12:94:3d:
15:13:3d:c6:88:b8:69:f8:b9:fa:2f:f9:2d:df:b6:
fa:5e:c2:44:32:4f:99:12:d3:1c:80:62:e1:eb:65:
2d:2f:92:b1:dc:99:44:74:bb:51:dc:cb:3a:57:52:
36:7f:4b:6c:e0:b0:f9:dd:84:2c:ff:5e:6d:5a:47:
13:7f:ff:c9:ae:58:98:72:0e:cd:b8:72:a1:fa:e5:
d1:2c:c2:32:33:84:3b:07:c5:42:c5:7b:1e:10:26:
09:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9C:6C:5F:98:03:32:BA:AF:74:10:17:63:6E:A4:79:10:E8:17:29
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b57d81cf-a729-4905-b012-b8d293094c5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.254.0/23
Signature Algorithm: sha256WithRSAEncryption
49:f2:bd:66:d5:59:b9:f7:7d:4e:03:93:18:10:a8:36:24:8d:
ec:ef:be:4d:aa:76:16:35:8a:bf:aa:03:bc:da:66:83:b4:32:
37:34:ed:f6:d5:b9:c5:b8:3e:d6:7b:07:a2:2f:79:9b:fa:5e:
32:9a:20:fc:c7:a0:da:7b:27:24:27:d1:34:d8:a3:d5:85:d4:
de:18:21:2b:32:e1:bd:f9:ad:89:ff:eb:8a:40:f7:31:5d:21:
c0:62:d0:b2:be:ef:df:2f:bc:f6:a0:46:d6:58:13:21:96:8f:
ae:e7:bc:fe:56:b0:d9:53:1f:49:bb:ba:cb:6c:47:5d:1e:7b:
b4:e6:b7:a2:ed:32:3c:8e:f7:01:56:07:a8:77:95:5c:4d:44:
49:cd:ab:10:53:8c:de:ca:c8:c4:91:87:d1:86:29:e9:8b:d4:
a8:25:05:ab:9d:f2:04:36:21:6d:86:70:9c:25:14:79:4e:b4:
41:58:62:ce:bf:44:df:57:2b:c7:63:c1:ea:58:ee:98:a6:b9:
c7:dc:b7:3b:a5:00:ad:0e:17:30:55:e6:c5:ba:b2:e5:dc:22:
b5:cc:62:66:05:c5:a0:da:7a:b5:d5:ea:8b:91:ee:b4:ec:4e:
7d:43:cc:92:51:ca:6b:ea:40:b7:5d:94:9b:d6:2e:ac:82:3e:
ba:2c:07:af
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfdjdha+c5wVTXCUpgpGKOt3PdKQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjExMDAwMDAwWhcNMjUwMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZWU0NmQ4ZDMwOTI2ZWM5YzMyZWEyNjc0NjkyYmU3NTJl
NjEwZDc4NTg5ZmU5N2YzMjJhNzAzMGVkOWQwNGY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtSQ0SdReBJ1Csz5Z6tgqwpNpMs74l6c0zh7pej5pNWvXv
vt74s8RwbGASoBc7VAIWPEM8NkisZMtvweoszFy4mWDbnDVDGLIsuIvCjGsSbV4F
cKPwvhG2fG5Yq3QsW5sGaUpAFc3BfzCsruKcwFwMLWqgF2rCNeaLg/4u7TkQvEXa
vgx9cbDLt7SpkI4bucERkAVpXUQ7ipV65ExJ3zRyzRKUPRUTPcaIuGn4ufov+S3f
tvpewkQyT5kS0xyAYuHrZS0vkrHcmUR0u1HcyzpXUjZ/S2zgsPndhCz/Xm1aRxN/
/8muWJhyDs24cqH65dEswjIzhDsHxULFex4QJgkTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxZxsX5gDMrqvdBAXY26keRDoFykwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I1N2Q4MWNmLWE3MjktNDkwNS1iMDEyLWI4ZDI5MzA5NGM1Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGIEv4wDQYJKoZIhvcNAQELBQADggEBAEnyvWbVWbn3fU4DkxgQqDYkjezv
vk2qdhY1ir+qA7zaZoO0Mjc07fbVucW4PtZ7B6IveZv6XjKaIPzHoNp7JyQn0TTY
o9WF1N4YISsy4b35rYn/64pA9zFdIcBi0LK+798vvPagRtZYEyGWj67nvP5WsNlT
H0m7ustsR10ee7Tmt6LtMjyO9wFWB6h3lVxNREnNqxBTjN7KyMSRh9GGKemL1Kgl
Baud8gQ2IW2GcJwlFHlOtEFYYs6/RN9XK8djwepY7pimucfctzulAK0OFzBV5sW6
suXcIrXMYmYFxaDaerXV6ouR7rTsTn1DzJJRymvqQLddlJvWLqyCProsB68=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:30:59 2025 by rpki-client