Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fea3da01-528b-4bf6-a63c-610a67f5eec1.roa
File: fea3da01-528b-4bf6-a63c-610a67f5eec1.roa (raw, json)
Hash identifier: mMRbxcindVZF79g+uzXCPJmyUZQJ8HegJaYQHNyT/Eg=
Subject key identifier: 75:0E:7F:C8:5A:0A:C9:1A:49:80:DC:A7:33:E1:33:CB:73:0E:4D:8E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6E4DACBF586CDA243F016496562D17EB7839C826
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fea3da01-528b-4bf6-a63c-610a67f5eec1.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 5.60.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:4d:ac:bf:58:6c:da:24:3f:01:64:96:56:2d:17:eb:78:39:c8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=b8f9dbff65d216f96b35aa824cc3183ef214dc3ab54f20c429e7a5ad0b0ebcda, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a3:6b:30:92:d5:17:d9:a8:58:98:4d:b3:b1:
df:12:ac:03:b6:1d:e7:b6:e3:b3:5e:54:29:cc:9b:
3e:8a:e4:e2:c6:a8:21:26:d0:28:ad:ee:c8:b4:7e:
31:70:26:a5:ed:3e:80:94:2c:c3:cb:91:c8:7a:4f:
cc:ec:ac:b7:a4:c2:c3:2d:c6:f9:17:c9:62:66:0c:
b1:17:de:02:d1:91:b0:9e:8f:2e:ef:26:df:06:d2:
36:d1:4a:c0:d7:b5:b7:76:4f:3f:50:ec:fd:78:34:
a7:a9:95:19:5a:bd:5f:94:ea:46:6c:87:07:00:d6:
42:33:b8:df:1d:87:db:91:3b:73:cf:13:39:49:34:
41:00:fe:b8:c1:72:39:bb:5e:d4:89:9e:7b:82:8c:
8a:de:44:86:18:fd:f3:44:59:93:11:75:d5:21:74:
4c:a1:67:48:5a:c9:25:53:74:ac:e5:f2:89:c0:83:
b4:fb:a3:cc:51:b3:cd:0c:59:71:88:9b:11:86:03:
11:4a:a7:10:f1:4e:7e:ff:0f:4f:be:fd:3e:fa:ba:
55:6b:38:1e:8c:2e:50:79:be:5d:73:75:49:14:46:
89:70:0a:ff:4e:1e:fe:7d:1e:9b:49:c3:1d:af:6b:
d0:15:e0:e4:df:f4:67:f3:c7:14:b2:0f:78:59:70:
7d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0E:7F:C8:5A:0A:C9:1A:49:80:DC:A7:33:E1:33:CB:73:0E:4D:8E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fea3da01-528b-4bf6-a63c-610a67f5eec1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.204.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:90:5f:f6:aa:14:2a:b7:67:69:84:b9:54:89:db:68:9b:52:
5c:8a:45:8a:88:70:52:55:0a:37:f4:bd:e8:c6:5c:46:07:fa:
f0:d8:d8:54:ce:3e:a6:c4:8d:db:14:57:c2:e7:96:61:47:ab:
83:9c:2e:8f:34:5d:3f:b4:79:84:53:2f:12:cf:dc:95:80:12:
02:11:78:ed:79:de:14:9c:13:d6:aa:a4:63:70:c1:3c:48:af:
17:0b:bd:7e:c7:ce:94:2d:43:36:5f:26:08:80:e1:40:fe:f8:
12:09:41:b8:ce:2d:a9:0c:36:8e:da:83:a4:20:c1:44:b5:04:
31:b6:ba:9f:90:5c:a6:4a:a6:7f:e4:01:d5:b1:ab:2d:4a:17:
fc:1f:9e:f9:87:bd:27:eb:d6:30:48:3a:9a:a8:d1:f2:a4:21:
65:08:9d:e1:ef:ad:f2:0e:2d:f2:51:2f:e0:e8:07:0f:a7:cb:
86:86:f3:4c:a5:29:49:33:53:8b:4d:60:48:84:bc:b7:13:a0:
82:57:83:6e:50:f1:66:65:69:3a:e6:f6:10:0f:c8:38:a7:f4:
1c:2c:c3:de:b9:c9:e9:8f:dc:36:99:b9:ca:3d:40:04:1a:e6:
92:65:be:e9:d1:34:87:99:92:f2:e3:74:66:b3:3f:6d:a8:a1:
b0:9c:62:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbk2sv1hs2iQ/AWSWVi0X63g5yCYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiOGY5ZGJmZjY1ZDIxNmY5NmIzNWFhODI0Y2MzMTgzZWYy
MTRkYzNhYjU0ZjIwYzQyOWU3YTVhZDBiMGViY2RhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCto2swktUX2ahYmE2zsd8SrAO2Hee247NeVCnMmz6K5OLG
qCEm0Cit7si0fjFwJqXtPoCULMPLkch6T8zsrLekwsMtxvkXyWJmDLEX3gLRkbCe
jy7vJt8G0jbRSsDXtbd2Tz9Q7P14NKeplRlavV+U6kZshwcA1kIzuN8dh9uRO3PP
EzlJNEEA/rjBcjm7XtSJnnuCjIreRIYY/fNEWZMRddUhdEyhZ0haySVTdKzl8onA
g7T7o8xRs80MWXGImxGGAxFKpxDxTn7/D0++/T76ulVrOB6MLlB5vl1zdUkURolw
Cv9OHv59HptJwx2va9AV4OTf9GfzxxSyD3hZcH1/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdQ5/yFoKyRpJgNynM+Ezy3MOTY4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZlYTNkYTAxLTUyOGItNGJmNi1hNjNjLTYxMGE2N2Y1ZWVjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIFPMwwDQYJKoZIhvcNAQELBQADggEBAE+QX/aqFCq3Z2mEuVSJ22ibUlyK
RYqIcFJVCjf0vejGXEYH+vDY2FTOPqbEjdsUV8LnlmFHq4OcLo80XT+0eYRTLxLP
3JWAEgIReO153hScE9aqpGNwwTxIrxcLvX7HzpQtQzZfJgiA4UD++BIJQbjOLakM
No7ag6QgwUS1BDG2up+QXKZKpn/kAdWxqy1KF/wfnvmHvSfr1jBIOpqo0fKkIWUI
neHvrfIOLfJRL+DoBw+ny4aG80ylKUkzU4tNYEiEvLcToIJXg25Q8WZlaTrm9hAP
yDin9Bwsw965yemP3DaZuco9QAQa5pJlvunRNIeZkvLjdGazP22oobCcYqY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:16 2025 by rpki-client