Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
File: 169b9704-81cc-41e4-bd90-8654798de7b1.roa (raw, json)
Hash identifier: XFMNQ2SSpyEwdL1diVztB9ZkcrAqCkYuAgnr36DirOo=
Subject key identifier: 75:DB:3C:6D:8F:1C:C1:ED:87:C7:3E:D1:43:D4:33:49:62:FF:A7:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CC01C0A4C9F7DFD8E0F3B078FA235E1D3FB52E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:c0:1c:0a:4c:9f:7d:fd:8e:0f:3b:07:8f:a2:35:e1:d3:fb:52:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a5:b4:d9:ac:75:b6:75:54:60:44:b9:2c:17:
e8:55:8d:8c:43:21:13:1c:36:5f:d9:82:19:85:33:
05:d6:b9:77:f7:21:52:53:66:76:3b:3a:bb:8f:83:
60:c7:ab:16:96:8c:6e:d5:d5:8d:32:d7:10:47:9e:
6e:41:14:cd:aa:47:6c:c1:2a:2f:62:bd:d9:06:d7:
95:2c:8a:1e:17:49:ee:f0:78:a2:8e:00:d2:3c:47:
f0:4e:f2:81:b9:1e:7b:02:1f:34:dc:cf:1e:32:fc:
15:86:07:38:3d:d5:e3:81:43:e6:48:e4:a3:30:ea:
58:74:5d:8a:23:0a:64:75:b9:d1:69:1d:93:aa:a5:
55:29:cc:54:ff:1d:26:2a:ed:20:02:4d:01:c2:28:
7c:40:a4:4d:ae:f8:f2:21:c5:17:c1:c2:c7:bd:51:
54:37:b8:92:eb:6d:e6:d1:a7:65:6c:3d:1a:80:7c:
bb:9a:dc:1b:6d:7c:74:8a:7a:f9:65:fd:23:3b:5a:
b0:3f:42:fd:98:86:b0:e7:3c:8e:09:16:5f:e7:f9:
4f:0e:a1:e0:a3:3e:9c:99:82:ca:94:1b:53:39:bc:
6b:8e:79:94:6c:e7:af:af:47:b4:4a:99:1e:1f:a4:
95:df:0e:ea:fc:91:1e:63:38:ad:39:52:08:96:10:
5d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DB:3C:6D:8F:1C:C1:ED:87:C7:3E:D1:43:D4:33:49:62:FF:A7:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d5:e7:7d:8f:42:ad:21:5f:a8:a7:2e:54:d4:70:ed:1f:35:ab:
48:a5:05:f9:d5:4a:d7:91:75:22:89:ef:63:e2:b5:e9:a6:76:
ab:10:92:d8:ce:c4:db:66:5d:92:86:77:94:5c:95:2f:4a:be:
0a:84:a1:3c:59:e7:f9:a9:8e:c9:47:22:34:1e:ab:7d:64:a5:
a0:c6:62:b4:cb:fa:15:28:2d:15:24:5d:b6:b7:90:ba:77:9b:
0c:79:ec:97:aa:a6:76:cc:33:d0:b0:39:60:12:3c:2a:de:30:
87:d1:73:39:38:9c:7e:41:ab:d8:9d:24:9e:9a:6a:af:97:e2:
b2:1d:0e:5d:aa:68:f4:ac:1e:d2:27:37:c7:79:80:72:c0:fa:
67:05:bb:49:bc:a7:46:74:a7:74:8d:e0:f0:84:f6:e7:8b:64:
cf:18:1f:56:71:28:a8:59:f9:03:bc:5a:d1:09:30:10:c6:1b:
d3:dc:b6:57:b7:f3:df:74:43:4d:37:41:37:3b:59:8c:ea:13:
44:9d:0c:4c:0d:2c:6f:46:91:96:96:e9:f7:d8:61:0d:3e:26:
72:8f:37:01:fc:23:c9:82:bd:cd:f1:28:db:89:3e:17:6c:86:
00:23:b3:71:71:7a:7a:27:62:50:c0:69:ec:55:04:75:58:f1:
11:82:45:ea
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbMAcCkyfff2ODzsHj6I14dP7UucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ODVhZmNjOTYwY2M5YTk5NDJlZDUwY2Q4NzIwNzkzY2Q4OTJkZWQwZjVl
ZWIzM2QxMzk4NGVkYTE3MTY0ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6ltNmsdbZ1VGBEuSwX6FWNjEMhExw2X9mCGYUzBda5d/chUlNmdjs6u4+D
YMerFpaMbtXVjTLXEEeebkEUzapHbMEqL2K92QbXlSyKHhdJ7vB4oo4A0jxH8E7y
gbkeewIfNNzPHjL8FYYHOD3V44FD5kjkozDqWHRdiiMKZHW50Wkdk6qlVSnMVP8d
JirtIAJNAcIofECkTa748iHFF8HCx71RVDe4kutt5tGnZWw9GoB8u5rcG218dIp6
+WX9IztasD9C/ZiGsOc8jgkWX+f5Tw6h4KM+nJmCypQbUzm8a455lGznr69HtEqZ
Hh+kld8O6vyRHmM4rTlSCJYQXbcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR12zxt
jxzB7YfHPtFD1DNJYv+nhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY5Yjk3MDQtODFjYy00MWU0LWJkOTAtODY1NDc5OGRlN2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQDV532PQq0hX6inLlTUcO0fNatIpQX51UrXkXUiie9j
4rXppnarEJLYzsTbZl2ShneUXJUvSr4KhKE8Wef5qY7JRyI0Hqt9ZKWgxmK0y/oV
KC0VJF22t5C6d5sMeeyXqqZ2zDPQsDlgEjwq3jCH0XM5OJx+QavYnSSemmqvl+Ky
HQ5dqmj0rB7SJzfHeYBywPpnBbtJvKdGdKd0jeDwhPbni2TPGB9WcSioWfkDvFrR
CTAQxhvT3LZXt/PfdENNN0E3O1mM6hNEnQxMDSxvRpGWlun32GENPiZyjzcB/CPJ
gr3N8SjbiT4XbIYAI7NxcXp6J2JQwGnsVQR1WPERgkXq
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:47:24 2025 by rpki-client