Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc1d5baf-aa6e-4c1f-9f89-83b1ff1395ea.roa
File: dc1d5baf-aa6e-4c1f-9f89-83b1ff1395ea.roa (raw, json)
Hash identifier: yPGh4m3Osug7sAM1e6U1z36DYcIYlecVHG5cby+n+qk=
Subject key identifier: 0B:AA:0E:FF:45:D0:D9:BD:94:FC:D7:AC:1E:D5:E7:58:C9:18:10:EF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 117D3EDB4B41CEE05EAB388C3BAA331DBA587DAB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc1d5baf-aa6e-4c1f-9f89-83b1ff1395ea.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 96.0.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:7d:3e:db:4b:41:ce:e0:5e:ab:38:8c:3b:aa:33:1d:ba:58:7d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=362fbe16d3fa7bd4dad05d6c53ddbd966242c0bd90b1df9c245bec37cc8d5618, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:77:74:7a:8c:49:11:21:32:b3:e9:c1:b0:
5a:0d:bc:27:02:4d:66:f5:7e:c4:f9:4a:73:33:2d:
f2:4c:b3:41:7b:6c:27:a4:36:90:94:2b:16:1c:64:
71:69:8e:a0:ac:cc:43:9e:44:de:ec:a0:7d:83:32:
32:4a:1f:34:23:33:9e:91:64:7a:46:a6:94:8f:68:
a4:22:d1:4d:84:95:a2:c4:a6:73:23:83:4b:bd:7b:
28:e1:8c:b7:e7:e0:bf:1a:96:d9:0c:39:11:e5:9c:
52:80:08:7a:0a:2d:35:81:72:87:e7:d2:46:c3:6a:
9d:33:a4:48:d9:e8:4e:cb:cf:92:02:b6:b8:a2:14:
f6:b2:be:8d:a7:a6:16:7b:06:52:95:e4:92:41:5f:
89:4d:b3:ae:b1:72:e9:7a:ca:ff:70:cd:01:1e:67:
e9:ae:e3:14:aa:6b:f3:f8:5e:8b:3e:f6:3f:1c:07:
90:09:75:fb:20:37:e2:b4:07:98:1b:6a:8a:b9:f8:
c0:00:4a:19:a4:ae:75:84:58:87:e1:ca:47:40:d2:
ab:a2:86:e1:31:48:47:76:02:98:46:bc:1c:18:ea:
b1:4f:f9:90:84:45:45:9f:e0:80:40:cb:1e:33:77:
b4:06:eb:5b:1b:11:d6:bf:a9:09:ac:dd:45:2c:ac:
1b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AA:0E:FF:45:D0:D9:BD:94:FC:D7:AC:1E:D5:E7:58:C9:18:10:EF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc1d5baf-aa6e-4c1f-9f89-83b1ff1395ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:55:37:cb:36:1c:b5:1f:07:b3:63:25:37:88:61:2d:4e:70:
e0:cc:66:db:84:17:97:b0:66:fd:38:7d:67:29:19:31:9b:bc:
27:7c:1e:73:64:05:2f:8b:0a:48:0f:d8:20:fc:fc:02:d6:b2:
0b:be:b0:9d:34:51:29:87:5f:14:20:58:1f:c5:16:14:80:6f:
51:88:a0:19:81:5a:5b:90:dc:19:0a:cf:1f:ce:99:fa:7d:4e:
c0:8e:ec:44:2d:14:b1:b5:1c:a1:a7:c0:7a:83:1f:eb:65:38:
a7:31:b6:19:72:e3:01:84:57:6a:63:bc:80:61:f5:cc:8c:7a:
d9:a7:87:00:1e:14:a8:ad:d5:b1:9b:ab:a4:7e:ed:30:e3:bd:
42:4e:86:5e:c5:5a:e3:90:bb:98:29:35:8d:18:dc:c9:ff:4b:
c3:07:ba:f8:fb:9f:34:cb:2b:1b:af:5c:a5:e9:f8:bd:88:8a:
0e:64:30:74:8e:b3:49:9e:91:d3:7d:6c:5f:2e:4c:6c:cb:b3:
70:92:2a:d0:5b:cc:18:74:92:1f:8b:71:2f:75:52:c7:ac:f6:
cd:46:19:a4:bd:1e:be:61:35:8d:39:d9:a9:6f:5f:67:2e:05:
c0:97:4f:6f:53:ab:2a:f2:9b:2d:ad:bb:d2:68:21:d6:b3:36:
cb:e7:07:16
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEX0+20tBzuBeqziMO6ozHbpYfaswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjJmYmUxNmQzZmE3YmQ0ZGFkMDVkNmM1M2RkYmQ5NjYy
NDJjMGJkOTBiMWRmOWMyNDViZWMzN2NjOGQ1NjE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvOHd0eoxJESEys+nBsFoNvCcCTWb1fsT5SnMzLfJMs0F7
bCekNpCUKxYcZHFpjqCszEOeRN7soH2DMjJKHzQjM56RZHpGppSPaKQi0U2ElaLE
pnMjg0u9eyjhjLfn4L8altkMORHlnFKACHoKLTWBcofn0kbDap0zpEjZ6E7Lz5IC
triiFPayvo2nphZ7BlKV5JJBX4lNs66xcul6yv9wzQEeZ+mu4xSqa/P4Xos+9j8c
B5AJdfsgN+K0B5gbaoq5+MAAShmkrnWEWIfhykdA0quihuExSEd2AphGvBwY6rFP
+ZCERUWf4IBAyx4zd7QG61sbEda/qQms3UUsrBv1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUC6oO/0XQ2b2U/NesHtXnWMkYEO8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RjMWQ1YmFmLWFhNmUtNGMxZi05Zjg5LTgzYjFmZjEzOTVlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBgADANBgkqhkiG9w0BAQsFAAOCAQEAh1U3yzYctR8Hs2MlN4hhLU5w4Mxm
24QXl7Bm/Th9ZykZMZu8J3wec2QFL4sKSA/YIPz8AtayC76wnTRRKYdfFCBYH8UW
FIBvUYigGYFaW5DcGQrPH86Z+n1OwI7sRC0UsbUcoafAeoMf62U4pzG2GXLjAYRX
amO8gGH1zIx62aeHAB4UqK3VsZurpH7tMOO9Qk6GXsVa45C7mCk1jRjcyf9Lwwe6
+PufNMsrG69cpen4vYiKDmQwdI6zSZ6R031sXy5MbMuzcJIq0FvMGHSSH4txL3VS
x6z2zUYZpL0evmE1jTnZqW9fZy4FwJdPb1OrKvKbLa270mgh1rM2y+cHFg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:19:31 2025 by rpki-client