Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
File: 75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa (raw, json)
Hash identifier: wVUD4Tw+rAX5WzvnON80RSogUbiOz9joqJ0KwW2wec0=
Subject key identifier: 3B:9E:DF:74:24:6D:12:DF:BF:3A:15:04:A8:01:D2:4A:EF:60:BC:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D23CF75EE72279F1C60878CEC208E74B405A176
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:23:cf:75:ee:72:27:9f:1c:60:87:8c:ec:20:8e:74:b4:05:a1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a3:f2:e9:f4:34:97:3c:b9:3e:83:fb:4c:1c:
59:28:58:dd:21:fe:fc:24:ad:4d:f1:28:11:72:4c:
7b:74:f5:98:4f:2b:8d:c1:e6:02:a1:52:5e:f7:bc:
e0:bc:31:c8:7e:11:c2:ca:53:5f:fc:2f:4d:45:0c:
9c:bc:5a:90:58:e5:ce:0c:a1:95:e0:0f:fa:c9:c6:
37:a1:1c:21:ba:5a:52:ea:15:d5:e7:1c:75:96:fd:
3e:af:00:c1:50:62:bd:89:80:71:ab:e4:17:88:07:
16:b0:95:5a:c7:60:f8:b1:83:2d:fc:6b:7c:99:1b:
8f:9e:de:a0:f6:bf:b7:4a:64:33:bb:da:5a:c8:62:
d9:c4:e0:da:1c:4d:a6:cd:2c:1f:51:38:de:d9:d7:
28:4e:8b:4b:6f:9e:a0:a2:5f:ab:97:62:c7:a0:93:
06:61:59:2a:4e:02:47:f5:32:fe:22:8c:09:db:f1:
aa:7c:5d:2a:a5:4a:ef:50:d0:62:07:3c:91:0d:5f:
cc:c2:36:a0:d9:a3:ea:45:e6:6a:5e:e2:67:2a:76:
e8:a9:97:d0:bb:d8:6a:d7:03:82:2d:4a:fd:9d:da:
52:63:ea:cb:9f:7a:e8:fa:a7:7c:f4:e0:f1:f0:05:
c6:92:c4:1c:cb:6e:1a:e6:19:c3:1a:a8:18:d1:5d:
97:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9E:DF:74:24:6D:12:DF:BF:3A:15:04:A8:01:D2:4A:EF:60:BC:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
ba:7d:b3:70:97:cb:b7:ac:53:6e:25:d0:a4:5b:27:a3:13:03:
37:93:de:b1:70:45:a4:30:70:5d:19:0d:34:c1:93:36:11:08:
6c:22:64:a4:45:e7:83:7a:2a:f9:a0:97:a9:f6:b8:07:0d:44:
e8:44:35:d8:f3:12:6c:51:e3:25:3f:fa:9c:1e:ed:58:e2:78:
ba:98:24:cb:15:0a:40:19:5d:1d:8c:e8:7d:7f:0a:2a:1d:12:
60:0f:0d:d2:7f:8d:41:9d:97:0e:c8:ea:85:ad:b9:9a:fe:08:
55:ea:27:2b:36:d9:ec:42:fd:31:8b:b7:d8:0f:19:4e:8d:23:
bc:84:f3:8b:14:af:33:fa:91:09:d9:6f:7a:55:e1:2c:b4:9f:
61:f1:cc:fe:a7:97:fa:0b:6d:a7:6d:65:c7:6a:13:b7:13:90:
57:2d:1d:c1:7d:81:ee:a7:20:9f:f0:59:c3:1a:f0:48:f7:98:
c4:05:31:93:a6:f6:75:93:48:0b:9c:13:a8:54:77:87:f9:0d:
e8:ce:fb:7b:58:ed:3c:02:d4:e0:22:f2:81:a7:ea:1a:02:2a:
5c:54:bd:53:6e:da:59:f4:06:6b:94:9b:dd:4a:b2:ce:04:ff:
07:05:6b:c8:18:66:e4:4e:92:3a:f9:52:99:f2:9e:c0:80:c2:
b7:44:f4:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDSPPde5yJ58cYIeM7CCOdLQFoXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0NDg0NGIwZjI5MjQ2YTNjMzBmZDU3ODE4NzBlNThkZTRiN2ZjZDU5N2E5
YzA3OGUzZThkNGJkYTVlYzYyY2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGj8un0NJc8uT6D+0wcWShY3SH+/CStTfEoEXJMe3T1mE8rjcHmAqFSXve8
4LwxyH4RwspTX/wvTUUMnLxakFjlzgyhleAP+snGN6EcIbpaUuoV1eccdZb9Pq8A
wVBivYmAcavkF4gHFrCVWsdg+LGDLfxrfJkbj57eoPa/t0pkM7vaWshi2cTg2hxN
ps0sH1E43tnXKE6LS2+eoKJfq5dix6CTBmFZKk4CR/Uy/iKMCdvxqnxdKqVK71DQ
Ygc8kQ1fzMI2oNmj6kXmal7iZyp26KmX0LvYatcDgi1K/Z3aUmPqy5966PqnfPTg
8fAFxpLEHMtuGuYZwxqoGNFdl28CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7nt90
JG0S3786FQSoAdJK72C8CzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzVkMTZkOTYtOWU1Ny00Y2MwLTgzZGYtMmMwMTFjY2M4ZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQC6fbNwl8u3rFNuJdCkWyejEwM3k96xcEWkMHBd
GQ00wZM2EQhsImSkReeDeir5oJep9rgHDUToRDXY8xJsUeMlP/qcHu1Y4ni6mCTL
FQpAGV0djOh9fwoqHRJgDw3Sf41BnZcOyOqFrbma/ghV6icrNtnsQv0xi7fYDxlO
jSO8hPOLFK8z+pEJ2W96VeEstJ9h8cz+p5f6C22nbWXHahO3E5BXLR3BfYHupyCf
8FnDGvBI95jEBTGTpvZ1k0gLnBOoVHeH+Q3ozvt7WO08AtTgIvKBp+oaAipcVL1T
btpZ9AZrlJvdSrLOBP8HBWvIGGbkTpI6+VKZ8p7AgMK3RPS4
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:15:04 2025 by rpki-client