Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
File: 53a9be89-d507-454e-96fb-d2a28e64f836.roa (raw, json)
Hash identifier: QD5lonwctfJdsUNntMY5n2mK84v9L6MyA1bOZsucWW4=
Subject key identifier: 91:30:3F:10:DA:52:D7:35:A7:D4:E3:96:72:EE:B8:F5:08:17:07:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 03FD0D620354406D65FE03223240CEF6975C4684
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:fd:0d:62:03:54:40:6d:65:fe:03:22:32:40:ce:f6:97:5c:46:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:da:fc:f7:8e:dd:11:9f:61:59:da:f0:56:9b:
bc:b7:4c:66:1d:0c:a4:fd:66:f3:aa:f9:70:31:63:
b3:bd:c4:4d:83:ce:18:c2:58:3e:b9:6a:ff:18:6a:
68:e2:9d:72:21:ab:2c:6c:c1:2a:40:8e:b0:99:4b:
68:c4:91:ce:d6:18:7a:03:89:1b:23:96:b4:a4:54:
6a:68:43:72:1a:72:20:26:62:4c:ab:8e:e8:3f:1f:
c5:f1:21:94:d3:bc:56:3f:33:bd:19:13:ee:85:c9:
13:27:72:1f:45:9f:47:39:5f:02:0d:b4:42:a0:05:
b6:b2:11:89:38:77:89:bb:27:03:a1:25:33:1c:08:
56:2c:82:9b:36:72:eb:92:89:ce:72:7f:2a:d6:d8:
aa:0d:32:8c:67:63:4b:5e:73:dc:59:36:b3:da:a7:
19:2e:d5:d2:35:0b:6c:d8:28:fc:d5:0c:b1:08:8c:
bd:13:85:79:b1:90:da:32:50:92:c2:76:c7:2d:1c:
2b:59:96:ce:da:41:9d:6a:bc:fd:14:ed:d8:80:c2:
21:29:8c:96:96:1e:d2:10:b4:31:d0:67:e5:be:bc:
74:15:6e:cf:96:78:cd:77:19:42:8b:6c:ae:ff:15:
04:05:ca:b2:5f:ab:4d:df:73:ec:74:62:3b:27:85:
75:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:30:3F:10:DA:52:D7:35:A7:D4:E3:96:72:EE:B8:F5:08:17:07:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:a2:83:ca:3c:b9:cb:71:50:50:96:ee:2e:1e:03:dc:33:b0:
77:83:62:18:93:7e:50:1a:e9:d2:52:38:bc:63:35:60:25:35:
ac:62:bf:9a:e2:91:85:b9:d3:bd:86:e2:c0:b2:da:54:a3:ab:
c5:e9:4e:ac:f1:b4:96:72:16:5d:2b:c1:0d:e3:d8:79:02:9f:
50:fe:77:fd:fa:0b:de:c1:b4:3f:5b:b0:73:ea:65:13:f1:ba:
07:49:62:c9:b2:88:09:1d:af:e6:12:15:53:82:2b:16:26:0d:
ac:5e:26:7b:99:ee:62:3a:f2:7a:be:1e:37:61:12:24:d8:2e:
47:8c:03:bd:d2:64:94:53:18:54:83:87:48:7a:5e:b4:ba:47:
05:61:a5:b5:21:81:cd:c4:18:07:e9:be:13:a5:2a:e1:98:d6:
d6:0c:c7:b5:67:2a:bc:94:0e:97:59:1e:cf:af:ff:d5:f8:33:
45:ab:29:06:6f:ed:f2:75:6e:69:57:3c:e8:26:ce:3d:b5:2d:
86:d1:21:30:06:d6:68:cd:07:db:4d:1a:e8:60:03:bf:5e:d0:
66:54:53:84:d0:94:e5:d7:69:63:c2:80:b0:22:76:93:af:04:
88:1e:66:7e:14:ac:ad:ab:1e:c7:43:8f:e9:6d:9b:40:9e:94:
7d:2b:d7:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA/0NYgNUQG1l/gMiMkDO9pdcRoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0OGYyODIwMjhjYWZhNjczMWQ4MGFhNDc4ZjAwNzkyNDkzNzQ4MWY3NmJi
M2YwODAyMDAwMjc0YTg2YTU1OWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfa/PeO3RGfYVna8FabvLdMZh0MpP1m86r5cDFjs73ETYPOGMJYPrlq/xhq
aOKdciGrLGzBKkCOsJlLaMSRztYYegOJGyOWtKRUamhDchpyICZiTKuO6D8fxfEh
lNO8Vj8zvRkT7oXJEydyH0WfRzlfAg20QqAFtrIRiTh3ibsnA6ElMxwIViyCmzZy
65KJznJ/KtbYqg0yjGdjS15z3Fk2s9qnGS7V0jULbNgo/NUMsQiMvROFebGQ2jJQ
ksJ2xy0cK1mWztpBnWq8/RTt2IDCISmMlpYe0hC0MdBn5b68dBVuz5Z4zXcZQots
rv8VBAXKsl+rTd9z7HRiOyeFdfECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRMD8Q
2lLXNafU45Zy7rj1CBcHGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTNhOWJlODktZDUwNy00NTRlLTk2ZmItZDJhMjhlNjRmODM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQC9ooPKPLnLcVBQlu4uHgPcM7B3g2IYk35QGunSUji8
YzVgJTWsYr+a4pGFudO9huLAstpUo6vF6U6s8bSWchZdK8EN49h5Ap9Q/nf9+gve
wbQ/W7Bz6mUT8boHSWLJsogJHa/mEhVTgisWJg2sXiZ7me5iOvJ6vh43YRIk2C5H
jAO90mSUUxhUg4dIel60ukcFYaW1IYHNxBgH6b4TpSrhmNbWDMe1Zyq8lA6XWR7P
r//V+DNFqykGb+3ydW5pVzzoJs49tS2G0SEwBtZozQfbTRroYAO/XtBmVFOE0JTl
12ljwoCwInaTrwSIHmZ+FKytqx7HQ4/pbZtAnpR9K9eG
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:37 2025 by rpki-client