Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c86791f2-b36d-4c31-ba1f-31ff9c46259f.roa
File: c86791f2-b36d-4c31-ba1f-31ff9c46259f.roa (raw, json)
Hash identifier: BX1chgeE9XByIFIarVdyRFC04QGXCabpHzB23UZUcQg=
Subject key identifier: 35:B2:00:7A:18:9E:D8:27:95:B8:31:75:9A:25:2A:D0:45:7B:0C:81
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7DCAECBCE9B3A8A73E4E01CDA8425F30C8A1FF5F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c86791f2-b36d-4c31-ba1f-31ff9c46259f.roa
Signing time: Wed 15 Jan 2025 00:00:00 +0000
ROA not before: Wed 15 Jan 2025 00:00:00 +0000
ROA not after: Wed 19 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 151.150.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:ca:ec:bc:e9:b3:a8:a7:3e:4e:01:cd:a8:42:5f:30:c8:a1:ff:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 15 00:00:00 2025 GMT
Not After : Feb 19 23:59:59 2025 GMT
Subject: serialNumber=e4170c31685adf2b9fcb20cf7a87f7159041f85e29dd4497b8873da7d1ade148, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a8:a8:50:0f:ab:31:b1:d3:b2:2d:88:1e:de:
a4:eb:df:2c:a1:13:ba:f5:c2:cf:9d:74:71:3a:c0:
04:82:00:01:94:3c:7d:40:6c:bc:8e:1c:fb:ed:95:
51:3c:47:7a:4e:93:dd:40:1b:fb:2c:b2:e6:b3:5b:
20:a9:57:6d:49:5b:37:62:14:d7:9f:ce:58:90:b1:
62:4a:ca:83:1a:9b:7a:a8:b2:1f:da:12:a1:24:e5:
df:cb:c1:10:a8:29:53:93:01:e1:13:11:ae:03:d5:
54:e1:64:17:05:dc:d0:2e:7b:87:6d:56:50:97:4b:
c1:65:06:03:c9:5e:47:0d:e1:74:cc:b2:11:a7:f0:
5d:24:ae:06:12:73:44:8b:4d:96:85:a1:61:e0:8a:
74:25:b2:89:86:ff:2f:54:4e:5f:be:38:bd:ab:ba:
eb:5c:7b:f1:68:6e:ce:12:59:20:f3:d2:66:3a:a3:
4a:63:9f:41:15:11:23:65:09:21:c5:5a:71:f9:63:
47:8f:26:da:a2:28:12:3d:20:99:78:87:e3:1f:b8:
d1:cb:c0:94:60:7a:fe:4a:68:6b:98:01:33:44:db:
91:c3:4d:af:be:35:25:b6:0a:b7:8c:00:b9:e1:8a:
a0:c0:80:02:42:28:b0:12:4c:79:e9:39:18:d2:a3:
a7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B2:00:7A:18:9E:D8:27:95:B8:31:75:9A:25:2A:D0:45:7B:0C:81
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c86791f2-b36d-4c31-ba1f-31ff9c46259f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:9a:6d:6d:8e:f0:4f:54:8e:62:04:5d:11:6f:8d:d0:df:c8:
95:86:a2:e1:6c:e0:66:cb:58:2c:59:67:53:69:1a:5f:9b:c5:
b6:de:99:e0:0d:cf:88:d7:92:12:3f:b4:db:6b:73:48:a0:53:
c8:07:a4:a5:df:af:f6:4a:fc:b5:07:7b:58:3c:97:c5:fe:22:
4c:e2:f8:f1:eb:10:94:9f:11:a6:82:83:1e:e2:67:b5:1e:4b:
6d:23:e3:2e:42:90:af:26:cd:f1:a3:db:c5:36:77:5b:1e:03:
a6:f7:1e:b1:f1:39:21:3d:24:f9:ae:97:af:38:aa:ab:51:25:
03:79:4b:89:45:45:f1:fc:ba:1b:3d:4a:aa:84:c8:36:3f:c1:
f5:1b:a8:c8:15:eb:89:44:8a:60:ea:d6:7a:c8:f8:42:31:60:
df:22:67:ec:6f:55:e4:70:77:a5:7a:63:55:4d:3d:1b:e1:54:
a7:10:49:f8:84:cd:28:a0:a7:ba:1c:5c:08:88:e8:c4:fc:2e:
c1:df:f6:00:a3:71:d6:a7:4d:59:aa:36:a4:43:de:dd:c6:c2:
a6:48:23:bd:f2:f0:65:50:92:8f:d3:37:da:48:54:f8:75:6b:
08:c6:a5:83:ad:ca:54:21:73:17:a9:99:8d:26:47:f4:db:73:
11:e2:2e:42
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfcrsvOmzqKc+TgHNqEJfMMih/18wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNDE3MGMzMTY4NWFkZjJiOWZjYjIwY2Y3YTg3ZjcxNTkw
NDFmODVlMjlkZDQ0OTdiODg3M2RhN2QxYWRlMTQ4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAqKhQD6sxsdOyLYge3qTr3yyhE7r1ws+ddHE6wASCAAGU
PH1AbLyOHPvtlVE8R3pOk91AG/sssuazWyCpV21JWzdiFNefzliQsWJKyoMam3qo
sh/aEqEk5d/LwRCoKVOTAeETEa4D1VThZBcF3NAue4dtVlCXS8FlBgPJXkcN4XTM
shGn8F0krgYSc0SLTZaFoWHginQlsomG/y9UTl++OL2ruutce/Fobs4SWSDz0mY6
o0pjn0EVESNlCSHFWnH5Y0ePJtqiKBI9IJl4h+MfuNHLwJRgev5KaGuYATNE25HD
Ta++NSW2CreMALnhiqDAgAJCKLASTHnpORjSo6eNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUNbIAehie2CeVuDF1miUq0EV7DIEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4Njc5MWYyLWIzNmQtNGMzMS1iYTFmLTMxZmY5YzQ2MjU5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCXljANBgkqhkiG9w0BAQsFAAOCAQEAs5ptbY7wT1SOYgRdEW+N0N/IlYai
4WzgZstYLFlnU2kaX5vFtt6Z4A3PiNeSEj+022tzSKBTyAekpd+v9kr8tQd7WDyX
xf4iTOL48esQlJ8RpoKDHuJntR5LbSPjLkKQrybN8aPbxTZ3Wx4DpvcesfE5IT0k
+a6Xrziqq1ElA3lLiUVF8fy6Gz1KqoTINj/B9RuoyBXriUSKYOrWesj4QjFg3yJn
7G9V5HB3pXpjVU09G+FUpxBJ+ITNKKCnuhxcCIjoxPwuwd/2AKNx1qdNWao2pEPe
3cbCpkgjvfLwZVCSj9M32khU+HVrCMalg63KVCFzF6mZjSZH9NtzEeIuQg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:24:08 2025 by rpki-client