Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/caf057ec-66e9-45b0-9bd8-fc95a48230f5.roa
File: caf057ec-66e9-45b0-9bd8-fc95a48230f5.roa (raw, json)
Hash identifier: iczLCKUK6TUJNuI4BsSaL/B1irr+k2qnfCU/QAkBIN8=
Subject key identifier: 73:36:B3:F3:52:4E:E5:4B:44:46:BF:D1:A7:82:12:C7:D2:BB:5B:A1
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4188AE129841B18922BFC4DC5BDF6C4ACAD75C3B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/caf057ec-66e9-45b0-9bd8-fc95a48230f5.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f01:4870::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:88:ae:12:98:41:b1:89:22:bf:c4:dc:5b:df:6c:4a:ca:d7:5c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=c6f8168030f8450b57b230466f7ff6a12b6c890b9f3dd20dac150210131f37a3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:8a:52:8c:e9:78:86:42:8d:bb:3c:7d:1c:
3d:8f:1e:9e:15:7b:57:1d:68:bb:a1:e9:99:80:ac:
d0:df:95:57:1e:6c:c7:7f:10:23:47:f7:8f:6e:7b:
a8:ea:bc:28:74:db:25:e2:57:68:75:bb:fe:f7:c4:
1a:fe:ff:96:b5:7c:a3:ba:ad:7b:78:6c:11:ab:62:
90:3a:42:b9:fa:3e:73:d3:11:d2:bd:d3:32:bf:88:
3a:a7:2a:5a:f7:bd:eb:03:16:c4:08:87:bb:ac:70:
c6:87:54:94:bf:64:08:46:cb:fd:82:77:b2:ed:8c:
20:cb:09:8a:ac:cf:6b:99:8b:da:90:fb:d9:e0:bd:
93:6a:fe:c6:99:91:50:a8:93:35:2b:e5:5e:f2:5a:
05:1b:fb:37:fc:b1:e1:a4:b7:0d:b2:7e:b2:58:52:
47:bf:d9:3b:3c:c3:dd:91:f9:93:a4:29:4b:0a:b2:
32:eb:5e:bf:15:2d:86:c9:26:fc:ea:c5:f8:92:74:
bd:a5:c5:7a:64:e9:55:9f:89:05:78:3d:df:20:ee:
be:6c:06:56:20:e3:ae:68:84:36:9d:34:51:ab:66:
54:50:a2:15:8b:eb:c2:a3:bc:13:3b:89:c3:cb:09:
c0:8a:ee:26:6d:eb:d3:20:20:4c:d9:63:95:f2:d6:
4f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:36:B3:F3:52:4E:E5:4B:44:46:BF:D1:A7:82:12:C7:D2:BB:5B:A1
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/caf057ec-66e9-45b0-9bd8-fc95a48230f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f01:4870::/47
Signature Algorithm: sha256WithRSAEncryption
6b:b8:a5:27:d8:03:a1:06:a8:d9:ed:37:e8:cf:c7:4a:be:d0:
6b:b4:a0:ea:84:b1:ab:97:c7:c8:ea:52:5a:b9:2b:ab:e7:24:
fd:cc:4e:81:41:67:d4:d5:7f:b5:79:00:10:57:f3:c7:0d:b8:
1b:85:0e:1d:12:6d:6c:07:b8:1e:01:ac:c3:9a:cb:07:54:cb:
3a:1a:39:bd:4d:5c:94:b4:93:ec:e4:05:2e:bc:dd:8f:65:0e:
d7:0f:f1:a2:e1:8e:5f:8d:7e:3e:58:5f:1e:57:1d:ad:64:d6:
c4:9d:25:1f:9e:f4:c3:d5:64:18:60:a1:36:1f:14:e6:44:03:
2f:79:95:92:e2:34:0d:fd:57:e5:81:b3:ea:0e:36:d9:d8:8c:
42:26:50:29:f6:10:3f:ad:5a:94:61:22:99:dc:db:73:bd:34:
94:b3:cf:50:56:58:cb:7d:4d:23:c8:03:5b:d6:b9:89:d9:5b:
02:8f:a1:0a:8d:04:87:0b:28:12:80:25:cf:21:03:8d:8d:5c:
a1:2e:d6:eb:06:df:c6:5c:70:c4:67:cd:19:54:66:9d:48:9d:
9d:63:db:4f:34:73:f0:09:ac:97:74:2d:06:71:dc:db:ee:b7:
ce:49:bd:44:12:05:82:22:5c:d3:35:a5:74:9d:24:b5:94:38:
fe:04:38:d8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUQYiuEphBsYkiv8TcW99sSsrXXDswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNmY4MTY4MDMwZjg0NTBiNTdiMjMwNDY2ZjdmZjZhMTJi
NmM4OTBiOWYzZGQyMGRhYzE1MDIxMDEzMWYzN2EzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxtIpSjOl4hkKNuzx9HD2PHp4Ve1cdaLuh6ZmArNDflVce
bMd/ECNH949ue6jqvCh02yXiV2h1u/73xBr+/5a1fKO6rXt4bBGrYpA6Qrn6PnPT
EdK90zK/iDqnKlr3vesDFsQIh7uscMaHVJS/ZAhGy/2Cd7LtjCDLCYqsz2uZi9qQ
+9ngvZNq/saZkVCokzUr5V7yWgUb+zf8seGktw2yfrJYUke/2Ts8w92R+ZOkKUsK
sjLrXr8VLYbJJvzqxfiSdL2lxXpk6VWfiQV4Pd8g7r5sBlYg465ohDadNFGrZlRQ
ohWL68KjvBM7icPLCcCK7iZt69MgIEzZY5Xy1k93AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUczaz81JO5UtERr/Rp4ISx9K7W6EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NhZjA1N2VjLTY2ZTktNDViMC05YmQ4LWZjOTVhNDgyMzBmNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAB8BSHAwDQYJKoZIhvcNAQELBQADggEBAGu4pSfYA6EGqNntN+jPx0q+
0Gu0oOqEsauXx8jqUlq5K6vnJP3MToFBZ9TVf7V5ABBX88cNuBuFDh0SbWwHuB4B
rMOaywdUyzoaOb1NXJS0k+zkBS683Y9lDtcP8aLhjl+Nfj5YXx5XHa1k1sSdJR+e
9MPVZBhgoTYfFOZEAy95lZLiNA39V+WBs+oONtnYjEImUCn2ED+tWpRhIpnc23O9
NJSzz1BWWMt9TSPIA1vWuYnZWwKPoQqNBIcLKBKAJc8hA42NXKEu1usG38ZccMRn
zRlUZp1InZ1j2080c/AJrJd0LQZx3Nvut85JvUQSBYIiXNM1pXSdJLWUOP4EONg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:51:49 2025 by rpki-client