Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ff02f7c0-0a68-43bd-ba68-47b4f3858693.roa
File: ff02f7c0-0a68-43bd-ba68-47b4f3858693.roa (raw, json)
Hash identifier: 4BzVLE8y8qX4Oz0WhSZhGJqLnIND4VE+bAghgNq8yYk=
Subject key identifier: E9:8D:C0:92:C9:E3:4A:EF:70:6C:2E:B6:7B:EA:54:5C:DE:F9:ED:FF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 701F38A2ED997E60F270EC0F7E0AC33A207B86C2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ff02f7c0-0a68-43bd-ba68-47b4f3858693.roa
Signing time: Sat 28 Dec 2024 00:00:00 +0000
ROA not before: Sat 28 Dec 2024 00:00:00 +0000
ROA not after: Sat 01 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 16.208.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:1f:38:a2:ed:99:7e:60:f2:70:ec:0f:7e:0a:c3:3a:20:7b:86:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 28 00:00:00 2024 GMT
Not After : Feb 1 23:59:59 2025 GMT
Subject: serialNumber=75c67d7747618afb8e54316bd32c8ae182c0bb7c0194cb2a1d50159dba343a38, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:34:1b:15:e2:74:5a:53:67:04:84:87:eb:f8:
17:2b:77:f4:28:3d:57:f4:d4:bf:f1:bc:1d:b4:92:
35:4f:8f:fd:24:24:b9:fe:4a:1e:e5:9a:2c:a8:f7:
8e:e7:86:42:c2:85:25:dc:40:85:8f:f0:8e:c5:ea:
c0:a8:d8:eb:8f:f5:8b:8f:e3:3e:53:c6:4e:29:4c:
d6:48:bb:05:7f:17:7a:26:e6:e6:d8:57:7d:d5:15:
71:4e:69:86:4d:57:05:39:d7:a5:c4:8b:ac:86:ee:
4c:51:88:f6:1a:ab:b9:e9:e6:25:6f:b8:7c:a7:45:
38:6a:72:0a:f7:96:da:5e:8b:0a:e3:40:fa:86:d6:
88:7d:18:16:68:a7:81:88:c4:01:b8:26:21:c2:d0:
75:0d:29:25:2e:d1:5e:8a:21:65:81:95:e7:c2:04:
a4:90:a3:00:1e:7c:34:14:f1:98:ef:02:d5:32:02:
14:d5:ae:a3:74:ff:40:0b:19:a3:f3:af:28:7d:25:
fc:17:86:a7:8a:c0:fd:78:27:96:13:74:f3:b5:fb:
b8:7c:81:a7:14:2c:ed:21:e2:71:3a:2a:d4:e0:50:
c1:0c:65:b4:ce:ee:9d:c5:b8:49:32:e2:bd:0d:fd:
6b:fe:f5:5a:d5:33:e5:c8:be:73:ae:5c:f1:83:2e:
04:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8D:C0:92:C9:E3:4A:EF:70:6C:2E:B6:7B:EA:54:5C:DE:F9:ED:FF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ff02f7c0-0a68-43bd-ba68-47b4f3858693.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
16.208.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:c2:28:c1:c7:f6:56:46:29:e4:49:93:07:9a:68:ee:18:11:
68:b2:fb:cf:fe:33:01:a5:5e:4d:a8:1f:47:fe:d7:8e:d2:30:
06:f0:34:73:a4:7b:dc:c5:55:e6:9a:5a:1b:8e:f7:47:da:df:
87:84:8b:7b:ae:a7:b1:83:d2:5a:0d:bd:e7:45:45:8b:51:d8:
b9:98:18:dc:50:1c:cf:f3:bd:df:5d:98:a8:aa:db:4c:a3:7b:
cf:8e:33:34:79:03:75:4b:1b:82:a4:96:c9:8d:c0:f9:b9:38:
08:9b:19:25:e9:c6:bd:ee:f4:1a:11:5a:e0:96:93:69:81:cc:
95:91:5f:3b:e7:7e:c0:3f:15:c5:d9:ec:c8:c7:bb:02:7b:1e:
35:31:c1:07:c4:6d:c0:14:97:6a:9f:a9:f4:95:e7:df:e2:44:
e0:89:33:84:af:8c:16:f7:b4:4e:13:7e:08:c8:80:3a:87:35:
f2:09:74:24:78:76:16:3b:f0:c1:e5:74:2d:a0:54:3a:72:71:
8a:54:e4:23:82:a7:f0:09:c0:28:fe:68:b5:b6:eb:a7:68:26:
76:c5:df:6d:26:bf:04:3a:a2:48:99:bd:cf:99:11:95:cb:00:
c5:a3:e3:ef:9d:f7:8e:c1:cb:89:ea:7f:12:33:5d:1e:7f:9f:
14:14:a1:c7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcB84ou2ZfmDycOwPfgrDOiB7hsIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI4MDAwMDAwWhcNMjUwMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NWM2N2Q3NzQ3NjE4YWZiOGU1NDMxNmJkMzJjOGFlMTgy
YzBiYjdjMDE5NGNiMmExZDUwMTU5ZGJhMzQzYTM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXNBsV4nRaU2cEhIfr+Bcrd/QoPVf01L/xvB20kjVPj/0k
JLn+Sh7lmiyo947nhkLChSXcQIWP8I7F6sCo2OuP9YuP4z5Txk4pTNZIuwV/F3om
5ubYV33VFXFOaYZNVwU516XEi6yG7kxRiPYaq7np5iVvuHynRThqcgr3ltpeiwrj
QPqG1oh9GBZop4GIxAG4JiHC0HUNKSUu0V6KIWWBlefCBKSQowAefDQU8ZjvAtUy
AhTVrqN0/0ALGaPzryh9JfwXhqeKwP14J5YTdPO1+7h8gacULO0h4nE6KtTgUMEM
ZbTO7p3FuEky4r0N/Wv+9VrVM+XIvnOuXPGDLgTRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6Y3AksnjSu9wbC62e+pUXN757f8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZmMDJmN2MwLTBhNjgtNDNiZC1iYTY4LTQ3YjRmMzg1ODY5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQ0DANBgkqhkiG9w0BAQsFAAOCAQEAO8Iowcf2VkYp5EmTB5po7hgRaLL7
z/4zAaVeTagfR/7XjtIwBvA0c6R73MVV5ppaG473R9rfh4SLe66nsYPSWg2950VF
i1HYuZgY3FAcz/O9312YqKrbTKN7z44zNHkDdUsbgqSWyY3A+bk4CJsZJenGve70
GhFa4JaTaYHMlZFfO+d+wD8VxdnsyMe7AnseNTHBB8RtwBSXap+p9JXn3+JE4Ikz
hK+MFve0ThN+CMiAOoc18gl0JHh2FjvwweV0LaBUOnJxilTkI4Kn8AnAKP5otbbr
p2gmdsXfbSa/BDqiSJm9z5kRlcsAxaPj7533jsHLiep/EjNdHn+fFBShxw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:55:19 2025 by rpki-client