Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6d710e1-f121-4a0f-9f06-513635c73812.roa
File: d6d710e1-f121-4a0f-9f06-513635c73812.roa (raw, json)
Hash identifier: xNbyNOgQiHQWGCx1YIEUNFgaZVuWeokHC8dz6yxP6+g=
Subject key identifier: 47:95:E0:7F:08:91:54:9F:41:17:2E:36:86:89:6F:07:DE:D2:42:33
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 20A5C001B6DB852B9566F35E8724D923357FC0EB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6d710e1-f121-4a0f-9f06-513635c73812.roa
Signing time: Mon 09 Dec 2024 00:00:00 +0000
ROA not before: Mon 09 Dec 2024 00:00:00 +0000
ROA not after: Mon 13 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 136.18.136.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a5:c0:01:b6:db:85:2b:95:66:f3:5e:87:24:d9:23:35:7f:c0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 9 00:00:00 2024 GMT
Not After : Jan 13 23:59:59 2025 GMT
Subject: serialNumber=ab5c5bb3bbef7608485339e19d98142560aafeff10d6e8fd54fe8a070aca4023, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5a:57:72:48:de:35:51:96:14:71:99:81:dd:
72:3c:22:51:ff:4c:36:80:69:c8:77:48:69:53:ba:
0a:ef:47:bb:12:ed:3b:84:93:c1:0a:f4:5b:53:b9:
cd:52:ec:cf:75:48:a4:29:6e:73:27:99:47:3d:f8:
b7:80:e7:46:b4:af:09:4d:3b:53:63:45:70:52:bb:
51:51:09:94:e6:9e:8d:92:94:52:d5:5c:17:03:12:
a5:9d:a1:09:d0:6f:3a:b3:cc:85:b0:54:4a:d8:a3:
30:4d:a8:df:58:11:4b:3e:02:e0:1e:2b:4b:c8:de:
8a:77:c7:06:49:9b:66:9e:67:49:a4:19:5b:12:c3:
e5:da:f4:7e:5e:4d:3d:bb:97:05:d7:cc:19:e0:d9:
90:b6:36:6e:01:62:7b:b8:3f:f8:a1:eb:76:36:cb:
00:f0:07:ea:fc:24:c1:c8:1a:5b:81:63:06:cb:72:
b9:06:e5:67:a7:09:e7:64:a2:92:9a:97:01:17:1b:
25:c6:63:5b:33:e3:ea:34:02:ee:01:38:44:10:e4:
c9:9a:e9:80:79:14:61:23:9b:2b:aa:ea:c7:6e:a3:
9a:5e:b8:62:77:76:21:32:f3:6e:cc:14:37:d8:7e:
60:f0:ac:5e:ea:b6:61:46:fe:81:69:6e:de:cd:1e:
2b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:95:E0:7F:08:91:54:9F:41:17:2E:36:86:89:6F:07:DE:D2:42:33
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6d710e1-f121-4a0f-9f06-513635c73812.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.18.136.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:d8:b2:15:7b:e4:91:0e:d8:ce:b4:14:47:2d:96:4d:a5:46:
49:bf:65:f0:db:ca:3e:29:99:56:79:88:dc:9f:4f:9a:f7:14:
fe:80:ab:e6:f1:91:46:55:3e:e1:78:41:40:d3:f9:2d:83:5a:
4e:b4:02:f9:c8:66:92:9b:f4:09:53:64:10:cd:db:41:37:dc:
d9:ce:0b:52:a4:dc:ca:e6:fd:11:3b:b2:06:b2:77:ba:7a:c0:
e0:3d:aa:d6:92:a8:8a:3c:9f:8f:24:18:a5:92:77:f2:a2:99:
5b:29:f6:d2:df:8e:21:45:fa:60:7c:6e:97:63:91:c4:b6:4e:
d8:44:d2:90:9f:81:b2:01:5e:8e:81:39:a5:c0:f3:c5:b4:75:
f0:16:71:b8:ce:7e:bc:be:9c:41:5f:b4:b6:00:6a:67:13:7d:
a3:fa:da:14:d2:9a:0b:61:09:a2:5b:8b:e2:5c:6a:6c:0d:d6:
ec:f6:84:c4:68:12:ed:14:b1:45:d9:b7:f7:74:e2:47:53:93:
70:f2:18:e2:6a:72:4b:56:fc:fe:a3:aa:db:4a:3f:cf:39:79:
27:7c:e7:22:86:5e:b4:a2:4f:aa:c8:08:cb:28:e3:00:f3:ad:
ec:a9:c8:56:56:a8:80:1d:0b:8d:66:47:99:27:09:ad:83:53:
b0:6c:75:9d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIKXAAbbbhSuVZvNehyTZIzV/wOswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjA5MDAwMDAwWhcNMjUwMTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjVjNWJiM2JiZWY3NjA4NDg1MzM5ZTE5ZDk4MTQyNTYw
YWFmZWZmMTBkNmU4ZmQ1NGZlOGEwNzBhY2E0MDIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJWldySN41UZYUcZmB3XI8IlH/TDaAach3SGlTugrvR7sS
7TuEk8EK9FtTuc1S7M91SKQpbnMnmUc9+LeA50a0rwlNO1NjRXBSu1FRCZTmno2S
lFLVXBcDEqWdoQnQbzqzzIWwVErYozBNqN9YEUs+AuAeK0vI3op3xwZJm2aeZ0mk
GVsSw+Xa9H5eTT27lwXXzBng2ZC2Nm4BYnu4P/ih63Y2ywDwB+r8JMHIGluBYwbL
crkG5WenCedkopKalwEXGyXGY1sz4+o0Au4BOEQQ5Mma6YB5FGEjmyuq6sduo5pe
uGJ3diEy827MFDfYfmDwrF7qtmFG/oFpbt7NHitTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUR5XgfwiRVJ9BFy42holvB97SQjMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q2ZDcxMGUxLWYxMjEtNGEwZi05ZjA2LTUxMzYzNWM3MzgxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGIEogwDQYJKoZIhvcNAQELBQADggEBAMTYshV75JEO2M60FEctlk2lRkm/
ZfDbyj4pmVZ5iNyfT5r3FP6Aq+bxkUZVPuF4QUDT+S2DWk60AvnIZpKb9AlTZBDN
20E33NnOC1Kk3Mrm/RE7sgayd7p6wOA9qtaSqIo8n48kGKWSd/KimVsp9tLfjiFF
+mB8bpdjkcS2TthE0pCfgbIBXo6BOaXA88W0dfAWcbjOfry+nEFftLYAamcTfaP6
2hTSmgthCaJbi+JcamwN1uz2hMRoEu0UsUXZt/d04kdTk3DyGOJqcktW/P6jqttK
P885eSd85yKGXrSiT6rICMso4wDzreypyFZWqIAdC41mR5knCa2DU7BsdZ0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:20:40 2025 by rpki-client