Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
File: 73817c12-8c1e-4664-9721-3b7c6b416bab.roa (raw, json)
Hash identifier: 1gEAs9murUh5KVhTLvAPQK5wn1blp2PA1+r0t7y3Ziw=
Subject key identifier: 38:AB:B3:58:4D:CE:F9:B9:60:13:C0:84:99:31:7B:C8:55:7D:DE:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 153F1F4298DBF17F6D4DC6E14A6A39B7D0C38907
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:3f:1f:42:98:db:f1:7f:6d:4d:c6:e1:4a:6a:39:b7:d0:c3:89:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0d:9b:7c:e4:c8:20:c7:d0:78:67:93:86:ed:
09:0a:d8:04:be:5d:de:9a:72:6c:bf:75:bd:61:1d:
f6:a9:93:a3:2c:b2:c2:14:05:ff:27:31:df:d4:57:
68:9e:3e:a2:47:7d:3c:d6:90:7f:46:c8:d7:ec:3f:
75:b4:02:d8:4d:64:d2:44:56:06:b2:af:12:da:8e:
e1:54:05:47:b7:44:ab:6a:63:02:d5:24:1f:d0:16:
50:9a:85:ce:82:4e:2b:89:ca:24:69:77:69:9e:32:
05:80:b3:38:7d:a1:07:28:b2:d7:fc:7d:9b:d7:f6:
ea:d9:45:70:f4:92:19:fe:c7:10:9f:ad:84:f7:99:
49:34:82:10:e2:1c:c1:01:b1:4c:ec:25:85:68:9f:
4a:e7:a7:20:26:d6:9d:f3:3c:2d:8d:ed:e5:7c:22:
92:7c:13:66:f0:b8:dd:a9:26:29:b1:72:7e:03:53:
31:20:89:5c:8a:d8:18:f2:3c:77:f7:a6:30:12:7f:
4b:8a:b1:2a:a1:cb:b2:94:3f:1e:0d:a7:02:78:94:
ad:33:eb:2b:b8:d9:80:89:7d:5b:97:2d:c0:5f:73:
c2:19:c6:4f:23:b9:02:9e:06:e0:54:e6:0c:56:d9:
5e:50:40:4e:2b:8f:dd:73:56:2a:28:1a:d5:b9:10:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AB:B3:58:4D:CE:F9:B9:60:13:C0:84:99:31:7B:C8:55:7D:DE:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1a:d8:5e:1e:a6:6b:3c:05:68:7f:bd:01:ae:cf:a4:20:cf:5c:
f7:ff:3d:d9:01:f8:eb:58:48:0d:93:8f:b4:28:10:01:67:c5:
95:fd:7c:a0:19:6d:7d:e6:28:ac:f8:f3:cc:f2:0d:b3:b9:bd:
b8:46:51:0b:00:dd:a8:dd:5d:a5:4f:cb:a7:ca:9a:cf:0e:3d:
84:31:39:cd:63:44:91:ee:92:6a:14:eb:4f:75:8c:25:88:49:
cb:ce:07:f6:fd:3a:7d:34:3f:8d:88:e6:d6:8c:2a:38:89:c6:
3b:02:ed:a9:02:2b:36:0e:30:92:e8:b7:c2:db:2f:b0:52:0f:
4a:24:4a:a9:c4:a0:7d:64:58:8d:02:de:1d:1f:dc:66:e0:1b:
f6:38:d2:76:8b:92:ea:43:dc:bb:7b:c4:23:ec:98:a1:62:60:
84:2d:e7:f2:14:30:34:c0:b4:f7:f6:c9:6e:e7:4e:b3:37:0c:
eb:21:30:45:25:9b:e7:a6:59:8c:fa:57:7a:a2:7f:51:f4:48:
28:eb:6a:0f:4c:20:d0:c9:f1:fd:e8:a9:74:d7:86:30:fb:fa:
39:81:6d:5d:d8:dd:b0:11:0e:a7:a5:fc:7e:d8:d2:2e:db:59:
92:61:34:0e:3c:29:e5:a7:16:58:0d:ee:4e:7f:c6:bd:93:d2:
b2:d7:d3:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFT8fQpjb8X9tTcbhSmo5t9DDiQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmYjFlNDgwZWQ2MmU5NDQ5NjAyMWNjNzZkYWQ0MmYyY2QzMDhhZjNkNmMz
Y2I1Yzg5NTZhYjVlN2RhOTUwMmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMNm3zkyCDH0Hhnk4btCQrYBL5d3ppybL91vWEd9qmToyyywhQF/ycx39RX
aJ4+okd9PNaQf0bI1+w/dbQC2E1k0kRWBrKvEtqO4VQFR7dEq2pjAtUkH9AWUJqF
zoJOK4nKJGl3aZ4yBYCzOH2hByiy1/x9m9f26tlFcPSSGf7HEJ+thPeZSTSCEOIc
wQGxTOwlhWifSuenICbWnfM8LY3t5XwiknwTZvC43akmKbFyfgNTMSCJXIrYGPI8
d/emMBJ/S4qxKqHLspQ/Hg2nAniUrTPrK7jZgIl9W5ctwF9zwhnGTyO5Ap4G4FTm
DFbZXlBATiuP3XNWKiga1bkQ8wECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ4q7NY
Tc75uWATwISZMXvIVX3e1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzM4MTdjMTItOGMxZS00NjY0LTk3MjEtM2I3YzZiNDE2YmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAGtheHqZrPAVof70Brs+kIM9c9/892QH461hIDZOP
tCgQAWfFlf18oBltfeYorPjzzPINs7m9uEZRCwDdqN1dpU/Lp8qazw49hDE5zWNE
ke6SahTrT3WMJYhJy84H9v06fTQ/jYjm1owqOInGOwLtqQIrNg4wkui3wtsvsFIP
SiRKqcSgfWRYjQLeHR/cZuAb9jjSdouS6kPcu3vEI+yYoWJghC3n8hQwNMC09/bJ
budOszcM6yEwRSWb56ZZjPpXeqJ/UfRIKOtqD0wg0Mnx/eipdNeGMPv6OYFtXdjd
sBEOp6X8ftjSLttZkmE0Djwp5acWWA3uTn/GvZPSstfT9g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:36:18 2025 by rpki-client