Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20426a66-cc0b-4361-a28d-5e89317a3160.roa
File: 20426a66-cc0b-4361-a28d-5e89317a3160.roa (raw, json)
Hash identifier: YExDzUM0wPTKOQSUzRS+acupqo6c10xi8B8Nt4Up4Is=
Subject key identifier: AD:4B:42:ED:F1:0E:DE:48:10:24:F4:73:7E:F0:82:67:D0:D2:CF:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11E880405388B211397C9A91C8D3CB8A278DDFE6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20426a66-cc0b-4361-a28d-5e89317a3160.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:e8:80:40:53:88:b2:11:39:7c:9a:91:c8:d3:cb:8a:27:8d:df:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fc:85:76:f6:7b:0d:33:b9:2c:be:1d:ba:54:
ac:ec:12:e6:ec:13:e0:05:f5:ab:c0:c9:ec:d3:93:
35:6f:a3:4f:37:e3:1d:21:0c:64:77:c7:eb:fe:0b:
67:35:3d:02:25:2e:8d:f5:c4:4b:e3:7f:ec:c5:ad:
49:59:98:1b:e9:77:44:c4:d3:1a:b1:46:c9:82:63:
b9:cd:1c:f3:b1:8c:5a:0e:8d:45:b0:3b:44:58:3b:
54:4b:2d:09:3b:45:65:b4:2b:fe:db:fc:0e:ce:d0:
43:67:ce:fb:cd:dd:a1:05:4f:d8:f2:fb:2f:61:a6:
f6:42:ca:e8:85:b8:1a:2d:95:c3:d6:ac:ce:a5:1b:
0b:91:82:5f:b9:38:25:cc:d1:2e:fe:10:18:40:54:
e9:a2:e6:4d:91:02:71:0b:ff:1f:a3:52:bb:be:57:
b8:38:2c:38:1a:27:0a:f7:fe:45:cf:1d:97:ff:02:
48:37:f5:b4:ea:25:f0:2f:8b:f0:4a:c1:37:a0:52:
5b:23:89:db:fe:54:f7:49:9f:66:99:08:d6:7c:87:
1a:60:f2:26:49:f9:cd:50:8f:47:2c:b6:b2:bc:06:
a7:15:f1:29:78:b7:c5:4c:98:5b:7f:9a:c6:d8:57:
b7:0c:27:13:b2:f0:3b:ca:a1:97:e0:09:b0:ce:55:
67:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4B:42:ED:F1:0E:DE:48:10:24:F4:73:7E:F0:82:67:D0:D2:CF:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20426a66-cc0b-4361-a28d-5e89317a3160.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
60:7b:69:df:65:8d:87:8d:47:40:42:76:75:f6:a2:30:2b:21:
94:57:00:7e:f1:3e:91:4c:2f:80:b0:a2:1b:1b:e2:de:22:17:
57:69:4f:4a:a2:c4:6d:2d:19:1c:cf:13:41:bf:a7:b3:fb:ae:
53:ef:1f:ff:5e:1e:89:59:9b:2c:49:91:ba:42:fb:bf:1b:bb:
3f:62:ad:18:54:7a:bd:3d:75:98:bd:27:d1:f4:8e:8e:c2:11:
ac:d0:54:c6:db:96:c7:ce:97:80:12:1a:16:7a:5d:f7:0e:6b:
24:f3:09:b1:2d:93:e9:a1:2a:b6:4f:5e:00:87:81:b6:c3:7e:
0e:8b:76:50:d9:93:22:e0:f3:5f:85:85:1a:3f:93:de:1e:b8:
79:f6:56:32:67:63:86:48:64:d4:d7:ea:9d:6d:f8:89:a3:fd:
83:f1:dd:62:e8:b3:bd:89:dd:89:32:2d:d6:fc:c8:ae:9b:74:
37:b2:54:f5:97:af:a3:23:3f:4f:c2:47:9e:4b:cf:a4:29:61:
03:10:4a:d4:30:31:3d:d2:e6:0e:1a:c5:64:79:02:4c:56:3a:
e6:12:76:a5:b3:fc:7a:1d:43:aa:e0:17:7a:31:0a:70:bf:32:
96:46:95:51:7f:2b:97:f5:2f:ad:3f:0e:c9:17:32:5b:70:44:
dd:55:9c:de
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEeiAQFOIshE5fJqRyNPLiieN3+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhMTIwMTE4ZDZkNjA5MjUyNGQ5M2U3NjEzZDNlYTdjODE2NTkxNTVmNjMz
NTQ4MmRiMmZhNTQzYTk1OTBhOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKn8hXb2ew0zuSy+HbpUrOwS5uwT4AX1q8DJ7NOTNW+jTzfjHSEMZHfH6/4L
ZzU9AiUujfXES+N/7MWtSVmYG+l3RMTTGrFGyYJjuc0c87GMWg6NRbA7RFg7VEst
CTtFZbQr/tv8Ds7QQ2fO+83doQVP2PL7L2Gm9kLK6IW4Gi2Vw9aszqUbC5GCX7k4
JczRLv4QGEBU6aLmTZECcQv/H6NSu75XuDgsOBonCvf+Rc8dl/8CSDf1tOol8C+L
8ErBN6BSWyOJ2/5U90mfZpkI1nyHGmDyJkn5zVCPRyy2srwGpxXxKXi3xUyYW3+a
xthXtwwnE7LwO8qhl+AJsM5VZw0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBStS0Lt
8Q7eSBAk9HN+8IJn0NLPeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA0MjZhNjYtY2MwYi00MzYxLWEyOGQtNWU4OTMxN2EzMTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAYHtp32WNh41HQEJ2dfaiMCshlFcAfvE+kUwvgLCi
Gxvi3iIXV2lPSqLEbS0ZHM8TQb+ns/uuU+8f/14eiVmbLEmRukL7vxu7P2KtGFR6
vT11mL0n0fSOjsIRrNBUxtuWx86XgBIaFnpd9w5rJPMJsS2T6aEqtk9eAIeBtsN+
Dot2UNmTIuDzX4WFGj+T3h64efZWMmdjhkhk1NfqnW34iaP9g/HdYuizvYndiTIt
1vzIrpt0N7JU9ZevoyM/T8JHnkvPpClhAxBK1DAxPdLmDhrFZHkCTFY65hJ2pbP8
eh1DquAXejEKcL8ylkaVUX8rl/UvrT8OyRcyW3BE3VWc3g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:20:08 2025 by rpki-client