Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
File: 47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa (raw, json)
Hash identifier: jVwUKfYowv+3t8+7++gyNZw61l+XwURZxKhikBzcKJ8=
Subject key identifier: 70:4C:76:AC:01:AB:E5:C1:CB:10:0D:05:01:87:15:14:C0:AC:D5:29
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1FF2E8CB3FB1C06F51664152F448EC8657A1E540
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:f2:e8:cb:3f:b1:c0:6f:51:66:41:52:f4:48:ec:86:57:a1:e5:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:88:4e:9b:c3:7d:3c:64:74:47:33:25:a7:3e:
e0:86:93:b5:d2:5e:72:00:ee:c9:9a:09:77:6b:8d:
ab:cd:e1:9a:f8:e0:0c:45:0e:7a:6b:3c:08:3c:1c:
13:5b:e3:bd:fa:e4:ec:74:b8:86:4a:07:a1:29:e6:
e1:1a:9d:88:86:0c:8a:fb:72:a8:8b:7f:2c:56:a6:
65:e9:5b:0f:f9:e0:45:4d:82:15:66:ac:50:b7:31:
00:32:b0:69:4c:1d:b4:82:f8:d8:dc:c4:6e:50:b9:
4b:9c:d1:7e:8a:d5:77:6f:36:c2:89:19:7e:8d:02:
4b:9a:2e:b2:e2:71:58:0d:a9:4a:37:12:11:2e:82:
ec:8d:c0:00:e4:32:eb:6f:d7:88:b9:90:8b:55:42:
26:c5:7e:77:7d:c3:ce:0a:28:67:e6:1b:c1:e7:bf:
1d:80:98:dd:c0:18:9f:57:05:fd:0f:af:06:fb:4b:
36:f2:b7:bb:3d:b3:05:bc:e2:2a:b9:dd:32:b8:c9:
33:a4:99:06:99:72:2d:58:a0:91:e5:7b:d1:45:13:
9a:1b:1a:9c:7f:79:ce:07:7d:d5:91:f5:22:e5:6a:
04:9e:ed:33:7b:45:08:ac:22:e0:1a:35:f5:62:3c:
69:26:a7:2b:f8:a3:b2:8b:9c:50:21:62:21:76:2d:
39:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4C:76:AC:01:AB:E5:C1:CB:10:0D:05:01:87:15:14:C0:AC:D5:29
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
50:40:d3:0a:b6:9e:5d:ff:a7:79:2c:31:c6:31:ad:f6:6f:41:
20:f8:d5:af:fe:1c:03:b7:1a:12:db:35:bc:cc:a6:c4:a8:92:
ab:6d:13:1e:23:a3:88:8a:6f:a6:ef:90:a5:4b:62:43:7a:66:
fb:68:d8:b9:43:0e:94:57:0f:47:a8:aa:cf:90:f8:bc:ea:b0:
be:f4:1b:28:a3:7b:b2:25:62:ac:ca:17:bf:78:91:77:23:ba:
34:57:28:f7:52:ce:c1:ea:e4:91:25:41:53:25:38:4d:1b:45:
f4:0d:31:12:c4:fb:85:79:08:35:81:5c:f4:70:10:a2:1d:0a:
68:8d:6e:29:b6:5a:1e:69:b8:c6:44:8d:5a:8c:12:41:f6:a0:
75:8c:75:a8:5f:53:52:9b:5f:e0:b4:cc:6d:24:87:58:d9:f0:
94:55:ed:7b:24:ea:db:d9:39:ae:d2:89:7c:de:1f:9a:ce:32:
b8:a8:50:e0:c8:62:1c:5d:0c:02:89:fe:b0:0e:5d:91:f9:fa:
0e:77:9d:fe:01:36:b3:f8:fb:4d:67:f2:c3:7a:fd:6d:53:a8:
f7:bb:d4:35:a3:9c:32:dd:53:c5:8f:ad:06:1c:27:85:e4:4a:
05:80:f7:19:1b:92:79:eb:d0:7d:66:ce:5f:6f:e0:8e:64:ef:
10:cc:54:8e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUH/Loyz+xwG9RZkFS9Ejshleh5UAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxYzM3YjE4OGE4Y2RmMDVkNTM3YTQyNzcwZDcxNDYxN2Q3MmQxMzgyNTNl
YTAyZGM2NWY3YTMyYzM3YmU2N2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeITpvDfTxkdEczJac+4IaTtdJecgDuyZoJd2uNq83hmvjgDEUOems8CDwc
E1vjvfrk7HS4hkoHoSnm4RqdiIYMivtyqIt/LFamZelbD/ngRU2CFWasULcxADKw
aUwdtIL42NzEblC5S5zRforVd282wokZfo0CS5ousuJxWA2pSjcSES6C7I3AAOQy
62/XiLmQi1VCJsV+d33DzgooZ+Ybwee/HYCY3cAYn1cF/Q+vBvtLNvK3uz2zBbzi
KrndMrjJM6SZBplyLVigkeV70UUTmhsanH95zgd91ZH1IuVqBJ7tM3tFCKwi4Bo1
9WI8aSanK/ijsoucUCFiIXYtOb0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRwTHas
AavlwcsQDQUBhxUUwKzVKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDdlM2MzNWItNjJjZC00MTM5LWE5N2MtN2JmMGNlNDQwOTdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAUEDTCraeXf+neSwxxjGt9m9BIPjVr/4cA7caEts1
vMymxKiSq20THiOjiIpvpu+QpUtiQ3pm+2jYuUMOlFcPR6iqz5D4vOqwvvQbKKN7
siVirMoXv3iRdyO6NFco91LOwerkkSVBUyU4TRtF9A0xEsT7hXkINYFc9HAQoh0K
aI1uKbZaHmm4xkSNWowSQfagdYx1qF9TUptf4LTMbSSHWNnwlFXteyTq29k5rtKJ
fN4fms4yuKhQ4MhiHF0MAon+sA5dkfn6Dned/gE2s/j7TWfyw3r9bVOo97vUNaOc
Mt1TxY+tBhwnheRKBYD3GRuSeevQfWbOX2/gjmTvEMxUjg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:37 2025 by rpki-client