Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f69f6aa6-24c0-42f8-a58a-de895f292c3f.roa
File: f69f6aa6-24c0-42f8-a58a-de895f292c3f.roa (raw, json)
Hash identifier: 9IdKk2iK4hW67fzmeiTj2pm0NnpExCI93cAfEYKvy3A=
Subject key identifier: EA:7A:30:B2:9D:5B:EE:A9:9E:8E:91:98:D9:C2:19:E5:17:FE:6B:93
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 01911880B3E6E864EFC344B368A09E103A05FE9B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f69f6aa6-24c0-42f8-a58a-de895f292c3f.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 35.54.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:18:80:b3:e6:e8:64:ef:c3:44:b3:68:a0:9e:10:3a:05:fe:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=bc93631e789f38b51caf5c301491260cfc9f169a8f8d05cc5b75b592ebe641ef, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:23:3e:6e:17:8f:a3:66:24:7b:06:d3:4f:1e:
19:ff:83:f2:5b:e8:04:be:86:6b:b3:30:3c:a0:9d:
4f:68:ed:bf:79:60:be:74:f9:38:73:c9:c9:46:89:
79:4a:8a:e1:a0:3a:f8:ae:14:de:0b:03:c7:79:e4:
99:64:ad:f2:42:07:18:6d:26:e0:60:4a:68:c2:ee:
8f:a9:d7:56:7a:f3:92:96:14:d1:85:67:08:ab:77:
12:f2:cf:90:5d:78:50:b3:b9:ea:19:9e:76:ea:24:
0e:e5:b9:4c:34:0c:ed:c9:b2:99:2d:c3:3e:4e:b4:
c9:b2:74:27:a1:1c:3f:a8:e1:b9:3c:84:c3:b5:ad:
8d:02:5c:2f:4d:c9:7b:01:ba:e0:cd:56:82:bf:1b:
99:9a:76:db:61:b4:d4:48:11:4d:d4:58:0f:57:9a:
1a:98:de:7a:97:c5:7f:44:4b:b2:02:3b:ba:a3:75:
76:30:91:4e:5d:43:4b:e2:25:0e:09:35:06:16:5b:
cd:4c:59:4f:e8:cb:3e:46:a0:d8:a0:da:b1:bc:d1:
d4:cc:97:22:dd:78:ef:96:8f:fd:52:be:fd:db:98:
eb:44:e8:4f:3e:98:8c:d0:b3:fe:ab:c9:f5:d0:3f:
54:ea:90:9d:94:5f:40:59:bc:05:0b:81:26:1e:72:
16:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7A:30:B2:9D:5B:EE:A9:9E:8E:91:98:D9:C2:19:E5:17:FE:6B:93
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f69f6aa6-24c0-42f8-a58a-de895f292c3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.54.128.0/17
Signature Algorithm: sha256WithRSAEncryption
80:24:15:bb:b6:ac:45:09:0b:b6:8d:0c:be:93:da:f3:41:28:
1d:c0:7c:02:9a:e0:dd:8c:d4:cb:e2:42:da:eb:07:49:ec:c4:
b5:02:81:99:e1:6f:91:0f:ea:81:d8:58:34:cb:0f:55:0c:00:
4e:49:09:8b:94:9c:ca:3c:0d:1b:e1:e0:d6:cd:fd:f6:52:e2:
da:aa:1f:a8:db:4b:a8:ab:f1:a5:14:b2:ef:fc:de:97:91:8c:
6a:33:7f:59:a5:86:3a:24:71:e4:da:ed:07:23:2d:cc:c0:ae:
ad:f6:f1:2e:60:d2:27:6c:27:1d:44:59:14:fa:82:48:77:a4:
51:88:88:6b:8d:41:dc:61:00:21:8a:27:f2:f0:2b:42:aa:43:
41:5e:bf:fb:aa:b5:86:2a:78:5f:a0:50:35:6c:f1:e6:d5:1c:
49:a9:c2:b2:99:4a:7c:86:84:91:51:07:8b:48:59:0d:6a:34:
7d:b9:aa:33:09:f1:51:51:0d:64:8e:07:16:c2:59:a2:60:5a:
90:7f:e4:a1:55:48:d5:6e:27:46:78:42:1b:f8:00:0c:7c:ce:
50:ec:2d:77:1b:80:90:d7:50:d7:9d:29:b0:f1:83:06:82:ef:
26:7f:d5:8d:fc:da:c5:12:e3:b2:e3:fb:9d:21:9f:a5:1b:58:
a2:be:50:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAZEYgLPm6GTvw0SzaKCeEDoF/pswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYzkzNjMxZTc4OWYzOGI1MWNhZjVjMzAxNDkxMjYwY2Zj
OWYxNjlhOGY4ZDA1Y2M1Yjc1YjU5MmViZTY0MWVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMIz5uF4+jZiR7BtNPHhn/g/Jb6AS+hmuzMDygnU9o7b95
YL50+ThzyclGiXlKiuGgOviuFN4LA8d55JlkrfJCBxhtJuBgSmjC7o+p11Z685KW
FNGFZwirdxLyz5BdeFCzueoZnnbqJA7luUw0DO3Jspktwz5OtMmydCehHD+o4bk8
hMO1rY0CXC9NyXsBuuDNVoK/G5madtthtNRIEU3UWA9XmhqY3nqXxX9ES7ICO7qj
dXYwkU5dQ0viJQ4JNQYWW81MWU/oyz5GoNig2rG80dTMlyLdeO+Wj/1Svv3bmOtE
6E8+mIzQs/6ryfXQP1TqkJ2UX0BZvAULgSYechbJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6nowsp1b7qmejpGY2cIZ5Rf+a5MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2OWY2YWE2LTI0YzAtNDJmOC1hNThhLWRlODk1ZjI5MmMzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcjNoAwDQYJKoZIhvcNAQELBQADggEBAIAkFbu2rEUJC7aNDL6T2vNBKB3A
fAKa4N2M1MviQtrrB0nsxLUCgZnhb5EP6oHYWDTLD1UMAE5JCYuUnMo8DRvh4NbN
/fZS4tqqH6jbS6ir8aUUsu/83peRjGozf1mlhjokceTa7QcjLczArq328S5g0ids
Jx1EWRT6gkh3pFGIiGuNQdxhACGKJ/LwK0KqQ0Fev/uqtYYqeF+gUDVs8ebVHEmp
wrKZSnyGhJFRB4tIWQ1qNH25qjMJ8VFRDWSOBxbCWaJgWpB/5KFVSNVuJ0Z4Qhv4
AAx8zlDsLXcbgJDXUNedKbDxgwaC7yZ/1Y382sUS47Lj+50hn6UbWKK+UIo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:04:05 2025 by rpki-client