Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6a4d269-cf27-44e3-b216-0406a7e00f0c.roa
File: f6a4d269-cf27-44e3-b216-0406a7e00f0c.roa (raw, json)
Hash identifier: +beXUmXG2debmRlXiUqJ3try5ieRtZvjtwDPhtMICEo=
Subject key identifier: 64:0D:36:28:60:4F:E7:2D:CE:A9:EA:5D:89:2E:0A:7C:ED:47:01:4B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 03D71B942F8FA4DA9E1852B6344640B6A5B5F6B5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6a4d269-cf27-44e3-b216-0406a7e00f0c.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 66.152.160.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:d7:1b:94:2f:8f:a4:da:9e:18:52:b6:34:46:40:b6:a5:b5:f6:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=df2067694e62d24f8920c3eb8bb5e856517fd6984e942047f93c8bb3e5ab490e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b2:fb:09:0a:f9:fd:db:22:be:76:a6:23:d0:
79:0d:74:84:62:1a:6b:32:5e:71:ff:ab:96:0b:3b:
f9:d6:26:fb:2f:66:4a:0e:ef:d8:07:cb:44:83:1b:
ab:3c:c7:77:1b:67:ee:3e:63:5e:ca:b2:13:d2:75:
fa:cc:c1:76:48:8a:6f:b6:0f:76:2a:b2:f6:fc:e5:
fe:8c:23:a5:ee:a4:e4:6a:8f:24:7c:d8:a1:8a:fe:
2c:ad:c0:60:ed:90:10:40:2f:16:ff:a6:da:fd:59:
c4:20:91:2c:7d:2d:f0:71:85:c3:f2:8b:bf:94:d4:
60:3f:57:06:8b:cb:d2:46:04:44:6b:54:62:6c:b6:
53:ab:31:4d:f4:f2:80:93:77:bb:4d:fd:71:70:02:
64:f3:0a:55:ef:60:28:38:bf:ac:77:4a:84:27:f4:
74:12:4e:90:e4:00:69:37:ef:4f:3b:6f:55:43:99:
97:70:c1:02:77:4a:76:a5:2e:7c:d2:c6:70:3a:78:
60:41:bc:52:ff:a3:2a:22:0c:06:77:3d:95:72:c5:
46:4a:29:aa:6c:0f:71:0f:54:9a:da:36:e8:15:7a:
27:4c:08:bf:82:4e:46:1f:53:cd:3c:22:fc:f8:0b:
7d:2e:0d:24:cc:05:16:ca:c1:0f:6d:74:1e:74:29:
6a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0D:36:28:60:4F:E7:2D:CE:A9:EA:5D:89:2E:0A:7C:ED:47:01:4B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6a4d269-cf27-44e3-b216-0406a7e00f0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.152.160.0/19
Signature Algorithm: sha256WithRSAEncryption
20:84:ae:85:32:cb:48:91:28:4c:b3:27:1d:f8:2c:7b:6d:00:
27:e0:8a:cd:4b:71:32:41:e7:c7:d0:6c:ae:fc:07:17:ec:74:
5f:ab:89:42:89:ed:cd:2d:a2:eb:74:4e:50:e9:a2:da:a4:eb:
22:83:b0:2a:84:63:00:5d:a1:f4:d3:95:a3:2c:0f:28:41:7f:
40:46:2a:f7:4d:1c:22:b6:ec:ca:9a:f4:fb:ee:bb:4d:42:30:
66:bf:55:91:2a:2e:67:40:db:bc:ca:80:0a:b1:f7:8c:84:ee:
f3:7d:f3:25:6f:c2:9d:e6:60:e5:6c:52:aa:2e:c5:e9:de:73:
f7:94:8e:55:25:f2:32:d0:b9:78:0c:21:d3:0d:b0:99:2a:a8:
72:94:8a:60:30:01:7f:6c:07:27:8b:11:6e:9a:74:09:93:3b:
0e:3e:c1:55:94:1b:0e:ef:7b:83:a6:d7:17:7a:63:9c:66:a7:
80:fa:45:d2:ee:70:41:9a:12:46:29:ee:b0:01:ee:ce:df:83:
5a:eb:54:db:16:c1:ef:d5:06:bb:92:73:48:bd:b1:ff:bb:e5:
55:a9:ef:5f:a2:eb:ae:6b:e2:8b:94:1f:af:3f:33:73:45:a9:
01:25:6e:4f:32:81:21:dc:24:c3:ca:90:d4:8a:15:ce:e1:5d:
2d:14:43:fa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA9cblC+PpNqeGFK2NEZAtqW19rUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZjIwNjc2OTRlNjJkMjRmODkyMGMzZWI4YmI1ZTg1NjUx
N2ZkNjk4NGU5NDIwNDdmOTNjOGJiM2U1YWI0OTBlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYsvsJCvn92yK+dqYj0HkNdIRiGmsyXnH/q5YLO/nWJvsv
ZkoO79gHy0SDG6s8x3cbZ+4+Y17KshPSdfrMwXZIim+2D3Yqsvb85f6MI6XupORq
jyR82KGK/iytwGDtkBBALxb/ptr9WcQgkSx9LfBxhcPyi7+U1GA/VwaLy9JGBERr
VGJstlOrMU308oCTd7tN/XFwAmTzClXvYCg4v6x3SoQn9HQSTpDkAGk37087b1VD
mZdwwQJ3SnalLnzSxnA6eGBBvFL/oyoiDAZ3PZVyxUZKKapsD3EPVJraNugVeidM
CL+CTkYfU808Ivz4C30uDSTMBRbKwQ9tdB50KWpjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZA02KGBP5y3OqepdiS4KfO1HAUswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2YTRkMjY5LWNmMjctNDRlMy1iMjE2LTA0MDZhN2UwMGYwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVCmKAwDQYJKoZIhvcNAQELBQADggEBACCEroUyy0iRKEyzJx34LHttACfg
is1LcTJB58fQbK78BxfsdF+riUKJ7c0tout0TlDpotqk6yKDsCqEYwBdofTTlaMs
DyhBf0BGKvdNHCK27Mqa9Pvuu01CMGa/VZEqLmdA27zKgAqx94yE7vN98yVvwp3m
YOVsUqouxenec/eUjlUl8jLQuXgMIdMNsJkqqHKUimAwAX9sByeLEW6adAmTOw4+
wVWUGw7ve4Om1xd6Y5xmp4D6RdLucEGaEkYp7rAB7s7fg1rrVNsWwe/VBruSc0i9
sf+75VWp71+i665r4ouUH68/M3NFqQElbk8ygSHcJMPKkNSKFc7hXS0UQ/o=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:40:56 2025 by rpki-client