Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88a75d7-f35e-4df7-b450-60328427d30e.roa
File: c88a75d7-f35e-4df7-b450-60328427d30e.roa (raw, json)
Hash identifier: nYHcWn7HDzezeh/56IxOchXP03OO7j2FHNgA0W/DRb4=
Subject key identifier: D3:0E:11:5B:6D:2D:1E:3B:6E:17:46:6E:3A:F2:69:D5:13:2A:FB:A4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 565F659BB4A4B3267B4C2F194C2D91B24DEEA8C2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88a75d7-f35e-4df7-b450-60328427d30e.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 99.151.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5f:65:9b:b4:a4:b3:26:7b:4c:2f:19:4c:2d:91:b2:4d:ee:a8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=cf5b6e9fe3136cc13e477e9b6552ba919946d9263822726acef2cfdb29761845, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:89:60:c3:c1:5d:f4:eb:5a:f6:25:e4:6d:
a0:0f:5c:27:ca:b7:25:2b:d5:e2:c3:c9:98:94:97:
f0:f8:7c:c1:ea:ff:38:b6:e8:a7:d9:b9:ce:cf:3b:
93:71:8f:bc:a2:20:c7:7f:36:35:71:e2:88:e9:65:
42:49:e2:f1:9e:e7:a7:b1:be:60:11:00:ca:40:18:
03:28:30:65:aa:f2:35:a4:06:cd:fc:12:57:7f:88:
d0:b8:a5:60:97:ba:fa:e4:df:70:b5:fb:4a:9a:b3:
89:99:0d:bf:36:a4:e3:10:84:a5:99:54:83:8a:c5:
6d:53:38:fd:14:ac:b8:2b:f0:97:b3:cb:94:43:d0:
40:39:34:01:a5:18:e5:9f:f8:fb:6b:9b:bc:d5:b6:
15:bb:37:18:ed:fb:25:92:be:42:84:db:c1:c8:19:
60:fb:5e:13:83:15:e9:29:72:47:68:e6:aa:1f:b7:
13:1e:5e:c6:f3:43:ef:53:10:65:cf:49:4f:5b:ef:
67:0b:15:b3:bf:20:bd:9e:6d:d3:d9:43:3f:ca:82:
34:e1:5a:d6:62:69:af:98:d1:00:bb:ac:d4:27:27:
91:c5:1f:0b:8a:5b:87:f3:77:8c:a8:14:98:a6:0f:
24:fc:9e:a8:3a:7d:1f:b6:e7:ca:da:36:fe:62:4b:
aa:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0E:11:5B:6D:2D:1E:3B:6E:17:46:6E:3A:F2:69:D5:13:2A:FB:A4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88a75d7-f35e-4df7-b450-60328427d30e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
99.151.104.0/21
Signature Algorithm: sha256WithRSAEncryption
59:bb:68:88:db:cc:61:10:fc:aa:b0:e6:f3:78:94:6a:a7:41:
1b:cd:49:38:a0:42:58:34:db:05:6f:2a:d4:8a:7e:16:97:e7:
9b:77:f3:a4:ea:4d:64:23:45:8e:8a:d2:48:10:5f:a4:5d:e6:
ff:6f:63:9c:28:fc:52:20:0c:ec:e6:4f:2e:6f:6f:15:7e:6c:
41:46:e6:c0:83:8c:cd:bb:0d:59:44:3e:15:80:eb:31:fc:b2:
b3:f4:ff:73:6c:ad:08:2a:6c:f4:2f:dc:d9:66:d7:2b:2b:a3:
94:25:3b:71:cf:c1:91:07:38:80:a4:85:dd:47:12:eb:64:5c:
ae:32:95:9e:f9:b9:ba:64:d6:81:91:7c:09:7e:5b:da:31:a6:
ab:58:e7:22:b4:6e:4d:ad:bc:2d:81:82:8f:7e:d8:51:26:ff:
2f:85:60:d6:64:af:e9:e2:bf:8d:fe:90:ba:65:6d:41:e2:40:
f0:15:2c:95:94:64:06:0a:06:30:6f:29:02:8a:16:69:48:9b:
d7:5f:ba:96:5d:c5:2e:e4:70:98:7e:07:00:f6:3c:ff:ba:6b:
03:8d:11:da:31:4d:35:3d:3b:b9:b4:19:6f:2d:84:6b:d8:9d:
a7:96:cf:de:26:88:0a:1e:37:14:83:3c:a8:75:e0:9a:88:b5:
b8:b1:42:00
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVl9lm7SksyZ7TC8ZTC2Rsk3uqMIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZjViNmU5ZmUzMTM2Y2MxM2U0NzdlOWI2NTUyYmE5MTk5
NDZkOTI2MzgyMjcyNmFjZWYyY2ZkYjI5NzYxODQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSp4lgw8Fd9Ota9iXkbaAPXCfKtyUr1eLDyZiUl/D4fMHq
/zi26KfZuc7PO5Nxj7yiIMd/NjVx4ojpZUJJ4vGe56exvmARAMpAGAMoMGWq8jWk
Bs38Eld/iNC4pWCXuvrk33C1+0qas4mZDb82pOMQhKWZVIOKxW1TOP0UrLgr8Jez
y5RD0EA5NAGlGOWf+Ptrm7zVthW7Nxjt+yWSvkKE28HIGWD7XhODFekpckdo5qof
txMeXsbzQ+9TEGXPSU9b72cLFbO/IL2ebdPZQz/KgjThWtZiaa+Y0QC7rNQnJ5HF
HwuKW4fzd4yoFJimDyT8nqg6fR+258raNv5iS6opAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0w4RW20tHjtuF0ZuOvJp1RMq+6QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4OGE3NWQ3LWYzNWUtNGRmNy1iNDUwLTYwMzI4NDI3ZDMwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl2gwDQYJKoZIhvcNAQELBQADggEBAFm7aIjbzGEQ/Kqw5vN4lGqnQRvN
STigQlg02wVvKtSKfhaX55t386TqTWQjRY6K0kgQX6Rd5v9vY5wo/FIgDOzmTy5v
bxV+bEFG5sCDjM27DVlEPhWA6zH8srP0/3NsrQgqbPQv3Nlm1ysro5QlO3HPwZEH
OICkhd1HEutkXK4ylZ75ubpk1oGRfAl+W9oxpqtY5yK0bk2tvC2Bgo9+2FEm/y+F
YNZkr+niv43+kLplbUHiQPAVLJWUZAYKBjBvKQKKFmlIm9dfupZdxS7kcJh+BwD2
PP+6awONEdoxTTU9O7m0GW8thGvYnaeWz94miAoeNxSDPKh14JqItbixQgA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:37:29 2025 by rpki-client