Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca9077da-6c69-41b8-b08a-c3dba5a251d5.roa
File: ca9077da-6c69-41b8-b08a-c3dba5a251d5.roa (raw, json)
Hash identifier: nd0nFs5qpZpACFHJTKqR0mehuttSndA97Ay13ecGuyY=
Subject key identifier: 65:33:FB:F6:B5:AA:CC:16:0A:80:9A:71:F2:F5:65:8A:38:F2:16:F7
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3B9C5DD3EE7CC0DF0AF1BE2F55A66327396EA3D8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca9077da-6c69-41b8-b08a-c3dba5a251d5.roa
Signing time: Wed 12 Mar 2025 00:00:32 +0000
ROA not before: Wed 12 Mar 2025 00:00:32 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 6167
IP address blocks: 139.56.10.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:9c:5d:d3:ee:7c:c0:df:0a:f1:be:2f:55:a6:63:27:39:6e:a3:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 12 00:00:32 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: serialNumber=69e04ad471e21b33a72da0ea5b3bc3177a2d99cba92669206e856b21a4894b19, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:be:08:d9:6c:30:87:14:dd:2b:d8:28:15:
e5:17:d7:aa:44:e8:32:0d:cb:0d:e4:13:47:1b:81:
cb:43:5d:35:ee:eb:c0:1a:ed:ac:44:28:8e:af:99:
7b:52:6f:e6:6a:68:68:db:14:19:10:bc:b0:b2:56:
c9:3c:00:c2:e0:7e:0d:a9:c0:ec:be:c1:bd:b2:04:
15:37:ee:d3:f0:dc:1d:56:62:47:4b:92:85:dd:ec:
1f:75:b2:a9:28:08:4a:9a:0c:8e:8e:98:2e:4f:94:
3c:8b:c0:1d:33:72:32:39:ee:98:87:63:42:12:c1:
09:83:63:d7:df:bd:fd:4b:ed:e1:58:6d:e8:0e:d3:
6c:19:0f:16:0e:a8:98:f6:db:33:12:57:b8:27:aa:
05:c0:38:09:fb:fe:ed:2e:df:06:52:d3:8a:b0:8b:
10:6f:b7:30:4e:be:8b:c5:39:80:8d:62:9e:4c:35:
8e:34:50:eb:84:1d:20:6e:32:3d:8d:3c:56:29:7b:
64:66:59:a4:03:a1:15:cd:57:0f:1c:fd:71:1f:bd:
4a:f6:e1:ba:4c:2c:ae:ff:31:5f:c4:d0:f4:b8:d1:
62:98:c5:3f:93:d6:f2:fa:12:5d:76:76:1a:29:82:
b6:f6:d9:7d:14:05:9a:65:ec:0e:42:74:80:25:56:
d2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:33:FB:F6:B5:AA:CC:16:0A:80:9A:71:F2:F5:65:8A:38:F2:16:F7
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca9077da-6c69-41b8-b08a-c3dba5a251d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.56.10.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:72:86:fd:3e:90:d0:3e:e2:88:9c:67:28:15:fb:ce:69:1c:
43:b4:98:d1:59:8e:5b:2c:94:28:e1:7b:56:ac:10:2f:72:72:
dc:3f:ea:c4:e5:79:06:36:17:e0:eb:c5:97:5f:e9:89:03:0b:
22:09:e6:fb:d1:ba:ad:04:62:1c:10:d5:5c:a5:0e:71:b8:51:
7a:fa:81:19:5d:b1:7d:d9:02:bb:23:a7:bc:f5:eb:83:38:d0:
43:44:1a:27:ac:f7:af:26:cb:45:90:36:31:fe:97:85:d9:4e:
cb:cd:ce:40:81:bc:02:ef:f5:ea:71:fa:da:d8:02:9b:81:5c:
14:36:61:91:c7:84:55:0c:e9:42:c8:ab:b3:e2:ca:d5:31:bd:
d0:a3:18:3f:02:ad:fb:a3:a3:eb:4c:cb:e5:df:5a:38:b1:80:
7d:72:89:4d:6d:42:e7:cc:2f:64:9f:2f:da:5c:b6:c4:a2:bd:
11:e0:04:96:45:26:9c:d1:33:8e:50:92:04:ad:c3:ae:a6:f3:
19:9c:09:3f:de:f7:3c:ee:66:be:3f:9d:e9:c8:26:16:dc:1b:
b7:2d:df:76:43:55:44:a4:19:fd:d4:d4:99:f6:d0:a2:df:43:
4f:78:49:78:5c:56:57:db:85:ca:17:10:cf:36:e7:21:4c:ec:
37:40:76:16
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO5xd0+58wN8K8b4vVaZjJzluo9gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAwMDMyWhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2OWUwNGFkNDcxZTIxYjMzYTcyZGEwZWE1YjNiYzMxNzdh
MmQ5OWNiYTkyNjY5MjA2ZTg1NmIyMWE0ODk0YjE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC66b4I2WwwhxTdK9goFeUX16pE6DINyw3kE0cbgctDXTXu
68Aa7axEKI6vmXtSb+ZqaGjbFBkQvLCyVsk8AMLgfg2pwOy+wb2yBBU37tPw3B1W
YkdLkoXd7B91sqkoCEqaDI6OmC5PlDyLwB0zcjI57piHY0ISwQmDY9ffvf1L7eFY
begO02wZDxYOqJj22zMSV7gnqgXAOAn7/u0u3wZS04qwixBvtzBOvovFOYCNYp5M
NY40UOuEHSBuMj2NPFYpe2RmWaQDoRXNVw8c/XEfvUr24bpMLK7/MV/E0PS40WKY
xT+T1vL6El12dhopgrb22X0UBZpl7A5CdIAlVtKHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZTP79rWqzBYKgJpx8vVlijjyFvcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NhOTA3N2RhLTZjNjktNDFiOC1iMDhhLWMzZGJhNWEyNTFkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGLOAowDQYJKoZIhvcNAQELBQADggEBAKRyhv0+kNA+4oicZygV+85pHEO0
mNFZjlsslCjhe1asEC9yctw/6sTleQY2F+DrxZdf6YkDCyIJ5vvRuq0EYhwQ1Vyl
DnG4UXr6gRldsX3ZArsjp7z164M40ENEGies968my0WQNjH+l4XZTsvNzkCBvALv
9epx+trYApuBXBQ2YZHHhFUM6ULIq7PiytUxvdCjGD8Crfujo+tMy+XfWjixgH1y
iU1tQufML2SfL9pctsSivRHgBJZFJpzRM45QkgStw66m8xmcCT/e9zzuZr4/nenI
JhbcG7ct33ZDVUSkGf3U1Jn20KLfQ094SXhcVlfbhcoXEM825yFM7DdAdhY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:54:37 2025 by rpki-client