Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8de5903-75c3-4b38-9703-0f8a73596842.roa
File: b8de5903-75c3-4b38-9703-0f8a73596842.roa (raw, json)
Hash identifier: GxT2A/8Jg4BIsKzPU+LMBdp7S+8JST/qxbBFarQhMao=
Subject key identifier: 95:19:B7:C5:F3:21:7D:68:A1:44:04:B6:26:DD:57:2E:10:8F:24:90
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 61DEAF6D4D880E4D37FAEABB0B2B82688B92AB45
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8de5903-75c3-4b38-9703-0f8a73596842.roa
Signing time: Thu 20 Mar 2025 22:36:43 +0000
ROA not before: Thu 20 Mar 2025 22:36:43 +0000
ROA not after: Thu 24 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 5.179.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:de:af:6d:4d:88:0e:4d:37:fa:ea:bb:0b:2b:82:68:8b:92:ab:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 20 22:36:43 2025 GMT
Not After : Apr 24 23:59:59 2025 GMT
Subject: serialNumber=868e0a9c9635f48c9b0fce80249d39e33f46bba94df442fdd40db8c95a613971, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:af:e3:88:db:f6:ec:24:d3:c5:d0:79:cb:3b:
0c:76:dd:8e:4d:f1:17:bf:c2:da:63:6f:9c:a7:b5:
35:97:2e:18:08:08:a0:a0:ce:2d:55:c7:10:ec:b4:
b3:05:e2:49:3f:90:07:b3:2a:3a:9b:00:26:0c:72:
d1:51:9e:dc:b0:7a:fa:1d:2a:d5:14:dc:bd:2b:16:
e9:78:8b:56:b2:02:35:70:90:5c:b5:97:a2:92:0a:
13:96:87:ee:9a:94:f7:28:3b:65:30:75:48:a9:32:
71:de:d6:3d:29:f9:a9:06:71:d2:4f:58:ab:92:f9:
e1:24:c5:af:0e:bf:38:47:10:65:82:5e:ce:2e:2c:
12:36:4c:d0:ab:30:6b:e3:91:d7:74:d5:cb:0f:47:
b5:78:28:8b:0f:d2:df:41:d4:ec:e7:7e:be:15:b9:
00:6b:a5:d6:e5:ca:28:1a:90:12:c9:8a:0c:5d:8e:
0a:1c:03:1a:f3:3d:08:2d:85:ab:8c:b2:ce:90:de:
7b:ec:73:76:2d:14:cd:ad:ee:54:84:a0:c4:89:eb:
b2:08:0b:ec:88:bd:af:08:3f:dc:1f:68:c3:fd:c7:
8b:3e:c7:a3:e5:f4:00:0a:7f:d4:a9:1c:c2:07:99:
b0:fa:50:db:1b:c1:e9:71:9c:74:8e:03:3f:0f:2a:
31:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:19:B7:C5:F3:21:7D:68:A1:44:04:B6:26:DD:57:2E:10:8F:24:90
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8de5903-75c3-4b38-9703-0f8a73596842.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.96.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:96:76:d2:3b:df:2c:9d:c2:ae:d0:a4:67:19:43:e2:57:69:
37:6f:43:28:0e:39:77:0d:02:84:48:35:1c:de:1b:b7:aa:32:
11:84:10:48:8f:3f:c5:25:19:c6:2c:4d:9e:8e:fc:2e:0e:17:
27:c8:5f:f3:fa:5c:f2:b8:d1:d9:29:0e:01:ad:9b:71:3d:4c:
b6:48:1f:b1:b2:87:19:4d:e7:6f:ca:e7:87:89:b6:f0:f5:01:
42:78:2c:9b:70:70:6c:0b:25:c0:2e:68:3c:c6:c0:3b:1a:17:
9a:88:0a:45:05:47:60:5b:9e:e1:5d:5c:d9:a9:76:04:8a:f2:
eb:fe:c4:1d:04:75:16:2a:43:ae:d6:a1:78:82:fe:78:02:a5:
dd:d4:a2:4c:2c:28:8c:64:40:48:e8:63:a2:97:30:bf:49:e0:
ba:77:9d:71:92:b9:45:ff:ca:10:7d:98:68:04:7a:43:02:ae:
76:61:fd:68:20:80:2a:b7:2f:54:d0:c4:c2:7f:98:02:b4:a4:
42:0b:69:e7:9e:e0:43:c7:07:14:dd:33:b7:72:05:b8:99:94:
5c:09:15:66:29:af:19:6c:69:ba:31:8e:0e:d8:7c:64:f2:e6:
8e:6f:eb:1f:64:f5:e4:97:b9:2e:21:8e:a8:0f:33:e5:a8:00:
66:a5:c7:c9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYd6vbU2IDk03+uq7CyuCaIuSq0UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIwMjIzNjQzWhcNMjUwNDI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NjhlMGE5Yzk2MzVmNDhjOWIwZmNlODAyNDlkMzllMzNm
NDZiYmE5NGRmNDQyZmRkNDBkYjhjOTVhNjEzOTcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJr+OI2/bsJNPF0HnLOwx23Y5N8Re/wtpjb5yntTWXLhgI
CKCgzi1VxxDstLMF4kk/kAezKjqbACYMctFRntywevodKtUU3L0rFul4i1ayAjVw
kFy1l6KSChOWh+6alPcoO2UwdUipMnHe1j0p+akGcdJPWKuS+eEkxa8OvzhHEGWC
Xs4uLBI2TNCrMGvjkdd01csPR7V4KIsP0t9B1Oznfr4VuQBrpdblyigakBLJigxd
jgocAxrzPQgthauMss6Q3nvsc3YtFM2t7lSEoMSJ67IIC+yIva8IP9wfaMP9x4s+
x6Pl9AAKf9SpHMIHmbD6UNsbwelxnHSOAz8PKjGfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlRm3xfMhfWihRAS2Jt1XLhCPJJAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4ZGU1OTAzLTc1YzMtNGIzOC05NzAzLTBmOGE3MzU5Njg0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQFs2AwDQYJKoZIhvcNAQELBQADggEBAEuWdtI73yydwq7QpGcZQ+JXaTdv
QygOOXcNAoRINRzeG7eqMhGEEEiPP8UlGcYsTZ6O/C4OFyfIX/P6XPK40dkpDgGt
m3E9TLZIH7GyhxlN52/K54eJtvD1AUJ4LJtwcGwLJcAuaDzGwDsaF5qICkUFR2Bb
nuFdXNmpdgSK8uv+xB0EdRYqQ67WoXiC/ngCpd3UokwsKIxkQEjoY6KXML9J4Lp3
nXGSuUX/yhB9mGgEekMCrnZh/WgggCq3L1TQxMJ/mAK0pEILaeee4EPHBxTdM7dy
BbiZlFwJFWYprxlsaboxjg7YfGTy5o5v6x9k9eSXuS4hjqgPM+WoAGalx8k=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:47:30 2025 by rpki-client