Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1bc4930f-9a4b-43f1-82b8-562990ca472e.roa
File: 1bc4930f-9a4b-43f1-82b8-562990ca472e.roa (raw, json)
Hash identifier: umJqSaaRgthHP+8d+hIhJXAgNGmC5p3EQIBFxJrbyuE=
Subject key identifier: CE:70:60:13:6A:F8:51:A7:90:83:5B:9E:55:DC:D6:E2:F1:EF:68:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 351BC546FD04D836EE026DCC6C33F7B3A2E17BED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1bc4930f-9a4b-43f1-82b8-562990ca472e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:1b:c5:46:fd:04:d8:36:ee:02:6d:cc:6c:33:f7:b3:a2:e1:7b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d5:fc:d8:6b:a2:1c:e8:6c:b7:ee:de:91:a2:
1f:a1:8e:d8:0e:56:86:58:f1:e4:35:41:32:1d:1b:
d1:fe:d6:27:67:92:1e:61:00:e8:ef:b5:ca:90:76:
5b:bb:d4:e1:6a:09:f3:04:b8:a3:c1:89:d6:a7:a2:
5c:f9:c4:32:a8:92:30:0b:9b:62:97:08:89:c3:1b:
23:0c:8c:19:90:4c:53:af:68:11:ec:c2:58:f8:f7:
01:3a:f5:d8:41:a4:af:ad:0d:b7:ca:6e:37:8c:5a:
78:5b:19:bd:55:56:af:d0:2f:97:39:7c:2c:3e:d8:
d8:19:e1:bd:c3:a4:a1:be:e5:03:40:ef:bc:7e:a2:
b3:39:c8:de:9e:2e:31:20:d5:ea:42:4d:d3:f0:9e:
8e:5a:2a:96:ae:18:bf:e8:9d:87:39:a3:da:c2:91:
13:70:c2:1e:43:0b:f4:66:a0:06:d5:b6:f5:a2:fb:
90:2a:2d:58:26:f8:57:7f:f6:60:ef:c0:ef:5b:b2:
ad:36:f1:17:29:cb:45:61:25:16:0a:c2:c9:44:86:
d5:13:c6:a0:3e:f1:35:10:6c:7e:62:31:65:0d:f9:
29:2f:34:23:b8:86:d6:cc:03:40:51:09:e3:25:3a:
11:84:ca:27:88:03:20:7a:75:14:b6:2c:c1:6a:04:
60:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:70:60:13:6A:F8:51:A7:90:83:5B:9E:55:DC:D6:E2:F1:EF:68:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1bc4930f-9a4b-43f1-82b8-562990ca472e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:15:28:23:e5:ac:53:b9:2a:56:1f:d1:7a:c5:f8:af:89:14:
b8:54:a6:4d:0f:d1:e3:62:5f:45:4c:94:db:a8:ae:c0:0a:e6:
af:7f:48:b2:13:c5:fa:b3:ba:5a:54:d5:d9:f5:57:eb:4c:98:
9b:99:22:b3:24:5c:12:2b:f0:b4:97:db:69:c6:8c:64:6d:47:
68:12:c4:26:3e:57:26:45:83:e6:9c:93:04:8c:7a:aa:10:2e:
4f:61:46:f9:8e:56:c5:dd:20:5f:53:0e:1c:b3:7a:05:b5:6e:
6d:69:a3:82:46:88:e9:ef:3b:54:40:a3:40:fa:a6:c3:cf:b6:
03:fb:30:4d:32:f3:c9:cc:e9:e3:4d:e1:16:3f:0f:1e:6c:52:
7e:09:3b:ad:f5:0d:4b:75:b0:dd:8a:66:5b:dc:ab:cb:ca:98:
33:d5:c3:68:57:9c:5c:51:87:c6:ad:fc:ab:c5:d1:03:19:d5:
e2:18:9a:10:a9:72:b3:06:62:8e:dc:b5:ba:47:6a:2b:e5:d5:
28:26:92:42:01:42:31:06:a4:bd:72:04:73:1b:5e:c5:2a:25:
04:f3:b8:42:c1:e5:fc:3a:97:43:45:75:40:be:60:88:87:31:
6a:36:77:ef:53:a5:fe:1d:7d:bc:9e:c9:65:e0:22:66:8d:1c:
80:2b:62:88
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNRvFRv0E2DbuAm3MbDP3s6Lhe+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2N2U4MGFmMzlkMTZjOGJiNzEzZDMwZWIxZTQ2ZGIzNWZkYmIzZjRlNTJh
OWZhNDYzOTcyMWEzNWNkMDQzYTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3V/NhrohzobLfu3pGiH6GO2A5Whljx5DVBMh0b0f7WJ2eSHmEA6O+1ypB2
W7vU4WoJ8wS4o8GJ1qeiXPnEMqiSMAubYpcIicMbIwyMGZBMU69oEezCWPj3ATr1
2EGkr60Nt8puN4xaeFsZvVVWr9Avlzl8LD7Y2BnhvcOkob7lA0DvvH6isznI3p4u
MSDV6kJN0/Cejloqlq4Yv+idhzmj2sKRE3DCHkML9GagBtW29aL7kCotWCb4V3/2
YO/A71uyrTbxFynLRWElFgrCyUSG1RPGoD7xNRBsfmIxZQ35KS80I7iG1swDQFEJ
4yU6EYTKJ4gDIHp1FLYswWoEYOECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOcGAT
avhRp5CDW55V3Nbi8e9o1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWJjNDkzMGYtOWE0Yi00M2YxLTgyYjgtNTYyOTkwY2E0NzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQCrFSgj5axTuSpWH9F6xfiviRS4VKZND9HjYl9FTJTb
qK7ACuavf0iyE8X6s7paVNXZ9VfrTJibmSKzJFwSK/C0l9tpxoxkbUdoEsQmPlcm
RYPmnJMEjHqqEC5PYUb5jlbF3SBfUw4cs3oFtW5taaOCRojp7ztUQKNA+qbDz7YD
+zBNMvPJzOnjTeEWPw8ebFJ+CTut9Q1LdbDdimZb3KvLypgz1cNoV5xcUYfGrfyr
xdEDGdXiGJoQqXKzBmKO3LW6R2or5dUoJpJCAUIxBqS9cgRzG17FKiUE87hCweX8
OpdDRXVAvmCIhzFqNnfvU6X+HX28nsll4CJmjRyAK2KI
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:32:59 2025 by rpki-client