Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7ddad51-a389-42c0-a89c-1e539fa7f094.roa
File: e7ddad51-a389-42c0-a89c-1e539fa7f094.roa (raw, json)
Hash identifier: j5DkZaKZB5qoApZX/m4KIR34grh84z3sIgAuP0GLROk=
Subject key identifier: E7:01:7E:CF:32:B5:7B:22:8A:65:32:B0:36:31:65:48:CC:2F:98:66
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 34D3E7BFD99825397364D21F2B73296B81793873
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7ddad51-a389-42c0-a89c-1e539fa7f094.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f60:8020::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:d3:e7:bf:d9:98:25:39:73:64:d2:1f:2b:73:29:6b:81:79:38:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=fe9328a07492048f4c90ba6af32996ca51996471b4ff818b62bff02b709dd64a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:54:0c:c8:a0:34:77:a8:37:af:e9:98:50:a1:
7e:af:d6:7b:fc:03:b4:be:74:a1:a2:41:9d:d0:31:
fa:ea:d2:0f:9d:79:f3:1a:42:70:46:f8:ed:ff:29:
90:73:91:2a:77:9c:30:56:46:76:72:fa:5a:2f:84:
97:23:f3:98:9b:b6:e7:c2:5b:1c:6c:df:9f:54:ad:
2e:32:1c:dc:6e:db:c9:2f:de:07:42:94:33:f5:da:
ac:39:dd:a5:d1:14:8c:5f:1b:d9:ca:0d:f3:c0:a9:
95:35:82:b8:1d:a7:b6:85:a4:67:81:81:75:4b:e7:
cd:4e:66:86:22:ac:8a:b6:33:8d:76:31:3b:2a:41:
c4:2a:0e:30:c3:e7:55:32:3e:22:ac:99:cb:67:18:
40:a6:d9:97:b6:99:dc:33:37:5f:eb:72:05:b5:4f:
2b:06:40:9c:dd:e7:01:4b:47:f5:e8:88:1c:00:ae:
de:5c:f4:56:a8:4b:4d:06:e4:6b:2e:40:c2:b6:fe:
c1:a8:84:f3:93:49:6a:63:d4:a2:e2:48:ce:bf:01:
e1:94:17:83:83:b1:c5:28:66:d7:27:5e:1c:83:fd:
ca:5a:2c:bb:e6:10:dd:08:5d:48:22:a0:55:b0:bc:
c6:cc:a4:00:01:4e:0a:d3:6c:10:e9:31:c1:f1:ea:
ae:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:01:7E:CF:32:B5:7B:22:8A:65:32:B0:36:31:65:48:CC:2F:98:66
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7ddad51-a389-42c0-a89c-1e539fa7f094.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f60:8020::/46
Signature Algorithm: sha256WithRSAEncryption
85:7c:5f:78:09:41:4c:94:1f:1d:97:bb:a7:8e:2f:9a:12:0f:
57:92:fe:e3:1a:a5:28:77:de:96:25:4a:09:30:80:53:97:c4:
a0:d8:40:2f:ee:72:a7:0b:0f:08:42:0f:75:2c:aa:c1:39:0a:
01:c1:f3:87:bb:c2:7c:7f:b2:16:4e:d0:d7:5f:46:00:d6:1d:
3e:56:ad:12:89:9e:4f:34:2b:4e:24:cb:77:32:a3:21:4b:72:
5d:b7:78:f2:1e:53:50:5f:bf:8d:0a:eb:72:cd:f0:df:69:2e:
53:2e:07:9d:cc:dd:dd:9d:23:e6:73:5e:b2:41:3d:d4:01:97:
4b:33:d2:ad:50:52:2d:d9:41:6e:97:67:a8:98:67:81:30:3b:
96:02:99:d7:5a:09:e8:45:e9:54:10:a8:6a:37:96:c5:c2:47:
5c:fe:e0:cd:57:f3:e4:7c:0e:e2:54:15:5c:52:ac:cc:20:c5:
3d:7b:24:ba:49:47:90:93:99:d9:7d:25:83:cb:74:13:4c:c2:
d9:24:ac:b4:ba:23:c7:3c:3d:77:0e:05:3e:39:53:88:a7:00:
0f:9a:8a:fd:1d:a8:db:88:b7:4f:f1:7b:98:b8:c7:94:59:fd:
4d:08:fe:42:35:56:47:3c:ff:40:6a:b4:b2:6b:2f:09:85:cf:
3b:21:77:77
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNNPnv9mYJTlzZNIfK3Mpa4F5OHMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZTkzMjhhMDc0OTIwNDhmNGM5MGJhNmFmMzI5OTZjYTUx
OTk2NDcxYjRmZjgxOGI2MmJmZjAyYjcwOWRkNjRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrVAzIoDR3qDev6ZhQoX6v1nv8A7S+dKGiQZ3QMfrq0g+d
efMaQnBG+O3/KZBzkSp3nDBWRnZy+lovhJcj85ibtufCWxxs359UrS4yHNxu28kv
3gdClDP12qw53aXRFIxfG9nKDfPAqZU1grgdp7aFpGeBgXVL581OZoYirIq2M412
MTsqQcQqDjDD51UyPiKsmctnGECm2Ze2mdwzN1/rcgW1TysGQJzd5wFLR/XoiBwA
rt5c9FaoS00G5GsuQMK2/sGohPOTSWpj1KLiSM6/AeGUF4ODscUoZtcnXhyD/cpa
LLvmEN0IXUgioFWwvMbMpAABTgrTbBDpMcHx6q5tAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU5wF+zzK1eyKKZTKwNjFlSMwvmGYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3ZGRhZDUxLWEzODktNDJjMC1hODljLTFlNTM5ZmE3ZjA5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9ggCAwDQYJKoZIhvcNAQELBQADggEBAIV8X3gJQUyUHx2Xu6eOL5oS
D1eS/uMapSh33pYlSgkwgFOXxKDYQC/ucqcLDwhCD3UsqsE5CgHB84e7wnx/shZO
0NdfRgDWHT5WrRKJnk80K04ky3cyoyFLcl23ePIeU1Bfv40K63LN8N9pLlMuB53M
3d2dI+ZzXrJBPdQBl0sz0q1QUi3ZQW6XZ6iYZ4EwO5YCmddaCehF6VQQqGo3lsXC
R1z+4M1X8+R8DuJUFVxSrMwgxT17JLpJR5CTmdl9JYPLdBNMwtkkrLS6I8c8PXcO
BT45U4inAA+aiv0dqNuIt0/xe5i4x5RZ/U0I/kI1Vkc8/0BqtLJrLwmFzzshd3c=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:54 2025 by rpki-client