Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
File: 677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa (raw, json)
Hash identifier: SoQ2tUD8qBfoc+zcoVFlK6N1NVOSphIU3NHLFkWRCBo=
Subject key identifier: 63:83:39:50:3F:19:34:B0:75:CE:D4:0B:32:D9:3B:0F:D3:4E:85:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77F1048234A67900887770717FB33FC9BAECDFBB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:f1:04:82:34:a6:79:00:88:77:70:71:7f:b3:3f:c9:ba:ec:df:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3d:03:99:4f:13:f3:25:84:fb:49:62:d7:66:
83:c5:30:4d:02:b4:4c:39:30:c2:e8:86:02:98:33:
29:2d:70:80:28:f0:a4:bd:22:a9:38:5b:18:48:9d:
f9:07:84:1a:d2:64:af:39:9d:b4:25:63:0d:2b:53:
00:e3:f0:d1:9c:df:13:17:45:14:51:69:20:33:79:
7a:b9:1d:a9:25:57:6e:c4:b6:96:bd:05:08:0f:72:
0c:3f:ff:bd:ea:a4:2d:30:d4:f8:e6:3c:85:f5:f3:
c2:a8:1d:32:58:03:6d:89:0e:11:41:03:76:4c:a1:
a9:23:9a:6b:59:c2:bb:34:3e:7a:8c:22:7f:d7:9f:
51:23:d2:5d:4c:81:88:10:f1:87:b3:8d:9b:26:a2:
89:3a:cc:d7:19:1a:e4:d9:b8:0d:49:2e:2c:10:90:
e0:31:4a:be:ff:9c:3f:ab:08:09:9c:db:fd:d7:89:
f6:ae:9a:35:8f:64:fa:ca:5e:ea:d0:a7:2d:b9:f8:
c7:37:50:8a:4d:a1:1e:b8:2c:39:8d:3c:90:df:27:
6a:8c:9a:d8:40:0f:d6:b3:e0:fa:c7:c1:bc:fc:e7:
57:a3:60:88:5d:90:93:3e:fc:56:ce:99:41:4a:5b:
4e:72:a7:30:f3:1f:ce:a1:10:c3:2a:82:14:e7:58:
7e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:83:39:50:3F:19:34:B0:75:CE:D4:0B:32:D9:3B:0F:D3:4E:85:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
9a:8a:0f:78:1c:e1:74:2c:1b:5d:5f:cc:65:c3:93:cd:58:58:
5b:60:96:f6:36:3a:ba:6f:23:29:24:14:a0:6d:08:6e:67:b5:
cb:09:e2:30:2d:23:9d:61:a1:06:83:2c:fa:16:19:a7:75:a3:
1c:f3:13:c0:34:9d:81:e0:8c:b2:11:e5:e6:5a:9a:44:a9:73:
85:82:21:9b:58:a8:ce:5a:3c:21:7c:3c:7b:5f:cb:5f:aa:52:
c8:b7:1a:e6:f7:52:44:af:50:7c:95:4b:da:54:7b:48:a1:56:
10:73:e2:bf:68:39:01:55:f7:95:c7:8a:c9:0a:bb:bf:b3:5d:
e0:65:88:2c:10:d5:4d:b5:f4:7a:a6:a1:80:c6:0f:a4:60:01:
81:cc:f0:71:34:36:03:7e:a8:a0:b7:ad:ed:8e:9e:13:fb:10:
9e:a0:97:c4:78:8a:4d:02:97:1b:1f:ba:4f:15:f9:e0:63:02:
88:13:7d:93:d0:e5:63:ae:b6:1c:dc:75:b2:72:08:8d:52:8c:
ec:c8:e8:b8:88:5f:ed:f2:9f:b2:8f:a3:27:7d:46:92:eb:1c:
be:df:94:cf:5e:66:28:f1:22:a9:12:e8:f4:66:17:d6:4e:2c:
80:6e:55:61:d3:d1:6e:4c:89:a4:c9:9d:83:93:a9:6a:74:72:
0e:e8:32:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd/EEgjSmeQCId3Bxf7M/ybrs37swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNmUyYWQxYWEzMTE0ODk0MDc3NmIwZjI0MmYxMGMyNDNjY2ZjMDRjODBh
YWRiOGZlNDdiYzhhMzU0NDJjZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANE9A5lPE/MlhPtJYtdmg8UwTQK0TDkwwuiGApgzKS1wgCjwpL0iqThbGEid
+QeEGtJkrzmdtCVjDStTAOPw0ZzfExdFFFFpIDN5erkdqSVXbsS2lr0FCA9yDD//
veqkLTDU+OY8hfXzwqgdMlgDbYkOEUEDdkyhqSOaa1nCuzQ+eowif9efUSPSXUyB
iBDxh7ONmyaiiTrM1xka5Nm4DUkuLBCQ4DFKvv+cP6sICZzb/deJ9q6aNY9k+spe
6tCnLbn4xzdQik2hHrgsOY08kN8naoya2EAP1rPg+sfBvPznV6NgiF2Qkz78Vs6Z
QUpbTnKnMPMfzqEQwyqCFOdYfiMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRjgzlQ
Pxk0sHXO1Asy2TsP006FnjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc3YWJmYjctYTFkNy00YWQ4LTg4NmUtNTRmZjM3NGJjYzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAmooPeBzhdCwbXV/MZcOTzVhYW2CW9jY6um8j
KSQUoG0Ibme1ywniMC0jnWGhBoMs+hYZp3WjHPMTwDSdgeCMshHl5lqaRKlzhYIh
m1iozlo8IXw8e1/LX6pSyLca5vdSRK9QfJVL2lR7SKFWEHPiv2g5AVX3lceKyQq7
v7Nd4GWILBDVTbX0eqahgMYPpGABgczwcTQ2A36ooLet7Y6eE/sQnqCXxHiKTQKX
Gx+6TxX54GMCiBN9k9DlY662HNx1snIIjVKM7MjouIhf7fKfso+jJ31Gkuscvt+U
z15mKPEiqRLo9GYX1k4sgG5VYdPRbkyJpMmdg5OpanRyDugyPg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:41 2025 by rpki-client