Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa
File: 407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa (raw, json)
Hash identifier: +ngaBKVp2A8jK8UrxZ2j1CItav88jFZvCtv6WFzsjHg=
Subject key identifier: E3:FE:83:C2:A8:9B:9C:B4:5C:4C:12:EC:EE:C3:A5:1B:D4:D3:95:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2FFC2FB4E7FE6E41EE6BE9987FA637DCBB6DE512
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:fc:2f:b4:e7:fe:6e:41:ee:6b:e9:98:7f:a6:37:dc:bb:6d:e5:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6a:c8:e5:6e:d3:33:4a:3a:3a:d7:e1:44:92:
e8:e0:87:34:cd:6f:3c:e1:55:85:4f:48:5d:a4:40:
eb:e9:85:ae:60:02:81:d3:1f:1b:01:4a:36:1c:2e:
b8:3f:17:d1:d4:8d:2a:48:1e:ff:dc:99:c7:d0:36:
8d:0d:21:a4:d0:40:a3:85:5b:2d:56:ef:88:e6:e9:
21:9a:60:d9:73:8a:30:6a:18:c8:ed:23:ed:60:a2:
b0:91:ca:12:45:60:2e:a2:81:95:b1:29:5a:13:71:
27:f7:65:56:d9:41:23:61:9f:30:c8:fb:8b:60:92:
81:6d:fd:31:21:c8:65:d6:ce:22:d6:32:bc:83:e3:
e1:34:cb:9c:b6:5d:c1:56:90:fc:2e:e1:5a:23:30:
91:8a:89:e2:cd:a1:53:7c:60:81:bd:9d:78:d3:61:
51:fc:51:22:63:0f:b4:5a:f5:2f:a4:66:e8:07:9f:
5f:b2:9a:fe:21:32:47:c5:2b:1f:5b:83:76:91:ec:
e1:28:23:a2:6f:3e:88:8a:4b:13:a8:a2:19:27:b0:
f2:1b:ee:68:93:b3:65:09:c5:d4:50:3e:b2:b7:b7:
33:43:f1:d3:ea:db:71:9a:8a:bc:20:f3:65:92:23:
50:90:9f:13:d1:f5:c9:bb:83:9f:aa:65:b2:10:6c:
3d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FE:83:C2:A8:9B:9C:B4:5C:4C:12:EC:EE:C3:A5:1B:D4:D3:95:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4d:02:b0:6a:38:e3:b9:1e:ec:85:20:51:ba:cb:15:83:29:82:
f0:9f:a3:70:4f:9a:5c:7b:26:c7:85:b2:64:b4:71:23:fe:74:
eb:15:23:8f:a7:48:91:28:5c:5f:6c:23:b7:43:b8:65:33:8a:
28:fe:17:4a:5a:66:01:e1:49:c1:dd:8c:b8:49:91:f1:a1:60:
86:0f:b7:68:fa:d5:50:c3:0f:9e:58:19:d9:b2:a0:d4:0c:d7:
2f:1e:f4:d1:e6:ed:df:f4:29:67:4e:be:45:56:2f:fc:00:b8:
8d:a5:54:ae:72:68:4b:ab:22:5b:af:e5:20:4a:8d:cc:16:98:
12:48:dd:26:fa:f6:6c:5a:e2:e8:51:af:9d:3d:96:01:93:4d:
ba:0c:fb:f2:fe:f4:ff:97:c2:c7:11:66:4f:76:c2:ce:19:55:
7f:d8:3b:eb:79:97:ea:ab:40:af:21:49:00:03:66:92:cf:90:
1b:c1:83:ff:12:d2:b0:95:69:d4:40:90:bd:92:9d:3b:de:05:
4d:af:16:b0:38:46:6e:65:be:d9:b8:18:54:e2:aa:66:63:e3:
17:1a:00:eb:9f:0a:90:36:7a:d7:9d:55:6e:9b:e9:d6:5f:eb:
47:7b:46:c3:49:30:bf:a4:9e:e7:25:c7:28:e6:7f:50:ae:7f:
54:73:b6:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL/wvtOf+bkHua+mYf6Y33Ltt5RIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMTZhOGFlMmQ4OThmZTUyYzAxMmZhNGRmY2NhNmIwNTU1NWE3ODVlMWM2
NjBmMWJiOWFkZmQ4ZWI2MGY5MTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRqyOVu0zNKOjrX4USS6OCHNM1vPOFVhU9IXaRA6+mFrmACgdMfGwFKNhwu
uD8X0dSNKkge/9yZx9A2jQ0hpNBAo4VbLVbviObpIZpg2XOKMGoYyO0j7WCisJHK
EkVgLqKBlbEpWhNxJ/dlVtlBI2GfMMj7i2CSgW39MSHIZdbOItYyvIPj4TTLnLZd
wVaQ/C7hWiMwkYqJ4s2hU3xggb2deNNhUfxRImMPtFr1L6Rm6AefX7Ka/iEyR8Ur
H1uDdpHs4Sgjom8+iIpLE6iiGSew8hvuaJOzZQnF1FA+sre3M0Px0+rbcZqKvCDz
ZZIjUJCfE9H1ybuDn6plshBsPdcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTj/oPC
qJuctFxMEuzuw6Ub1NOVbTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDA3YzdhNmMtYWNkNi00ZWIzLTljZWMtOWI4ZTJmNGU4Mjg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEATQKwajjjuR7shSBRussVgymC8J+jcE+aXHsmx4Wy
ZLRxI/506xUjj6dIkShcX2wjt0O4ZTOKKP4XSlpmAeFJwd2MuEmR8aFghg+3aPrV
UMMPnlgZ2bKg1AzXLx700ebt3/QpZ06+RVYv/AC4jaVUrnJoS6siW6/lIEqNzBaY
EkjdJvr2bFri6FGvnT2WAZNNugz78v70/5fCxxFmT3bCzhlVf9g763mX6qtAryFJ
AANmks+QG8GD/xLSsJVp1ECQvZKdO94FTa8WsDhGbmW+2bgYVOKqZmPjFxoA658K
kDZ6151Vbpvp1l/rR3tGw0kwv6Se5yXHKOZ/UK5/VHO2/Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:38 2025 by rpki-client