Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
File: 19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa (raw, json)
Hash identifier: 6+fCRWiKJZY17jIjcaoAtuoGC+0NFKlBL7Yp3zXY51Y=
Subject key identifier: 10:D3:B0:B5:52:35:C0:E5:D8:E8:4D:94:EB:61:1D:CC:C9:A9:AE:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AEEA87627DA26E01D659808853BA198E8A1968F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ee:a8:76:27:da:26:e0:1d:65:98:08:85:3b:a1:98:e8:a1:96:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:85:6a:f0:6d:0c:88:34:29:df:9a:9c:16:5c:
b0:c8:8e:b3:99:a3:a3:15:69:4f:b4:67:b8:91:0c:
22:39:96:c2:e0:6f:ab:15:58:af:70:2b:26:48:26:
51:d6:33:2c:3b:a4:af:58:ff:26:94:4b:ec:04:9a:
c6:1d:d9:6f:ff:23:7c:2c:1f:63:13:83:ab:c5:34:
1d:99:5a:3c:fd:e7:1d:0e:85:4a:bf:bf:ba:13:9a:
78:c0:fe:98:18:07:95:2b:52:98:4e:55:ce:c0:24:
03:90:fe:f0:88:10:35:eb:44:f1:cf:1c:60:5d:57:
df:f2:4e:0a:3d:17:3f:dc:f0:4a:19:87:5b:f9:80:
1e:5a:e8:cd:95:64:57:35:0c:3b:c6:6c:b9:a7:c5:
41:cf:c5:c3:bf:46:36:d9:ad:5b:7e:d7:89:0b:95:
5a:91:3f:71:c4:da:21:7e:72:56:7a:ba:32:d5:c8:
67:56:af:ba:71:56:eb:42:cb:0e:d6:d8:ab:b0:03:
67:03:61:15:a8:13:ae:8f:d6:2c:37:22:6f:b5:ec:
d2:fe:1a:5c:fb:07:b7:cc:5c:f9:9e:17:a5:f3:89:
23:2b:93:9d:6d:c4:34:d8:0c:4c:b0:ae:c2:3b:70:
b6:4c:6f:69:75:a4:51:19:7e:37:9b:9a:aa:ae:12:
4a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D3:B0:B5:52:35:C0:E5:D8:E8:4D:94:EB:61:1D:CC:C9:A9:AE:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
11:1c:98:c2:f1:02:15:18:41:cc:12:d3:ec:bb:c5:91:68:ae:
39:cf:d7:1c:9b:f7:04:d7:ca:32:ed:5a:73:78:3b:4f:19:28:
b7:f5:ab:28:e0:91:0b:58:45:1d:e9:1d:69:9e:f9:de:32:4a:
09:96:a8:29:ad:6a:5f:b8:42:ac:3a:92:14:d1:30:e0:48:c1:
20:15:62:b1:76:29:b7:60:d6:1f:6c:1f:36:b5:6e:14:3c:16:
12:3c:35:ab:7a:d4:16:e9:ef:7f:59:28:8c:0a:2c:15:f6:a0:
1c:84:95:8b:08:88:0b:4e:bb:f4:4c:66:a0:8b:6b:57:42:52:
a4:0e:00:f3:74:b9:64:4a:35:10:fa:aa:9f:66:1f:ae:30:75:
cd:af:77:fe:0a:5e:80:2e:bc:74:34:81:1a:f6:3a:71:37:94:
6b:55:85:f0:0c:ff:6f:6e:c6:76:44:7f:ce:88:72:93:df:11:
1a:39:1a:55:09:23:12:2a:64:94:28:2e:52:1b:73:64:93:19:
de:96:b0:77:d3:ac:7d:d5:6e:6c:46:1f:3a:f4:1a:5d:34:22:
d5:f2:60:26:f7:c1:63:67:cc:f9:e3:ee:5c:dc:e7:68:ed:63:
19:62:db:3f:c0:cb:01:9c:39:cf:8f:1f:af:b0:56:66:58:4b:
0d:0a:ee:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWu6odifaJuAdZZgIhTuhmOihlo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NWNiOThkMTcyMDQ3OWIxY2Q2OTMxMDk3MWM2ODI0YWY3MzZiNzNkM2Mz
OGQyNWZhNjFlNDZlY2VmODI1M2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSFavBtDIg0Kd+anBZcsMiOs5mjoxVpT7RnuJEMIjmWwuBvqxVYr3ArJkgm
UdYzLDukr1j/JpRL7ASaxh3Zb/8jfCwfYxODq8U0HZlaPP3nHQ6FSr+/uhOaeMD+
mBgHlStSmE5VzsAkA5D+8IgQNetE8c8cYF1X3/JOCj0XP9zwShmHW/mAHlrozZVk
VzUMO8ZsuafFQc/Fw79GNtmtW37XiQuVWpE/ccTaIX5yVnq6MtXIZ1avunFW60LL
DtbYq7ADZwNhFagTro/WLDcib7Xs0v4aXPsHt8xc+Z4XpfOJIyuTnW3ENNgMTLCu
wjtwtkxvaXWkURl+N5uaqq4SSokCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQ07C1
UjXA5djoTZTrYR3MyamuqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTljOWVlZDUtY2RkMi00ZTNhLTg3ODUtODAwZWM0ZjllMDIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQARHJjC8QIVGEHMEtPsu8WRaK45z9ccm/cE18oy
7VpzeDtPGSi39aso4JELWEUd6R1pnvneMkoJlqgprWpfuEKsOpIU0TDgSMEgFWKx
dim3YNYfbB82tW4UPBYSPDWretQW6e9/WSiMCiwV9qAchJWLCIgLTrv0TGagi2tX
QlKkDgDzdLlkSjUQ+qqfZh+uMHXNr3f+Cl6ALrx0NIEa9jpxN5RrVYXwDP9vbsZ2
RH/OiHKT3xEaORpVCSMSKmSUKC5SG3NkkxnelrB306x91W5sRh869BpdNCLV8mAm
98FjZ8z54+5c3Odo7WMZYts/wMsBnDnPjx+vsFZmWEsNCu6/
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:33:20 2025 by rpki-client