Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
File: 28d63060-33be-4a3e-88dd-24f87af67dd4.roa (raw, json)
Hash identifier: BgVEQEklXwRNkwx8rAcEHTmcRP6YmLnLkzVnk/DLn8A=
Subject key identifier: 97:D6:9F:10:DB:AA:1C:61:6C:65:65:46:7C:44:8F:47:AA:ED:FA:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F584C5FBE61970D157E59E64C87538C1DBB2E00
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:58:4c:5f:be:61:97:0d:15:7e:59:e6:4c:87:53:8c:1d:bb:2e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:43:1d:23:87:c2:eb:1f:e6:c9:e7:1a:57:5b:
0d:ad:0a:2e:6a:d6:c4:82:83:dc:7c:28:a6:ec:d5:
ca:21:ee:45:6a:b3:b0:5c:3a:23:3f:bf:31:0c:5b:
f7:94:28:bf:37:f2:69:95:77:4e:e9:27:39:6f:ca:
d7:e9:f8:eb:41:4e:d2:ed:05:25:22:40:bc:55:cf:
4b:72:92:aa:92:10:b0:bc:4e:d1:4b:64:62:2e:80:
01:9f:f4:2f:6a:dd:0d:97:74:33:66:ab:55:ed:f5:
96:4a:24:31:d4:89:af:4c:83:df:90:bf:dd:70:d2:
db:c4:f2:34:02:61:fe:ae:93:a5:50:a6:88:34:52:
ea:4c:86:d7:2a:5f:aa:07:83:63:d6:58:fa:2a:87:
ba:7a:ae:4e:4c:0f:35:c9:f4:16:43:16:67:ae:8d:
49:df:8e:fd:aa:a1:e4:a9:1c:c6:d1:86:aa:d9:2a:
51:32:12:80:46:7c:a8:2f:2b:60:01:b6:b6:2f:b5:
c2:dc:cf:f1:b8:74:6c:0f:19:87:fa:86:24:e7:01:
93:95:0f:4a:50:18:e2:cd:8c:9c:5c:3b:52:9e:e0:
40:fe:23:a0:68:f2:1c:1f:18:72:ef:b4:30:e0:b2:
c2:ba:36:9e:70:3c:b8:4a:b0:1d:8c:0e:48:b8:97:
14:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D6:9F:10:DB:AA:1C:61:6C:65:65:46:7C:44:8F:47:AA:ED:FA:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c4:1c:cc:d6:ab:ce:1e:be:12:c8:5a:53:ca:53:60:db:54:69:
8c:ad:44:c1:f6:bc:9c:b9:01:d4:b9:ac:94:d0:27:89:3a:dd:
ee:e9:ce:60:3e:43:90:76:ae:e9:de:e3:b4:65:bf:b4:5d:92:
ca:da:ad:b8:f4:9f:ef:a8:d9:d9:ab:1d:2f:87:03:e8:76:6a:
cd:ee:f2:71:5c:d2:25:44:80:06:aa:4a:05:c4:ef:ec:61:32:
ef:47:5d:91:54:42:7a:7b:0b:fb:1e:63:de:0e:47:b5:c1:6b:
fb:68:d3:b9:7e:ba:02:e6:57:81:2f:f0:2e:d4:4a:35:28:5a:
cc:bc:07:f3:06:0c:08:51:e5:d4:bc:e3:7a:d1:f5:da:10:1d:
72:36:87:af:42:2d:b6:94:f7:7d:d0:64:e5:d1:32:cf:f5:cb:
77:64:92:88:30:70:ca:25:ce:e6:f6:80:e3:3a:0a:2c:1e:cc:
83:84:38:05:f3:b8:2e:d2:0c:50:34:59:4b:f1:83:7f:36:45:
a1:53:5c:46:f4:52:f0:15:51:07:ec:f7:13:da:84:69:eb:66:
a2:39:aa:cf:65:fd:2e:71:93:5e:11:74:ed:f6:bf:ca:27:38:
0b:98:d5:08:68:d3:cd:dc:a2:93:c0:58:1b:20:06:36:07:a7:
22:88:52:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP1hMX75hlw0VflnmTIdTjB27LgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NjRlNjc4OWRlNTQwMzQyNTIyNTAyMGRiNzIxOTkxOThiYmQ3MWJhNWY3
NjAyNzYyNTI3M2FkMTU4NmQ4N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtDHSOHwusf5snnGldbDa0KLmrWxIKD3HwopuzVyiHuRWqzsFw6Iz+/MQxb
95QovzfyaZV3TuknOW/K1+n460FO0u0FJSJAvFXPS3KSqpIQsLxO0UtkYi6AAZ/0
L2rdDZd0M2arVe31lkokMdSJr0yD35C/3XDS28TyNAJh/q6TpVCmiDRS6kyG1ypf
qgeDY9ZY+iqHunquTkwPNcn0FkMWZ66NSd+O/aqh5KkcxtGGqtkqUTISgEZ8qC8r
YAG2ti+1wtzP8bh0bA8Zh/qGJOcBk5UPSlAY4s2MnFw7Up7gQP4joGjyHB8Ycu+0
MOCywro2nnA8uEqwHYwOSLiXFCkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSX1p8Q
26ocYWxlZUZ8RI9Hqu36UTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjhkNjMwNjAtMzNiZS00YTNlLTg4ZGQtMjRmODdhZjY3ZGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAxBzM1qvOHr4SyFpTylNg21RpjK1Ewfa8nLkB1Lms
lNAniTrd7unOYD5DkHau6d7jtGW/tF2SytqtuPSf76jZ2asdL4cD6HZqze7ycVzS
JUSABqpKBcTv7GEy70ddkVRCensL+x5j3g5HtcFr+2jTuX66AuZXgS/wLtRKNSha
zLwH8wYMCFHl1LzjetH12hAdcjaHr0IttpT3fdBk5dEyz/XLd2SSiDBwyiXO5vaA
4zoKLB7Mg4Q4BfO4LtIMUDRZS/GDfzZFoVNcRvRS8BVRB+z3E9qEaetmojmqz2X9
LnGTXhF07fa/yic4C5jVCGjTzdyik8BYGyAGNgenIohSEA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:35:58 2025 by rpki-client