Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf3b1fc4-698c-4ad3-98ac-00c9fd9b0dd5.roa
File: cf3b1fc4-698c-4ad3-98ac-00c9fd9b0dd5.roa (raw, json)
Hash identifier: LeaxHgmrzzhd72XD/zlzHaNKxYpwocUhJxDa85y35Cs=
Subject key identifier: 9B:C3:CB:24:D5:3F:AB:EA:6F:AF:9E:E4:7F:9D:CE:4E:D3:7E:2F:E3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 0DB052A10699BBED3BAC8DD538BB30C03DC9DC30
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf3b1fc4-698c-4ad3-98ac-00c9fd9b0dd5.roa
Signing time: Sat 04 Jan 2025 00:00:00 +0000
ROA not before: Sat 04 Jan 2025 00:00:00 +0000
ROA not after: Sat 08 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.66.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b0:52:a1:06:99:bb:ed:3b:ac:8d:d5:38:bb:30:c0:3d:c9:dc:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 4 00:00:00 2025 GMT
Not After : Feb 8 23:59:59 2025 GMT
Subject: serialNumber=fdfc1982078546eac76efda79507b434652aee491df717bd2d0efd2a2606c818, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:47:44:f3:90:24:97:04:43:bc:cf:66:21:
1c:d1:93:96:f6:93:06:bf:65:5a:46:29:49:1a:13:
8c:7d:b9:03:80:f9:21:c2:87:d6:a6:9c:61:fe:3b:
fa:f6:67:68:be:87:e5:74:25:bd:1a:07:ca:dc:74:
c2:d8:3d:59:75:d9:eb:74:3a:cf:e1:e2:90:af:0f:
ab:a1:d2:67:d8:90:bb:55:e6:9a:23:25:f2:fc:49:
b7:b5:de:8b:80:d0:d1:fd:20:9c:17:01:2f:0f:d9:
08:41:00:4f:8b:fa:a0:c6:a3:12:9a:fe:f0:a8:53:
25:98:b3:83:09:a5:8a:5f:d8:10:d0:b0:0e:c2:5d:
a3:e7:27:a0:b7:d4:f2:99:3b:88:1c:44:c4:cd:60:
5b:99:15:45:50:ed:66:cf:42:cf:c0:8b:b3:da:67:
11:ee:e7:71:8b:14:bd:5f:80:ec:b4:2a:19:e1:c8:
6a:39:63:ba:21:66:13:52:d9:85:50:be:fc:e2:02:
cb:12:ee:a1:49:c5:76:98:50:d8:03:c6:b2:22:ab:
97:65:9c:63:6f:fb:fc:e6:b2:a8:37:76:15:60:41:
37:2b:6b:29:85:c3:21:1b:4b:3d:30:c2:d4:4a:7d:
00:81:a4:6f:18:03:58:86:de:58:a0:42:30:88:58:
c5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C3:CB:24:D5:3F:AB:EA:6F:AF:9E:E4:7F:9D:CE:4E:D3:7E:2F:E3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf3b1fc4-698c-4ad3-98ac-00c9fd9b0dd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.66.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:a7:06:e2:35:fb:72:e0:5d:2f:92:c6:3c:9c:ad:15:bf:f2:
ba:a0:14:bd:fb:a0:7b:b2:13:4b:98:16:a5:3e:8c:2d:5b:43:
0e:77:cd:80:57:a9:d3:13:8a:28:8a:42:0a:4d:81:43:1b:16:
40:58:d7:8c:1d:3e:6a:10:9b:83:19:d8:15:da:05:4b:6e:68:
13:8b:73:62:0d:f4:9f:f8:67:53:22:d5:c7:0e:cc:f3:1d:6f:
65:7c:c3:8c:08:0d:58:a1:74:5b:0b:db:d2:08:3f:aa:67:2a:
25:a5:e9:d5:1b:37:88:42:6c:8a:87:e1:6c:56:7e:d9:57:69:
fc:80:bf:4d:8a:6e:b5:cf:05:f9:1a:50:ed:98:f8:28:4f:7a:
08:14:c4:66:eb:b4:cb:2d:66:50:fd:d4:5b:4a:cf:ad:8d:8c:
ef:d9:1b:43:b8:d4:cd:53:97:d5:7f:c3:86:af:8c:db:48:77:
a5:f1:c9:e6:e3:9f:c9:a5:95:91:bb:03:2c:d1:f7:8f:d6:4b:
da:11:ed:53:cd:b2:bd:e8:90:87:b9:16:19:0a:29:e6:94:0e:
41:e8:9e:6d:0f:9c:06:94:34:d5:df:3d:dd:8f:9f:66:3e:5e:
76:57:fd:a6:be:39:90:65:af:83:a4:82:29:f5:89:d1:6f:56:
1a:9d:7c:9d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDbBSoQaZu+07rI3VOLswwD3J3DAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZGZjMTk4MjA3ODU0NmVhYzc2ZWZkYTc5NTA3YjQzNDY1
MmFlZTQ5MWRmNzE3YmQyZDBlZmQyYTI2MDZjODE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbc0dE85AklwRDvM9mIRzRk5b2kwa/ZVpGKUkaE4x9uQOA
+SHCh9amnGH+O/r2Z2i+h+V0Jb0aB8rcdMLYPVl12et0Os/h4pCvD6uh0mfYkLtV
5pojJfL8Sbe13ouA0NH9IJwXAS8P2QhBAE+L+qDGoxKa/vCoUyWYs4MJpYpf2BDQ
sA7CXaPnJ6C31PKZO4gcRMTNYFuZFUVQ7WbPQs/Ai7PaZxHu53GLFL1fgOy0Khnh
yGo5Y7ohZhNS2YVQvvziAssS7qFJxXaYUNgDxrIiq5dlnGNv+/zmsqg3dhVgQTcr
aymFwyEbSz0wwtRKfQCBpG8YA1iG3ligQjCIWMVbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUm8PLJNU/q+pvr57kf53OTtN+L+MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmM2IxZmM0LTY5OGMtNGFkMy05OGFjLTAwYzlmZDliMGRkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQQjANBgkqhkiG9w0BAQsFAAOCAQEAhqcG4jX7cuBdL5LGPJytFb/yuqAU
vfuge7ITS5gWpT6MLVtDDnfNgFep0xOKKIpCCk2BQxsWQFjXjB0+ahCbgxnYFdoF
S25oE4tzYg30n/hnUyLVxw7M8x1vZXzDjAgNWKF0Wwvb0gg/qmcqJaXp1Rs3iEJs
iofhbFZ+2Vdp/IC/TYputc8F+RpQ7Zj4KE96CBTEZuu0yy1mUP3UW0rPrY2M79kb
Q7jUzVOX1X/Dhq+M20h3pfHJ5uOfyaWVkbsDLNH3j9ZL2hHtU82yveiQh7kWGQop
5pQOQeiebQ+cBpQ01d893Y+fZj5edlf9pr45kGWvg6SCKfWJ0W9WGp18nQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:01:22 2025 by rpki-client