Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
File: 23d2e691-eee3-420e-8551-96a899136326.roa (raw, json)
Hash identifier: HmtV9DZy8IvyTxWXkEbve6kptMEixBRw8VghMRM+YHU=
Subject key identifier: D7:BB:1F:06:45:72:EF:9B:7A:68:28:FA:17:B9:05:D5:11:03:97:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 489691E010547C9C693799CAE514555E539145E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:96:91:e0:10:54:7c:9c:69:37:99:ca:e5:14:55:5e:53:91:45:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:db:a8:cf:22:24:7c:ec:82:45:60:ec:d0:8e:
6e:10:77:ed:06:0f:40:33:d6:00:bc:62:d2:01:33:
bd:65:00:88:45:62:fd:0c:67:f7:85:1f:9f:3f:64:
76:b8:c6:ff:8e:60:85:f4:f6:29:10:09:60:a5:56:
79:14:77:94:6b:60:3b:e3:55:66:66:ab:51:bf:c0:
ef:07:32:c2:1e:db:e4:4e:48:13:2e:53:72:e9:09:
33:04:66:c7:e4:32:59:3b:4e:02:0f:38:2a:9b:52:
6d:3f:9c:42:56:d8:80:5a:90:b3:3d:a7:bb:2c:16:
85:d9:68:79:d7:1d:1e:7f:1d:aa:53:55:89:3d:33:
93:5d:50:5a:9d:32:4d:30:f9:b4:26:92:ce:11:c7:
98:af:27:da:87:99:c9:1f:a4:ca:c5:bf:41:79:4e:
bb:e2:70:db:a3:f6:f4:5c:68:e5:b8:25:cb:ea:49:
8f:69:96:9a:11:84:8a:a3:47:f7:a5:d3:7a:a0:71:
54:23:cc:fc:0f:89:98:14:14:ad:29:5e:2e:b0:50:
63:2e:b4:9e:be:ac:f2:95:2b:c7:77:ac:89:b2:a5:
f3:8d:64:d3:d4:5d:c4:c7:3f:8d:b1:d1:b0:e0:e1:
9f:9a:b9:f5:d8:57:6f:bc:df:0a:b9:a3:fb:82:f0:
df:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BB:1F:06:45:72:EF:9B:7A:68:28:FA:17:B9:05:D5:11:03:97:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
2e:35:af:48:e1:23:52:d2:bd:0c:05:a5:07:e8:ed:5c:14:64:
bd:76:bf:18:84:4d:d6:40:43:39:24:34:60:30:90:75:2c:ea:
90:fe:a6:1f:73:56:30:21:c6:f5:4c:0b:86:e8:e6:07:68:e5:
84:87:c3:24:f5:51:42:64:4d:a1:0e:af:a5:18:0b:0b:b8:36:
52:35:24:12:13:05:bd:e6:f1:56:c9:e3:a1:f3:5c:d6:46:70:
f5:b4:ea:3f:50:e7:b0:db:40:0a:86:79:73:78:3c:de:e1:e1:
47:31:f4:7f:2d:0a:62:dc:c9:83:82:a6:c2:0b:97:4b:21:33:
e2:0f:35:4d:25:2f:42:1b:62:f3:4f:d6:fd:e4:2a:4f:06:68:
99:8f:25:ba:a7:e3:e9:7d:5a:55:86:0a:e8:5e:cf:3a:97:86:
b2:3d:8e:ff:05:ff:0c:75:75:ef:68:2d:dc:c3:41:f5:07:a0:
4f:35:1b:c4:2a:a0:79:00:ef:b3:b2:4a:ee:29:58:58:ce:64:
cf:0c:5c:74:7d:31:cf:5b:2d:fb:19:23:4d:37:27:7f:9d:c9:
09:62:c7:e6:2f:61:c1:3a:6d:37:96:2d:33:90:6b:4f:17:64:
38:48:8c:e0:7a:fd:de:68:17:b1:44:27:6e:93:5a:83:bd:a0:
69:d2:19:c8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUSJaR4BBUfJxpN5nK5RRVXlORRekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNGMxMjA1MTQyMzc1M2Y5YzQ2YzU0YjJmMWI4YTI3ZGFkZjdmMDIxYzNi
MmUwZWMxNWFlY2MyZjRmNWYzNjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzbqM8iJHzsgkVg7NCObhB37QYPQDPWALxi0gEzvWUAiEVi/Qxn94Ufnz9k
drjG/45ghfT2KRAJYKVWeRR3lGtgO+NVZmarUb/A7wcywh7b5E5IEy5TcukJMwRm
x+QyWTtOAg84KptSbT+cQlbYgFqQsz2nuywWhdloedcdHn8dqlNViT0zk11QWp0y
TTD5tCaSzhHHmK8n2oeZyR+kysW/QXlOu+Jw26P29Fxo5bgly+pJj2mWmhGEiqNH
96XTeqBxVCPM/A+JmBQUrSleLrBQYy60nr6s8pUrx3esibKl841k09RdxMc/jbHR
sODhn5q59dhXb7zfCrmj+4Lw378CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTXux8G
RXLvm3poKPoXuQXVEQOXrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjNkMmU2OTEtZWVlMy00MjBlLTg1NTEtOTZhODk5MTM2MzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAC41r0jhI1LSvQwFpQfo7VwUZL12vxiETdZAQzkk
NGAwkHUs6pD+ph9zVjAhxvVMC4bo5gdo5YSHwyT1UUJkTaEOr6UYCwu4NlI1JBIT
Bb3m8VbJ46HzXNZGcPW06j9Q57DbQAqGeXN4PN7h4Ucx9H8tCmLcyYOCpsILl0sh
M+IPNU0lL0IbYvNP1v3kKk8GaJmPJbqn4+l9WlWGCuhezzqXhrI9jv8F/wx1de9o
LdzDQfUHoE81G8QqoHkA77OySu4pWFjOZM8MXHR9Mc9bLfsZI003J3+dyQlix+Yv
YcE6bTeWLTOQa08XZDhIjOB6/d5oF7FEJ26TWoO9oGnSGcg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:17:39 2025 by rpki-client