Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
File: 6983da84-161e-42b3-9b20-728d967cf78a.roa (raw, json)
Hash identifier: bmRsvAfxaTrL52uRm2hpk7JJfwDLFn7dNPEL/m7eXS0=
Subject key identifier: 1F:52:2E:D6:72:CB:95:95:AB:45:20:D6:8E:C0:C8:35:9F:74:85:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FE79C31B534998AB7A6F86DC67454DF35830899
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:e7:9c:31:b5:34:99:8a:b7:a6:f8:6d:c6:74:54:df:35:83:08:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:55:f0:d4:0d:5b:98:15:21:b3:49:b8:56:03:
b7:26:41:cf:2b:34:9c:2c:ca:a3:e9:b9:2c:ac:44:
45:97:39:2d:14:d9:a0:1c:c5:b8:86:f2:14:ba:43:
67:b6:d7:d3:d0:79:d8:00:f8:33:a4:38:37:ab:e4:
71:fb:df:c8:5c:d1:79:e6:a2:00:d8:66:1b:a1:48:
52:9c:60:f4:46:57:8e:ae:07:b3:7c:a5:30:c1:6f:
b5:fd:91:94:6f:7a:96:da:60:df:ba:f0:ed:eb:fa:
75:e8:d4:53:3b:19:b5:8f:7d:6e:75:c6:96:03:c9:
32:52:29:79:1e:ae:43:41:2a:c6:7d:ca:c3:e4:53:
32:46:38:70:5e:9d:44:d3:13:13:38:bd:bb:7e:66:
4c:a9:74:07:f1:1a:44:f9:de:fe:bd:a1:de:c3:86:
91:5a:41:8e:1f:ab:c5:d3:3e:83:60:1e:70:54:0a:
7b:ce:51:13:0c:8f:ba:32:e0:65:77:50:e6:88:60:
a4:3a:72:05:93:af:7a:aa:fc:4b:b1:de:52:b7:e8:
ea:0c:c4:b7:c3:46:15:19:de:d4:1d:e9:44:4c:59:
3d:d6:8b:17:47:78:85:6f:09:27:6d:de:bd:b5:76:
2c:75:2e:2e:af:39:04:80:9c:72:1f:26:c5:cb:89:
a1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:52:2E:D6:72:CB:95:95:AB:45:20:D6:8E:C0:C8:35:9F:74:85:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:29:89:09:93:fd:43:7a:a5:b9:8f:89:c9:7a:0c:14:1f:58:
a1:54:1b:6a:ff:60:9c:80:aa:8c:fe:f3:2d:9d:6b:5c:48:9a:
06:a4:9d:b5:98:8c:fa:42:1a:c6:83:62:51:13:cd:9d:02:c2:
18:29:3f:37:5a:29:bf:6a:8d:76:e7:5c:3d:df:c6:09:32:54:
4e:98:d7:23:98:8b:8e:d6:83:cd:df:65:eb:de:1a:b9:a7:ee:
a2:ac:e9:7d:04:b3:bc:a0:28:21:e1:ba:23:c1:0e:8b:df:a8:
ce:94:ab:a7:b4:d1:b8:09:20:78:7b:1a:58:4c:59:a0:b2:55:
41:63:7c:ec:ba:f5:38:59:f1:40:8e:e3:17:76:d1:ef:3f:05:
d3:f2:29:6f:b4:48:9b:02:95:0b:63:89:3e:2d:88:d0:7f:71:
bd:0e:ef:3d:b5:a8:b3:f6:20:85:d4:66:3d:cc:72:46:c7:33:
19:fc:fc:5a:84:57:28:34:41:6b:50:49:36:93:0e:c7:b8:e8:
50:d9:11:6b:4c:9f:22:7f:68:12:a5:07:59:be:05:3e:ee:78:
f1:de:d3:d3:69:db:15:53:50:4a:5d:7e:3e:0f:b2:60:6e:d5:
5f:ec:f4:b6:bc:38:62:f5:1c:87:d9:26:28:35:bd:57:50:c6:
78:b4:c9:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb+ecMbU0mYq3pvhtxnRU3zWDCJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjYmE2NWMwOTJlMjU2ZTI4NTM3NmIyMTQ3YmY0MmFhOTE1NzNkNzkyNjFh
N2E5Zjc2MjUwNGRhNmZkZTMwYmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdV8NQNW5gVIbNJuFYDtyZBzys0nCzKo+m5LKxERZc5LRTZoBzFuIbyFLpD
Z7bX09B52AD4M6Q4N6vkcfvfyFzReeaiANhmG6FIUpxg9EZXjq4Hs3ylMMFvtf2R
lG96ltpg37rw7ev6dejUUzsZtY99bnXGlgPJMlIpeR6uQ0Eqxn3Kw+RTMkY4cF6d
RNMTEzi9u35mTKl0B/EaRPne/r2h3sOGkVpBjh+rxdM+g2AecFQKe85REwyPujLg
ZXdQ5ohgpDpyBZOveqr8S7HeUrfo6gzEt8NGFRne1B3pRExZPdaLF0d4hW8JJ23e
vbV2LHUuLq85BICcch8mxcuJoZcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQfUi7W
csuVlatFINaOwMg1n3SFeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk4M2RhODQtMTYxZS00MmIzLTliMjAtNzI4ZDk2N2NmNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQALKYkJk/1DeqW5j4nJegwUH1ihVBtq/2CcgKqM/vMt
nWtcSJoGpJ21mIz6QhrGg2JRE82dAsIYKT83Wim/ao1251w938YJMlROmNcjmIuO
1oPN32Xr3hq5p+6irOl9BLO8oCgh4bojwQ6L36jOlKuntNG4CSB4expYTFmgslVB
Y3zsuvU4WfFAjuMXdtHvPwXT8ilvtEibApULY4k+LYjQf3G9Du89taiz9iCF1GY9
zHJGxzMZ/PxahFcoNEFrUEk2kw7HuOhQ2RFrTJ8if2gSpQdZvgU+7njx3tPTadsV
U1BKXX4+D7JgbtVf7PS2vDhi9RyH2SYoNb1XUMZ4tMkS
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:31:34 2025 by rpki-client