Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9cc5646-20c5-4303-8db8-5a9073d06dfb.roa
File: b9cc5646-20c5-4303-8db8-5a9073d06dfb.roa (raw, json)
Hash identifier: 0hZanczGLtqj26fiTFNLWP78aaRQ6Cgxk2uTDwjWh14=
Subject key identifier: 5B:C8:DD:74:07:43:A4:05:E0:45:D2:F2:81:7E:83:68:D9:FB:DF:0C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6F86FCD707807011C455E0BB97C1FA9A7DDB8BF8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9cc5646-20c5-4303-8db8-5a9073d06dfb.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 16.136.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:86:fc:d7:07:80:70:11:c4:55:e0:bb:97:c1:fa:9a:7d:db:8b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=0e59b65e21ae67ee27e3d742a14dfb457b4f5d2a5037844b5356f7dffdabf345, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:fb:2b:65:e8:1d:cf:97:81:6e:8d:a8:85:
84:ea:41:5a:a1:e7:75:0c:7e:24:a7:6b:0a:26:ef:
11:36:37:70:72:e3:92:31:33:3f:32:72:78:4a:fc:
18:c1:c6:b9:2c:4b:16:22:68:49:e4:3e:69:8c:83:
de:c4:e6:b0:f7:24:26:dd:d7:ac:d9:90:72:69:97:
0d:30:10:6e:72:71:75:57:23:14:55:a9:0b:4b:a2:
95:81:52:b6:f9:ca:34:2a:eb:4c:46:7e:21:07:aa:
bd:d5:1b:42:9a:07:7b:c7:1e:e4:6e:8c:6a:34:94:
63:20:42:41:c3:45:53:ce:95:ee:ee:88:d7:ef:69:
23:90:a7:fe:21:5a:cb:43:07:18:6a:ea:35:c6:e2:
7b:7e:09:64:ea:0b:8d:92:b3:f3:d2:25:4b:e1:b2:
01:5d:d4:66:71:cc:4d:8c:e4:d8:f4:74:97:df:00:
f0:35:4a:85:44:8f:92:ea:97:e8:55:4d:98:9a:48:
8a:32:07:02:87:33:d1:20:a1:a9:00:93:85:e0:5f:
8b:d7:85:9b:88:ee:e4:65:9f:f0:a2:e5:83:84:69:
64:1a:13:39:58:45:b6:a0:9a:95:c0:0f:44:a8:11:
b2:97:0e:71:f5:9c:51:21:a3:3f:2b:43:43:90:fd:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C8:DD:74:07:43:A4:05:E0:45:D2:F2:81:7E:83:68:D9:FB:DF:0C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9cc5646-20c5-4303-8db8-5a9073d06dfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.136.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:c1:71:e1:27:8c:8f:9e:21:2e:77:84:bd:9b:e1:f3:9c:8f:
31:2b:2b:da:c4:bb:d0:a6:2e:0a:01:51:47:29:db:e6:d9:1b:
88:09:d8:65:04:cd:ee:92:9c:54:2f:6b:82:81:e2:f8:f4:91:
93:e2:46:89:86:37:90:0b:c9:62:36:4c:62:17:19:76:9c:eb:
67:63:9b:59:75:2a:e4:9a:96:cd:d8:01:6d:cd:ef:9c:cd:20:
79:20:d7:77:94:3d:ea:da:b8:f9:97:0c:3b:4b:84:9f:7f:8b:
2a:6f:7e:f6:ea:8d:05:91:62:bd:4e:d7:8a:74:bf:41:ba:29:
87:46:bb:31:e1:32:fe:b8:11:22:c3:73:ec:ba:ca:55:10:78:
c5:4d:19:b1:9d:2e:00:5e:88:5c:7f:b3:65:72:1d:3c:d1:cc:
1a:5e:01:f8:e4:99:10:83:43:dc:47:d6:2f:e4:94:9c:88:b0:
4c:4a:ac:1b:33:4a:50:40:66:70:a6:19:13:1f:99:65:eb:41:
74:09:c1:32:e7:9f:85:73:cf:7c:f2:8d:b4:54:a6:40:00:eb:
e4:f4:fb:c7:0b:5e:7e:f7:bc:fa:bc:dd:a6:0e:9d:79:9f:1a:
c9:b2:a1:8e:a0:01:68:27:5f:46:ef:f1:cb:7a:24:1c:86:25:
15:05:f4:c0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUb4b81weAcBHEVeC7l8H6mn3bi/gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTU5YjY1ZTIxYWU2N2VlMjdlM2Q3NDJhMTRkZmI0NTdi
NGY1ZDJhNTAzNzg0NGI1MzU2ZjdkZmZkYWJmMzQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChEvsrZegdz5eBbo2ohYTqQVqh53UMfiSnawom7xE2N3By
45IxMz8ycnhK/BjBxrksSxYiaEnkPmmMg97E5rD3JCbd16zZkHJplw0wEG5ycXVX
IxRVqQtLopWBUrb5yjQq60xGfiEHqr3VG0KaB3vHHuRujGo0lGMgQkHDRVPOle7u
iNfvaSOQp/4hWstDBxhq6jXG4nt+CWTqC42Ss/PSJUvhsgFd1GZxzE2M5Nj0dJff
APA1SoVEj5Lql+hVTZiaSIoyBwKHM9EgoakAk4XgX4vXhZuI7uRln/Ci5YOEaWQa
EzlYRbagmpXAD0SoEbKXDnH1nFEhoz8rQ0OQ/XALAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUW8jddAdDpAXgRdLygX6DaNn73wwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I5Y2M1NjQ2LTIwYzUtNDMwMy04ZGI4LTVhOTA3M2QwNmRmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQiDANBgkqhkiG9w0BAQsFAAOCAQEAhMFx4SeMj54hLneEvZvh85yPMSsr
2sS70KYuCgFRRynb5tkbiAnYZQTN7pKcVC9rgoHi+PSRk+JGiYY3kAvJYjZMYhcZ
dpzrZ2ObWXUq5JqWzdgBbc3vnM0geSDXd5Q96tq4+ZcMO0uEn3+LKm9+9uqNBZFi
vU7XinS/Qboph0a7MeEy/rgRIsNz7LrKVRB4xU0ZsZ0uAF6IXH+zZXIdPNHMGl4B
+OSZEIND3EfWL+SUnIiwTEqsGzNKUEBmcKYZEx+ZZetBdAnBMuefhXPPfPKNtFSm
QADr5PT7xwtefve8+rzdpg6deZ8aybKhjqABaCdfRu/xy3okHIYlFQX0wA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:40:28 2025 by rpki-client