Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b81060e5-f65f-44ba-8885-bfb33a08f8ed.roa
File: b81060e5-f65f-44ba-8885-bfb33a08f8ed.roa (raw, json)
Hash identifier: M+p+9dObOJWXXtKm1Yyfh2rDkxMVm3Gv4d7WdfGZ7zI=
Subject key identifier: F2:36:77:E6:91:11:17:CA:AC:D7:13:F5:7A:1B:7D:94:33:8E:9E:B3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3D38C45EF3F8B77EB70B63903B88C191126EF9E4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b81060e5-f65f-44ba-8885-bfb33a08f8ed.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 66.221.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:38:c4:5e:f3:f8:b7:7e:b7:0b:63:90:3b:88:c1:91:12:6e:f9:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=8828999c8144316721c69e914ecff34c293740b82d105b8bbc17215e5c57bb84, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:41:94:8f:54:13:9e:00:37:cc:c1:82:c9:29:
71:cb:d2:ea:f3:b4:8e:43:1c:0a:6b:80:14:b1:31:
a4:26:14:27:59:13:98:1f:34:1e:52:4f:38:fc:af:
bf:42:95:af:96:e2:7a:23:d0:c7:c3:7b:07:70:9d:
a5:01:5c:85:e8:6d:75:a7:0d:cb:22:72:dd:38:b2:
cf:ed:a9:38:73:50:f4:e1:1e:7a:e6:62:61:f4:16:
fe:48:81:82:db:57:64:95:ff:b4:c3:62:a2:8c:51:
19:79:cd:be:ac:c6:7e:25:93:18:15:14:c2:09:11:
05:06:00:3b:76:85:96:eb:43:40:3b:8b:a1:46:20:
6f:36:31:89:ee:f3:ea:2d:eb:ca:64:2d:34:45:86:
06:93:37:19:d6:03:23:65:9d:92:81:e9:82:a8:1d:
ef:3d:2d:23:96:6c:55:af:0f:fe:09:e2:eb:e0:71:
53:b4:60:d8:da:f4:70:3f:bc:0c:88:08:03:6a:3a:
a7:0e:82:49:0d:66:76:b7:8d:30:47:13:86:6c:27:
aa:1a:ca:44:0d:06:04:cb:06:33:47:47:dd:ad:b7:
28:80:6c:d8:7b:33:96:a5:83:ef:32:f2:ba:5c:aa:
d0:28:a0:f4:da:03:f5:92:e6:6a:96:0a:c9:f2:6a:
7f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:36:77:E6:91:11:17:CA:AC:D7:13:F5:7A:1B:7D:94:33:8E:9E:B3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b81060e5-f65f-44ba-8885-bfb33a08f8ed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.221.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:4f:44:82:3c:2e:12:79:d5:83:19:eb:13:d6:38:aa:65:47:
27:b4:3b:cc:2c:49:c5:26:1f:78:70:89:62:d2:17:25:3d:f4:
3f:fc:73:2b:f6:39:65:01:7d:b9:95:04:8e:c1:d6:7e:3c:6a:
85:9d:35:4a:55:9d:d1:ff:29:41:5c:b3:54:80:f8:2d:b9:0b:
91:ec:fb:21:50:fa:51:3a:f6:ae:a1:d4:4f:76:e7:da:1c:68:
6b:c5:72:bf:ec:aa:b3:cb:f7:8e:25:d6:15:f4:61:3e:c1:d1:
f0:41:53:b3:30:42:70:68:11:5c:45:4a:40:cf:aa:ed:a0:40:
49:ea:67:68:fe:12:fa:d1:b3:82:11:79:0e:08:63:47:de:3b:
27:9e:90:1a:6a:25:bf:27:eb:42:ad:e1:69:77:4e:1f:a1:64:
6a:1b:c4:76:8d:d9:40:d3:d0:7f:2f:c0:e4:db:11:f9:bb:12:
93:63:54:0a:ef:24:67:45:be:b6:7d:d3:01:9c:26:06:81:f0:
11:ee:24:95:d1:06:79:17:c1:99:9e:6f:02:d7:d1:4f:a2:e6:
a1:6a:31:9e:d9:fd:03:65:26:b2:a3:d6:8e:08:11:96:c0:8a:
84:ef:4f:85:87:1c:78:0b:f9:89:1b:c3:06:5b:2f:2c:66:2f:
92:5f:0b:82
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPTjEXvP4t363C2OQO4jBkRJu+eQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ODI4OTk5YzgxNDQzMTY3MjFjNjllOTE0ZWNmZjM0YzI5
Mzc0MGI4MmQxMDViOGJiYzE3MjE1ZTVjNTdiYjg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYQZSPVBOeADfMwYLJKXHL0urztI5DHAprgBSxMaQmFCdZ
E5gfNB5STzj8r79Cla+W4noj0MfDewdwnaUBXIXobXWnDcsict04ss/tqThzUPTh
HnrmYmH0Fv5IgYLbV2SV/7TDYqKMURl5zb6sxn4lkxgVFMIJEQUGADt2hZbrQ0A7
i6FGIG82MYnu8+ot68pkLTRFhgaTNxnWAyNlnZKB6YKoHe89LSOWbFWvD/4J4uvg
cVO0YNja9HA/vAyICANqOqcOgkkNZna3jTBHE4ZsJ6oaykQNBgTLBjNHR92ttyiA
bNh7M5alg+8y8rpcqtAooPTaA/WS5mqWCsnyan/dAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8jZ35pERF8qs1xP1eht9lDOOnrMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4MTA2MGU1LWY2NWYtNDRiYS04ODg1LWJmYjMzYTA4ZjhlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBC3TANBgkqhkiG9w0BAQsFAAOCAQEAfU9EgjwuEnnVgxnrE9Y4qmVHJ7Q7
zCxJxSYfeHCJYtIXJT30P/xzK/Y5ZQF9uZUEjsHWfjxqhZ01SlWd0f8pQVyzVID4
LbkLkez7IVD6UTr2rqHUT3bn2hxoa8Vyv+yqs8v3jiXWFfRhPsHR8EFTszBCcGgR
XEVKQM+q7aBASepnaP4S+tGzghF5DghjR947J56QGmolvyfrQq3haXdOH6FkahvE
do3ZQNPQfy/A5NsR+bsSk2NUCu8kZ0W+tn3TAZwmBoHwEe4kldEGeRfBmZ5vAtfR
T6LmoWoxntn9A2UmsqPWjggRlsCKhO9PhYcceAv5iRvDBlsvLGYvkl8Lgg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:39:46 2025 by rpki-client