Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2786344-8118-4f8d-9ffa-11e8e2739995.roa
File: d2786344-8118-4f8d-9ffa-11e8e2739995.roa (raw, json)
Hash identifier: Ll6dwPcHwcLPUktv9PfX9z4zjuNNfW4zqPDQWRm9fc4=
Subject key identifier: AF:E9:2F:C8:B5:CB:50:30:4B:50:E5:68:75:4B:07:4A:B8:99:8F:35
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 61E82D5ED7DBE717554C5CBC6C446D1E10D4ABB0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2786344-8118-4f8d-9ffa-11e8e2739995.roa
Signing time: Sat 04 Jan 2025 00:00:00 +0000
ROA not before: Sat 04 Jan 2025 00:00:00 +0000
ROA not after: Sat 08 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 173.83.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:e8:2d:5e:d7:db:e7:17:55:4c:5c:bc:6c:44:6d:1e:10:d4:ab:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 4 00:00:00 2025 GMT
Not After : Feb 8 23:59:59 2025 GMT
Subject: serialNumber=eae46fe035329ee24d442be5698c2513171db577e04a07b166afdef7b3bea6ce, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:32:74:c6:29:33:f1:f3:40:93:d6:10:cf:58:
99:24:98:7d:62:75:19:3e:79:21:2c:d1:6c:24:be:
11:1c:9a:99:55:88:44:35:f7:74:ab:bd:e7:5a:8b:
96:a4:39:0c:46:7f:cf:d2:11:d7:91:43:25:bd:fb:
a3:03:0c:3e:10:49:b5:a6:8a:44:63:05:28:08:64:
8c:75:ef:c5:49:a7:7e:b0:bc:ba:d2:8a:63:ca:7a:
71:6e:57:ba:ab:c3:c9:28:e9:af:d6:18:5a:ed:ab:
9c:df:77:55:a4:8d:b0:8c:9f:17:4e:41:ce:e4:ef:
f9:c9:42:04:30:35:4f:36:26:cd:74:5a:14:79:57:
aa:4e:7c:55:95:d7:d9:8b:48:70:f6:d0:ac:ea:7c:
78:f7:f8:78:4e:00:8b:f5:62:aa:4e:b1:3e:fe:33:
e2:da:21:a1:e4:f9:b2:06:8f:2e:76:62:a7:33:2c:
1a:3a:90:5b:20:60:3e:ad:9d:a0:df:01:98:a1:b4:
52:35:13:ff:8c:b7:34:21:e0:5c:2a:75:b6:a2:fa:
29:ba:0b:94:96:50:ce:91:b0:c8:05:2a:29:01:92:
97:cf:af:11:f2:ff:eb:93:7d:66:53:46:e1:83:38:
42:dc:69:55:d6:08:ad:fa:94:b0:66:3f:2f:2b:f4:
83:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E9:2F:C8:B5:CB:50:30:4B:50:E5:68:75:4B:07:4A:B8:99:8F:35
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2786344-8118-4f8d-9ffa-11e8e2739995.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.83.198.0/24
Signature Algorithm: sha256WithRSAEncryption
70:8e:5b:b5:44:5b:58:48:37:0f:33:b2:e1:88:25:bb:23:fa:
69:3c:22:92:67:05:82:42:1a:c5:3a:74:fd:34:df:4d:62:a7:
c9:77:44:f4:ed:a1:6a:fd:cc:df:52:41:9f:75:66:dc:50:6a:
3e:e4:96:58:a4:7d:3e:6f:3d:42:a2:d1:ea:69:d2:60:e5:2f:
e1:ad:38:aa:e0:a2:d8:bd:f9:14:94:b1:36:db:83:6d:51:31:
9e:81:55:8f:dc:db:f5:d8:c3:12:bd:20:d2:89:96:61:76:82:
15:a5:5c:04:47:31:85:0d:ad:49:ec:b6:47:fa:a9:ee:08:96:
18:31:f5:f8:7b:95:57:ba:3a:31:b9:5f:6d:2a:dc:46:6e:90:
4c:6c:b8:0a:ae:9a:37:55:21:6f:05:04:55:0c:4a:3a:8f:11:
cf:0f:ab:ac:06:6d:a0:70:b3:21:6e:d0:36:ee:1b:42:4d:d1:
c1:e6:52:6c:f9:7e:32:f2:b0:be:6e:6d:24:1a:4c:f2:e2:76:
8b:25:c2:1b:fb:94:d7:81:f4:72:50:75:ed:3e:89:bf:56:40:
31:c4:e1:be:2e:71:c2:02:b6:cf:cf:e1:29:05:05:57:24:89:
8f:a0:41:c8:0a:7a:18:9a:3e:c0:24:07:66:36:59:65:f3:1c:
fa:25:d2:c6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYegtXtfb5xdVTFy8bERtHhDUq7AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWU0NmZlMDM1MzI5ZWUyNGQ0NDJiZTU2OThjMjUxMzE3
MWRiNTc3ZTA0YTA3YjE2NmFmZGVmN2IzYmVhNmNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDzMnTGKTPx80CT1hDPWJkkmH1idRk+eSEs0WwkvhEcmplV
iEQ193Srvedai5akOQxGf8/SEdeRQyW9+6MDDD4QSbWmikRjBSgIZIx178VJp36w
vLrSimPKenFuV7qrw8ko6a/WGFrtq5zfd1WkjbCMnxdOQc7k7/nJQgQwNU82Js10
WhR5V6pOfFWV19mLSHD20KzqfHj3+HhOAIv1YqpOsT7+M+LaIaHk+bIGjy52Yqcz
LBo6kFsgYD6tnaDfAZihtFI1E/+MtzQh4Fwqdbai+im6C5SWUM6RsMgFKikBkpfP
rxHy/+uTfWZTRuGDOELcaVXWCK36lLBmPy8r9IPzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUr+kvyLXLUDBLUOVodUsHSriZjzUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyNzg2MzQ0LTgxMTgtNGY4ZC05ZmZhLTExZThlMjczOTk5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtU8YwDQYJKoZIhvcNAQELBQADggEBAHCOW7VEW1hINw8zsuGIJbsj+mk8
IpJnBYJCGsU6dP00301ip8l3RPTtoWr9zN9SQZ91ZtxQaj7kllikfT5vPUKi0epp
0mDlL+GtOKrgoti9+RSUsTbbg21RMZ6BVY/c2/XYwxK9INKJlmF2ghWlXARHMYUN
rUnstkf6qe4Ilhgx9fh7lVe6OjG5X20q3EZukExsuAqumjdVIW8FBFUMSjqPEc8P
q6wGbaBwsyFu0DbuG0JN0cHmUmz5fjLysL5ubSQaTPLidoslwhv7lNeB9HJQde0+
ib9WQDHE4b4uccICts/P4SkFBVckiY+gQcgKehiaPsAkB2Y2WWXzHPol0sY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:47:54 2025 by rpki-client