Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
File: 55eb1295-2121-40dc-bdd3-a11a68da507a.roa (raw, json)
Hash identifier: 3jrpGP7jtfAX6zMnQ9ARIOXqFwBFZKBzgm4LjYKiih4=
Subject key identifier: 58:51:62:F0:D2:37:20:E5:BF:5F:4B:42:30:10:38:6D:48:29:34:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0133F0E09A5A42ABCD4689F13227F0759C003397
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:33:f0:e0:9a:5a:42:ab:cd:46:89:f1:32:27:f0:75:9c:00:33:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5f:71:e2:ac:e2:56:50:71:0f:b2:9c:0d:b6:
5c:28:63:5b:3e:5c:66:b3:7d:b2:71:8d:cd:46:2a:
2e:62:c2:c0:57:e1:fe:85:ec:c9:aa:2f:03:f7:30:
eb:09:98:6d:59:1d:0c:84:81:7e:3a:8a:ba:50:b2:
15:ec:1f:ed:cc:af:50:0e:5a:dd:25:a1:9f:60:c8:
15:8a:70:b3:a4:0b:99:32:76:19:14:38:f0:72:75:
89:1e:41:12:96:fd:0b:6f:5a:9f:bb:e2:c2:ed:51:
5e:a7:b2:14:28:45:47:65:30:29:3f:b9:4c:a4:8f:
6e:4f:5f:f7:29:20:e4:81:63:13:4d:56:c9:ab:5a:
88:17:3e:76:a2:51:16:99:5d:1d:d7:11:4b:80:ce:
fa:68:bb:fa:cb:42:b1:86:4b:9a:c9:fa:90:3a:8e:
49:85:c7:bd:4e:6a:3a:30:7b:aa:0f:7e:f8:e3:ef:
33:35:b3:a9:9b:b4:1b:15:6c:60:f7:8b:ac:50:fd:
b8:44:ed:8e:d7:3d:ab:21:3e:10:4a:ce:1a:89:6f:
32:a7:05:c0:5b:84:83:34:93:3b:04:b1:63:f9:12:
d3:3d:64:60:97:b2:ce:7e:41:91:ef:92:28:aa:c4:
f5:63:f2:92:ec:85:31:d9:dd:49:54:b6:d9:82:a5:
20:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:51:62:F0:D2:37:20:E5:BF:5F:4B:42:30:10:38:6D:48:29:34:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1f:69:3c:49:ae:0e:e2:52:e3:6a:a0:4f:b2:f1:8e:0b:9f:0e:
2a:74:f3:17:53:16:42:73:d1:32:5a:60:60:50:1c:d1:c6:fe:
00:3d:bb:2f:fa:f9:3f:dc:aa:f8:ac:c8:87:06:f5:ee:08:09:
77:6b:e6:68:54:b8:f0:2f:33:33:7d:dd:90:1a:1c:16:5d:80:
58:e5:32:d1:31:28:5d:11:9c:a8:22:4f:a5:a1:58:40:c2:9e:
40:5a:3f:5f:90:3a:6f:12:63:90:a8:cb:51:89:e6:68:b9:d8:
c1:1a:a2:41:45:8e:ff:32:31:9d:61:ec:d2:2c:92:8a:70:06:
27:a2:ca:9d:98:ca:99:11:a1:db:2b:42:09:fd:9e:86:8a:00:
00:ec:5b:a4:ba:c1:2b:9f:5f:5e:2d:4e:bb:3a:f0:f6:99:99:
82:7a:a3:a5:a9:62:6d:84:a2:a1:49:ab:f2:ae:88:7b:18:00:
bc:38:c6:df:e0:98:a2:b6:ff:40:3a:09:a1:24:24:e7:cd:0a:
9c:63:7d:07:83:02:d2:36:58:d5:bb:93:87:ce:70:51:7a:bb:
5d:66:2c:53:c5:d7:e5:fc:04:29:b7:b4:89:6f:c0:cf:bb:55:
ac:e6:a4:c8:89:00:19:39:58:ab:12:da:15:06:4a:1b:e5:7d:
76:3a:79:4a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUATPw4JpaQqvNRonxMifwdZwAM5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2MjMzMjA5OTVlOGI5MzVhMTkzNTc1MTE5YjYzMmUxYzY0NjNjMDllNTNi
N2NmMWI1MWNmNTFmMmI5NDBjYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNfceKs4lZQcQ+ynA22XChjWz5cZrN9snGNzUYqLmLCwFfh/oXsyaovA/cw
6wmYbVkdDISBfjqKulCyFewf7cyvUA5a3SWhn2DIFYpws6QLmTJ2GRQ48HJ1iR5B
Epb9C29an7viwu1RXqeyFChFR2UwKT+5TKSPbk9f9ykg5IFjE01WyataiBc+dqJR
FpldHdcRS4DO+mi7+stCsYZLmsn6kDqOSYXHvU5qOjB7qg9++OPvMzWzqZu0GxVs
YPeLrFD9uETtjtc9qyE+EErOGolvMqcFwFuEgzSTOwSxY/kS0z1kYJeyzn5Bke+S
KKrE9WPykuyFMdndSVS22YKlIOsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYUWLw
0jcg5b9fS0IwEDhtSCk0LTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTVlYjEyOTUtMjEyMS00MGRjLWJkZDMtYTExYTY4ZGE1MDdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAH2k8Sa4O4lLjaqBPsvGOC58OKnTzF1MWQnPRMlpg
YFAc0cb+AD27L/r5P9yq+KzIhwb17ggJd2vmaFS48C8zM33dkBocFl2AWOUy0TEo
XRGcqCJPpaFYQMKeQFo/X5A6bxJjkKjLUYnmaLnYwRqiQUWO/zIxnWHs0iySinAG
J6LKnZjKmRGh2ytCCf2ehooAAOxbpLrBK59fXi1Ouzrw9pmZgnqjpalibYSioUmr
8q6IexgAvDjG3+CYorb/QDoJoSQk580KnGN9B4MC0jZY1buTh85wUXq7XWYsU8XX
5fwEKbe0iW/Az7tVrOakyIkAGTlYqxLaFQZKG+V9djp5Sg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:42:43 2025 by rpki-client