Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba42d49f-2471-4090-a6cd-4f317510e1f7.roa
File: ba42d49f-2471-4090-a6cd-4f317510e1f7.roa (raw, json)
Hash identifier: qgJm2imAr5iONwNeNELqal50NH4eV3cnXDyIFs8UQS4=
Subject key identifier: 7E:52:74:E5:CC:AE:65:F0:73:14:9F:AF:83:30:E4:9C:72:05:45:C4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3D619632FDAEE9B7764122801A2B4E4D64F6D2A5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba42d49f-2471-4090-a6cd-4f317510e1f7.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 198.99.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:61:96:32:fd:ae:e9:b7:76:41:22:80:1a:2b:4e:4d:64:f6:d2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: serialNumber=6177916ddd855244aa20df3104767fda32171698d73eab7b46c160302d92de0c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8a:02:d0:b6:1a:7d:52:12:bd:d3:79:9b:ae:
31:6c:b4:3e:c8:3b:a5:59:d8:f7:28:33:e1:90:10:
57:f4:a0:5d:9d:02:7a:54:0c:c8:e3:54:0e:1e:ac:
3d:c0:8d:80:8b:c4:ff:76:8a:46:c3:a1:d5:6b:65:
fe:eb:32:4e:25:5f:89:23:3a:c2:5f:dc:46:3e:1a:
7a:aa:29:63:20:be:43:1c:7a:39:17:54:e9:7b:ef:
83:36:a6:9c:80:86:55:50:ce:94:44:b6:8a:0d:39:
86:06:f8:84:59:02:5e:90:02:cf:b2:47:1f:07:f1:
6f:47:23:d4:4e:4d:bd:87:95:6b:a1:18:57:16:c0:
df:4a:ae:63:61:e6:e9:b4:90:ad:97:2f:e2:d0:c9:
d5:80:f3:4f:12:30:0c:4f:fd:db:77:57:21:33:db:
d0:d8:c9:41:d1:b7:3d:34:c4:d5:56:9e:ea:55:ee:
95:df:ad:f1:19:ea:f7:34:98:d3:2c:53:86:ef:2f:
17:00:9d:5f:dc:02:55:69:36:43:27:bd:52:55:cd:
d1:6f:f8:15:44:95:7c:b0:ba:9b:5e:52:5c:19:98:
63:47:3f:1d:53:39:6b:bb:e2:59:43:04:27:74:51:
cb:1d:bb:b9:3c:5f:2d:13:4e:3b:d2:5a:fb:53:de:
1e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:52:74:E5:CC:AE:65:F0:73:14:9F:AF:83:30:E4:9C:72:05:45:C4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba42d49f-2471-4090-a6cd-4f317510e1f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.99.2.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:12:8b:ba:8b:3d:2b:b9:79:58:3e:f2:55:45:45:36:48:56:
ac:30:34:27:e6:5a:f7:35:0c:af:a3:27:c4:78:76:80:f0:4b:
de:a1:8b:e7:36:ae:37:b7:3a:51:7d:fc:77:8b:4e:e8:5b:d2:
e8:06:52:1e:05:67:9e:2f:05:e8:ad:9c:28:04:e9:89:c4:c6:
73:f8:e1:e7:4d:74:0b:5a:96:82:22:9c:24:77:14:ea:72:0a:
c4:f6:e8:64:be:e8:ee:e6:fc:a2:6f:67:bc:96:1c:36:2f:4a:
a4:58:fa:bc:7d:20:80:e7:35:36:dc:b2:2d:36:ba:25:82:ca:
68:d4:ad:71:f6:6f:a5:e5:67:ea:e4:14:fa:b6:97:05:d6:2c:
4c:a9:8e:41:f6:83:50:76:2c:65:a2:af:6b:04:99:54:6e:cc:
d1:ce:6b:8a:46:ef:cf:dd:90:be:d1:65:6a:50:f0:8a:23:0e:
82:17:7b:0c:78:71:35:00:9a:67:c0:13:da:e1:a1:b8:0a:9d:
aa:a1:2c:48:72:8c:89:d0:e9:cc:72:4a:aa:e4:c4:6e:3e:2e:
48:64:c2:87:ff:3b:95:6c:ef:22:c6:9d:aa:d0:35:95:29:0d:
17:6d:e9:de:cb:50:35:70:c9:28:52:e6:9c:cf:18:3d:c8:15:
8b:46:ae:a7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPWGWMv2u6bd2QSKAGitOTWT20qUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTc3OTE2ZGRkODU1MjQ0YWEyMGRmMzEwNDc2N2ZkYTMy
MTcxNjk4ZDczZWFiN2I0NmMxNjAzMDJkOTJkZTBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzigLQthp9UhK903mbrjFstD7IO6VZ2PcoM+GQEFf0oF2d
AnpUDMjjVA4erD3AjYCLxP92ikbDodVrZf7rMk4lX4kjOsJf3EY+GnqqKWMgvkMc
ejkXVOl774M2ppyAhlVQzpREtooNOYYG+IRZAl6QAs+yRx8H8W9HI9ROTb2HlWuh
GFcWwN9KrmNh5um0kK2XL+LQydWA808SMAxP/dt3VyEz29DYyUHRtz00xNVWnupV
7pXfrfEZ6vc0mNMsU4bvLxcAnV/cAlVpNkMnvVJVzdFv+BVElXywupteUlwZmGNH
Px1TOWu74llDBCd0Ucsdu7k8Xy0TTjvSWvtT3h6tAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUflJ05cyuZfBzFJ+vgzDknHIFRcQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhNDJkNDlmLTI0NzEtNDA5MC1hNmNkLTRmMzE3NTEwZTFmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGYwIwDQYJKoZIhvcNAQELBQADggEBAM0Si7qLPSu5eVg+8lVFRTZIVqww
NCfmWvc1DK+jJ8R4doDwS96hi+c2rje3OlF9/HeLTuhb0ugGUh4FZ54vBeitnCgE
6YnExnP44edNdAtaloIinCR3FOpyCsT26GS+6O7m/KJvZ7yWHDYvSqRY+rx9IIDn
NTbcsi02uiWCymjUrXH2b6XlZ+rkFPq2lwXWLEypjkH2g1B2LGWir2sEmVRuzNHO
a4pG78/dkL7RZWpQ8IojDoIXewx4cTUAmmfAE9rhobgKnaqhLEhyjInQ6cxySqrk
xG4+Lkhkwof/O5Vs7yLGnarQNZUpDRdt6d7LUDVwyShS5pzPGD3IFYtGrqc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:26:30 2025 by rpki-client