Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
File: 2f7f4c52-3c37-4945-a2de-eb95981a27af.roa (raw, json)
Hash identifier: maTwjsrQShXDvhbJk6xDTyR5CjQZmg1tycqOlBqzGFo=
Subject key identifier: E0:00:FC:DE:F6:5F:A4:42:1F:AE:40:0D:F3:F3:AF:3B:93:CE:1A:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05A8DF5A8CD01DC475E40FCE24A7E0966F2C2DC5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:a8:df:5a:8c:d0:1d:c4:75:e4:0f:ce:24:a7:e0:96:6f:2c:2d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cf:95:10:62:67:03:8f:70:f0:fb:79:8f:9d:
b8:3b:ae:aa:7a:7a:f8:2f:11:7f:16:d9:39:9e:3a:
1f:6f:95:6a:4f:fe:04:74:75:f2:59:77:21:ba:49:
9f:43:16:53:17:b1:3a:dd:14:70:dd:9b:06:83:38:
09:38:56:85:7d:92:53:95:bd:61:45:4e:d2:d0:3c:
bf:01:6a:a0:d6:a0:cc:e0:3b:49:e0:57:a0:af:9e:
f0:36:d3:07:d7:37:dd:38:8d:66:eb:38:68:03:27:
82:53:b0:c7:df:dc:5a:22:58:f7:05:fb:45:4d:fb:
e6:71:60:b2:3e:8a:95:c1:51:51:d0:74:6a:1b:f8:
ab:9d:80:3c:7a:8e:89:e3:27:91:bb:6a:78:c0:f8:
1b:57:1d:38:d9:a5:a8:d3:3f:fb:78:f3:61:11:e5:
6b:26:36:2a:f1:06:e5:89:cf:6f:02:2d:3a:7f:7c:
4a:ea:be:96:2b:82:e0:5d:96:15:49:72:bb:3c:e3:
2d:3a:39:8d:fc:3c:c5:d5:75:61:c1:07:a8:91:92:
68:aa:46:b3:f3:f3:90:59:e6:a9:20:e6:53:9f:43:
a9:3f:eb:81:a3:76:bd:d0:1f:40:35:98:4b:9e:e8:
68:10:27:f3:36:85:3e:af:77:40:f3:f2:3b:4f:4f:
27:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:00:FC:DE:F6:5F:A4:42:1F:AE:40:0D:F3:F3:AF:3B:93:CE:1A:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
40:3f:fd:6a:4a:fd:5b:bb:46:18:0b:03:e4:0e:ba:8b:7a:b6:
a3:23:56:2a:89:2f:b5:ef:ae:a5:5b:31:74:88:4e:e5:90:98:
33:1f:f8:d9:88:81:db:9a:aa:32:35:84:3a:78:06:e0:0f:1c:
ad:27:bb:11:49:fd:4a:2a:89:62:0a:ce:86:4b:c2:8e:fe:c8:
0f:aa:7d:d8:ac:46:ed:9a:4c:f4:fc:1d:f6:f1:76:37:b6:9f:
d4:1c:0f:93:18:39:96:34:fe:4a:23:19:1c:74:df:89:5b:fd:
8f:33:52:e0:60:8b:fb:f8:92:93:3b:bf:c2:72:3a:5c:98:4d:
5a:0e:b5:15:60:aa:d0:7c:3d:85:68:c1:07:9f:fc:3f:ee:a9:
8a:11:13:86:38:84:cb:8e:18:d8:8c:41:d3:c6:ea:fc:1f:8e:
f9:48:82:c9:c6:1c:42:29:ce:a0:f5:6a:78:a5:b6:0b:fe:5c:
5d:29:e2:97:12:8e:8a:08:fb:de:5a:e9:27:28:0d:39:16:48:
cd:6d:f8:86:18:ce:6f:9b:a1:24:3f:dc:92:3b:57:a8:85:3b:
08:f4:cc:05:3f:b9:9f:7c:5c:4e:07:ff:36:fb:62:c2:46:9b:
e1:78:72:99:6c:47:5d:33:c0:19:5e:83:ed:55:5e:f4:63:47:
f1:49:90:8d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBajfWozQHcR15A/OJKfglm8sLcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMmM3MjM4NWFjZWZmZjA0ZmE0NTE2MmVmYjQ1NTM1ODMxNmRmZWI3NjEy
ZmFkMDYzMzc0MjU1YTE3MDczYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXPlRBiZwOPcPD7eY+duDuuqnp6+C8RfxbZOZ46H2+Vak/+BHR18ll3IbpJ
n0MWUxexOt0UcN2bBoM4CThWhX2SU5W9YUVO0tA8vwFqoNagzOA7SeBXoK+e8DbT
B9c33TiNZus4aAMnglOwx9/cWiJY9wX7RU375nFgsj6KlcFRUdB0ahv4q52APHqO
ieMnkbtqeMD4G1cdONmlqNM/+3jzYRHlayY2KvEG5YnPbwItOn98Suq+liuC4F2W
FUlyuzzjLTo5jfw8xdV1YcEHqJGSaKpGs/PzkFnmqSDmU59DqT/rgaN2vdAfQDWY
S57oaBAn8zaFPq93QPPyO09PJ+MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTgAPze
9l+kQh+uQA3z8687k84a4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmY3ZjRjNTItM2MzNy00OTQ1LWEyZGUtZWI5NTk4MWEyN2FmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAQD/9akr9W7tGGAsD5A66i3q2oyNWKokvte+upVsx
dIhO5ZCYMx/42YiB25qqMjWEOngG4A8crSe7EUn9SiqJYgrOhkvCjv7ID6p92KxG
7ZpM9Pwd9vF2N7af1BwPkxg5ljT+SiMZHHTfiVv9jzNS4GCL+/iSkzu/wnI6XJhN
Wg61FWCq0Hw9hWjBB5/8P+6pihEThjiEy44Y2IxB08bq/B+O+UiCycYcQinOoPVq
eKW2C/5cXSnilxKOigj73lrpJygNORZIzW34hhjOb5uhJD/ckjtXqIU7CPTMBT+5
n3xcTgf/Nvtiwkab4XhymWxHXTPAGV6D7VVe9GNH8UmQjQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:26:28 2025 by rpki-client