Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
File: 71d66127-3f22-4413-8fe7-9d46d7fe6626.roa (raw, json)
Hash identifier: bL6qumzmoIFUryxVWhLbpA8WnmMeKN3LXQWFbsVrbwI=
Subject key identifier: 28:FD:59:40:97:FF:F8:24:C8:F4:2D:E4:E0:FF:47:C3:EE:A0:D2:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18C173309481B74D959A7B29C502D324E7657769
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:c1:73:30:94:81:b7:4d:95:9a:7b:29:c5:02:d3:24:e7:65:77:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8c:c2:47:c2:f6:e7:63:c6:1e:11:79:e6:f9:
e6:66:26:e5:6a:1b:ed:f6:bd:5d:95:24:44:80:48:
b8:4c:56:22:e6:07:a1:30:39:83:94:98:f5:71:bd:
7a:11:d0:08:55:c1:10:02:8b:cc:0e:93:8e:44:46:
b5:f7:dc:72:cf:86:de:c2:09:cc:44:c7:17:4f:aa:
c6:b3:a5:49:f7:9d:4b:25:61:4d:af:a6:a4:f0:2f:
6c:4b:15:c9:50:34:24:a0:5f:0d:3d:a5:62:dc:e5:
90:ca:ec:56:99:c4:f4:aa:9d:91:3f:2b:4b:c8:2c:
80:cf:f3:f7:77:19:ef:3c:88:f6:40:6b:63:9b:da:
49:36:ed:98:07:5b:35:18:26:9b:72:0c:2e:43:b8:
e6:d6:15:4f:be:26:8f:cd:05:9b:5b:71:a5:70:f7:
c3:fe:86:a0:2a:97:30:bd:6a:86:59:5a:ef:25:fe:
a9:13:61:6d:28:11:af:a9:6f:1d:a0:93:90:71:07:
bc:1a:1a:8a:11:1e:29:a6:08:67:f9:a3:70:a3:30:
14:0f:ad:b8:eb:85:99:04:ae:67:d4:50:71:66:a5:
84:51:ea:4c:84:43:2a:17:2e:aa:fb:bb:78:da:03:
38:9b:15:39:a9:9c:4e:69:a0:bc:30:97:6b:ac:7c:
f0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FD:59:40:97:FF:F8:24:C8:F4:2D:E4:E0:FF:47:C3:EE:A0:D2:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:b4:e8:2f:8a:4b:22:ba:d2:8c:ab:8f:05:41:ee:0a:c8:3e:
02:f2:0e:ce:67:2d:ee:bd:f3:4b:41:38:d3:33:79:a1:7b:37:
b0:c6:a7:2f:29:33:4a:64:b2:b9:cd:96:f6:08:b0:00:d5:e9:
3d:49:87:57:29:16:0a:be:e2:04:18:9a:f1:41:c9:57:3d:05:
9f:8f:76:2a:76:0b:5c:04:11:c4:c8:53:21:2e:df:f8:ff:66:
8f:bc:b2:7f:af:75:d7:6a:25:2c:d4:b2:93:82:e5:25:e1:91:
7c:0b:fe:b6:b2:d5:9c:5c:4a:77:f5:fd:4b:1c:e5:8c:df:89:
45:41:dd:2e:dc:43:29:e7:89:9d:cb:0a:41:05:e5:b5:e8:56:
6d:ed:ff:cf:9b:38:09:ae:14:45:f5:9c:af:60:50:11:86:b3:
12:d0:2d:d0:28:95:28:8c:91:58:6e:e5:69:36:b3:39:17:13:
40:03:7f:a9:0c:01:74:aa:0e:ef:22:5a:d4:fe:12:10:92:47:
3c:f8:9a:e6:fc:76:32:46:60:7b:3e:27:24:89:be:12:e2:7a:
c6:43:6c:0f:9e:5d:eb:52:0f:b1:fd:cf:42:eb:e3:ff:d4:8b:
fe:87:07:8c:22:31:58:72:df:cc:0b:51:33:6f:55:24:27:3d:
26:14:bc:58
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGMFzMJSBt02VmnspxQLTJOdld2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlNTgxYWQ5YjkyOTZmY2Q1M2Y0N2E0NmVhNmRlZGFjZGFkMWU1NzJiNGE0
ODU2OGJjZjVmMjJiNTAxY2E1OWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuMwkfC9udjxh4Reeb55mYm5Wob7fa9XZUkRIBIuExWIuYHoTA5g5SY9XG9
ehHQCFXBEAKLzA6TjkRGtffccs+G3sIJzETHF0+qxrOlSfedSyVhTa+mpPAvbEsV
yVA0JKBfDT2lYtzlkMrsVpnE9KqdkT8rS8gsgM/z93cZ7zyI9kBrY5vaSTbtmAdb
NRgmm3IMLkO45tYVT74mj80Fm1txpXD3w/6GoCqXML1qhlla7yX+qRNhbSgRr6lv
HaCTkHEHvBoaihEeKaYIZ/mjcKMwFA+tuOuFmQSuZ9RQcWalhFHqTIRDKhcuqvu7
eNoDOJsVOamcTmmgvDCXa6x88IECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQo/VlA
l//4JMj0LeTg/0fD7qDSPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzFkNjYxMjctM2YyMi00NDEzLThmZTctOWQ0NmQ3ZmU2NjI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQCytOgviksiutKMq48FQe4KyD4C8g7OZy3uvfNLQTjT
M3mhezewxqcvKTNKZLK5zZb2CLAA1ek9SYdXKRYKvuIEGJrxQclXPQWfj3Yqdgtc
BBHEyFMhLt/4/2aPvLJ/r3XXaiUs1LKTguUl4ZF8C/62stWcXEp39f1LHOWM34lF
Qd0u3EMp54mdywpBBeW16FZt7f/PmzgJrhRF9ZyvYFARhrMS0C3QKJUojJFYbuVp
NrM5FxNAA3+pDAF0qg7vIlrU/hIQkkc8+Jrm/HYyRmB7Pickib4S4nrGQ2wPnl3r
Ug+x/c9C6+P/1Iv+hweMIjFYct/MC1Ezb1UkJz0mFLxY
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:03:02 2025 by rpki-client