Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2044088-ab16-455f-9c25-f6db0c57ec62.roa
File: f2044088-ab16-455f-9c25-f6db0c57ec62.roa (raw, json)
Hash identifier: mTlCWRJG/GUQRkQs4ruviw8XmNTMzRqRzCuXlVv6sBQ=
Subject key identifier: 61:9E:6E:AD:20:C6:72:B0:26:E8:60:C0:8C:3D:9D:8D:17:9A:82:6E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 20BFDD6DCFA1F04C613C09FB618290838EF78F65
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2044088-ab16-455f-9c25-f6db0c57ec62.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 207.8.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:bf:dd:6d:cf:a1:f0:4c:61:3c:09:fb:61:82:90:83:8e:f7:8f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=c28ae63f6f09af7634cdc8d02d3f280189ad507c150a4d1c5cec8e4d1e9a42db, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:70:8e:22:c2:74:75:23:8e:88:6f:3a:2d:3c:
5a:ce:4e:da:0b:dd:00:6b:da:b3:58:8a:96:c8:6b:
42:e9:ee:27:bd:0e:6c:00:24:de:df:c2:96:dd:a1:
50:b2:1b:64:69:06:b5:04:66:67:f2:81:2b:7f:19:
3b:46:33:b1:f4:5d:63:23:ff:21:07:62:53:f6:dc:
33:79:02:0d:61:99:d8:10:e1:f6:e7:f9:a4:94:24:
82:fc:b5:4f:a1:03:6d:06:57:11:21:96:3c:7d:a2:
33:e8:4a:63:0d:ef:29:3c:10:0f:75:39:eb:4b:55:
4e:1f:08:66:89:a2:08:79:ec:d8:d8:28:e0:ea:b4:
df:f6:04:b7:6a:c1:62:9d:b6:db:3c:96:3c:17:b9:
f0:3d:d7:e7:e3:e4:67:33:2d:80:5f:16:b4:4a:2d:
83:cd:c8:21:d3:4d:25:6c:dd:1d:3e:ed:b5:ce:d4:
0e:49:ac:9e:cf:45:92:77:13:71:7c:bc:d9:d5:12:
7e:54:2f:45:41:df:02:67:eb:3b:43:65:60:88:24:
75:10:48:ac:05:95:4e:61:26:fe:4f:43:02:fb:cd:
9e:08:3c:27:15:73:0a:36:f2:c2:89:61:f3:65:ba:
23:28:93:01:38:51:da:09:12:78:a2:b8:83:89:dd:
60:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9E:6E:AD:20:C6:72:B0:26:E8:60:C0:8C:3D:9D:8D:17:9A:82:6E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2044088-ab16-455f-9c25-f6db0c57ec62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.8.224.0/20
Signature Algorithm: sha256WithRSAEncryption
85:13:fc:4a:0e:e0:16:b5:ee:2e:fb:4b:d2:af:f1:31:ec:6e:
a8:44:82:39:91:6e:38:c5:07:ef:6b:e2:7d:a0:5a:66:e9:59:
9f:51:42:05:db:6d:c6:c1:a9:27:2b:0f:10:7f:3f:7a:ac:c5:
13:17:3b:e4:a1:b6:01:61:56:e5:5e:02:0b:16:bd:57:9a:0f:
6b:76:9e:77:1e:cc:7b:f8:d7:f8:2b:ce:ff:f7:07:36:0a:99:
17:8b:37:91:87:ff:a6:67:86:ff:ca:44:93:d9:5d:eb:c0:23:
b1:15:b3:7f:7e:c0:a5:eb:be:f7:c8:c7:75:71:f3:4b:38:bf:
a3:a5:c6:2b:28:4e:e9:34:8d:fa:5b:18:85:6b:a3:0b:e9:fa:
f0:42:11:aa:e8:0c:3f:e5:9f:63:d6:be:4b:de:5e:be:85:94:
7b:d3:b7:27:8f:46:24:b8:2a:34:24:bd:0a:cd:70:df:27:48:
0d:30:c4:14:86:80:52:ff:3b:ff:c9:5b:36:ba:c9:7f:09:69:
14:73:73:3a:a2:40:76:7f:f0:c3:3f:8c:ff:f2:35:f6:2d:4e:
73:61:43:c3:dc:3b:f2:96:7c:29:bf:92:3e:35:7e:ab:e1:25:
6b:1a:35:ae:d0:b1:e0:cb:e0:2f:2f:8e:05:36:de:ca:ac:45:
49:2e:63:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIL/dbc+h8ExhPAn7YYKQg473j2UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMjhhZTYzZjZmMDlhZjc2MzRjZGM4ZDAyZDNmMjgwMTg5
YWQ1MDdjMTUwYTRkMWM1Y2VjOGU0ZDFlOWE0MmRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChcI4iwnR1I46IbzotPFrOTtoL3QBr2rNYipbIa0Lp7ie9
DmwAJN7fwpbdoVCyG2RpBrUEZmfygSt/GTtGM7H0XWMj/yEHYlP23DN5Ag1hmdgQ
4fbn+aSUJIL8tU+hA20GVxEhljx9ojPoSmMN7yk8EA91OetLVU4fCGaJogh57NjY
KODqtN/2BLdqwWKdtts8ljwXufA91+fj5GczLYBfFrRKLYPNyCHTTSVs3R0+7bXO
1A5JrJ7PRZJ3E3F8vNnVEn5UL0VB3wJn6ztDZWCIJHUQSKwFlU5hJv5PQwL7zZ4I
PCcVcwo28sKJYfNluiMokwE4UdoJEniiuIOJ3WCHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYZ5urSDGcrAm6GDAjD2djReagm4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyMDQ0MDg4LWFiMTYtNDU1Zi05YzI1LWY2ZGIwYzU3ZWM2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATPCOAwDQYJKoZIhvcNAQELBQADggEBAIUT/EoO4Ba17i77S9Kv8THsbqhE
gjmRbjjFB+9r4n2gWmbpWZ9RQgXbbcbBqScrDxB/P3qsxRMXO+ShtgFhVuVeAgsW
vVeaD2t2nncezHv41/grzv/3BzYKmReLN5GH/6Znhv/KRJPZXevAI7EVs39+wKXr
vvfIx3Vx80s4v6OlxisoTuk0jfpbGIVrowvp+vBCEaroDD/ln2PWvkveXr6FlHvT
tyePRiS4KjQkvQrNcN8nSA0wxBSGgFL/O//JWza6yX8JaRRzczqiQHZ/8MM/jP/y
NfYtTnNhQ8PcO/KWfCm/kj41fqvhJWsaNa7QseDL4C8vjgU23sqsRUkuY10=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:47:44 2025 by rpki-client