Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
File: 6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa (raw, json)
Hash identifier: dtiUH8vdIw0PqSBl78OLuuaVQJ4th5SD4185A6e1DFI=
Subject key identifier: 99:A5:9E:A6:34:EA:B1:E1:5A:AB:43:18:8F:2E:9C:E4:83:85:4C:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D6DCFD7172C69680A3DF77D1A5D436BEC85DF2C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:6d:cf:d7:17:2c:69:68:0a:3d:f7:7d:1a:5d:43:6b:ec:85:df:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:41:9e:f4:90:5a:a7:8a:05:7d:ba:84:e8:c0:
97:b3:bb:13:7a:63:66:5c:5d:12:cf:a6:01:8c:38:
43:7c:69:03:a9:54:ba:45:e0:0b:a2:37:d4:8c:a2:
52:ca:c5:a9:87:f2:a3:f7:4f:18:a8:8c:02:e2:58:
52:4c:37:dd:6d:f3:d3:a3:54:e0:70:16:86:a7:65:
13:7e:3e:fe:9e:a1:3f:ac:ba:c3:73:72:61:a1:9b:
49:fe:90:a5:e3:09:70:f6:9f:4b:70:a0:d3:5f:f0:
92:c0:39:fe:20:01:95:18:97:d3:0f:cd:87:2c:16:
70:10:35:f7:8e:8d:48:54:45:19:e9:0a:76:02:42:
75:ae:df:31:8f:e0:ed:a1:5a:dc:ba:37:fa:29:ee:
23:5d:f6:6d:7f:09:2e:67:c3:a0:bc:10:8b:48:75:
0e:46:40:fb:3d:90:e9:07:18:3c:5b:6f:f0:1e:e6:
28:b1:6c:ef:80:3c:e8:c5:af:a9:f1:59:a0:f1:6a:
54:84:4f:3e:1b:f4:7c:bf:04:0c:13:ce:30:3f:f2:
6c:82:18:8f:93:4b:6a:84:3d:b0:d6:cf:c2:80:e9:
d4:f9:35:6b:dd:f9:99:fd:37:87:f9:89:13:d9:fd:
54:45:7e:05:82:25:55:15:6d:0a:75:45:9d:0e:2e:
73:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A5:9E:A6:34:EA:B1:E1:5A:AB:43:18:8F:2E:9C:E4:83:85:4C:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
18:92:05:37:64:22:bd:bf:d0:48:1c:1d:ee:5b:0a:2b:c1:26:
2c:f4:a6:27:1a:34:18:cf:d1:d4:b7:ef:a8:e6:df:8a:ab:c8:
43:08:0f:85:69:c8:a0:75:eb:fd:e7:29:b9:96:a2:30:c4:9b:
70:8f:bd:33:8e:1a:6a:ba:f4:b5:02:f4:41:b7:89:3a:df:20:
1c:eb:20:f7:3e:8b:e2:0a:8a:a7:9e:bf:df:99:82:72:27:74:
0a:a1:8d:f7:57:be:47:57:41:46:24:60:bd:9a:98:d1:84:99:
55:11:cf:ed:08:ee:a0:e6:ae:fe:bb:0d:4d:91:05:dc:1b:11:
2b:9b:19:5c:d6:33:2c:f3:b4:0e:c0:1c:36:95:a7:6d:84:ee:
c9:7f:63:a5:c7:09:8c:b3:1f:b6:2d:ed:dc:23:c7:1b:d3:fc:
3c:7b:93:84:f3:45:a3:cd:1f:7f:da:35:04:91:48:71:d3:2e:
30:e4:b6:ad:15:d3:b7:f0:df:c9:88:37:00:12:74:3c:07:dc:
40:58:28:08:7e:e7:40:8c:fb:f7:43:6d:45:b0:61:12:c9:de:
58:36:84:a3:0e:84:80:28:c0:1b:4f:47:f8:57:b9:25:b1:3e:
f3:28:da:99:86:aa:aa:70:1f:92:90:33:2d:07:c1:c2:78:be:
3f:16:ff:73
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTW3P1xcsaWgKPfd9Gl1Da+yF3ywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMDQwMzBjYTA5NjgwNWQxYjBkYmFhZGZjYWQ5YjczYjk3NjUzYzcwNTQ5
YjAxNzE2N2YxZjk0MGM2OGY3N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9BnvSQWqeKBX26hOjAl7O7E3pjZlxdEs+mAYw4Q3xpA6lUukXgC6I31Iyi
UsrFqYfyo/dPGKiMAuJYUkw33W3z06NU4HAWhqdlE34+/p6hP6y6w3NyYaGbSf6Q
peMJcPafS3Cg01/wksA5/iABlRiX0w/NhywWcBA1946NSFRFGekKdgJCda7fMY/g
7aFa3Lo3+inuI132bX8JLmfDoLwQi0h1DkZA+z2Q6QcYPFtv8B7mKLFs74A86MWv
qfFZoPFqVIRPPhv0fL8EDBPOMD/ybIIYj5NLaoQ9sNbPwoDp1Pk1a935mf03h/mJ
E9n9VEV+BYIlVRVtCnVFnQ4uc7UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSZpZ6m
NOqx4VqrQxiPLpzkg4VM8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmNlMWE1OWMtMWJmZC00YjVlLWFkMzQtZDNmNGYwN2E0NmY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAGJIFN2Qivb/QSBwd7lsKK8EmLPSmJxo0GM/R1Lfv
qObfiqvIQwgPhWnIoHXr/ecpuZaiMMSbcI+9M44aarr0tQL0QbeJOt8gHOsg9z6L
4gqKp56/35mCcid0CqGN91e+R1dBRiRgvZqY0YSZVRHP7QjuoOau/rsNTZEF3BsR
K5sZXNYzLPO0DsAcNpWnbYTuyX9jpccJjLMfti3t3CPHG9P8PHuThPNFo80ff9o1
BJFIcdMuMOS2rRXTt/DfyYg3ABJ0PAfcQFgoCH7nQIz790NtRbBhEsneWDaEow6E
gCjAG09H+Fe5JbE+8yjamYaqqnAfkpAzLQfBwni+Pxb/cw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:42 2025 by rpki-client