Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
File: 7f44216c-6452-466e-be4f-93ae1547f6d1.roa (raw, json)
Hash identifier: BAwQrCwHJQ0z4GQ96N26BjzNGA6z1GY9hsfhrvfDZ3M=
Subject key identifier: B3:E0:AC:E8:64:A5:77:31:52:FF:54:46:3B:75:50:F7:6B:34:9B:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CA64126625069415B0A456961B41951DB41ED28
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:a6:41:26:62:50:69:41:5b:0a:45:69:61:b4:19:51:db:41:ed:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:38:d8:80:9e:40:e0:ec:d9:63:07:eb:25:88:
76:14:32:a5:c7:72:12:00:56:b4:cd:6d:3d:8b:bc:
eb:fb:62:20:5d:cd:61:e5:1c:3a:6f:ac:e6:b3:cb:
f3:fa:86:8d:10:46:02:2d:2d:71:16:be:d6:aa:e3:
f7:56:07:72:66:18:72:a4:25:3b:f6:eb:8d:85:36:
52:c1:83:86:d9:59:ab:e4:ae:95:76:30:52:1f:41:
b7:85:60:9c:14:a8:32:44:37:43:9e:eb:c6:3a:80:
89:0a:3a:80:e9:b6:5a:46:24:97:cf:40:6d:0e:37:
b5:0c:10:a0:ee:5f:c2:9d:40:be:7f:83:9a:a1:e6:
da:4f:ae:20:22:39:b7:57:93:55:78:76:f1:03:32:
fe:c6:8e:1b:d1:d7:93:86:a4:d3:ca:0b:7f:8c:65:
f9:88:14:b4:ba:e6:1d:ba:77:ab:d6:8c:9e:02:1b:
6d:0f:4f:ae:a5:99:65:32:28:10:27:7f:07:62:c1:
9c:de:2f:7c:15:cb:41:f5:88:12:47:a3:49:a6:59:
79:fb:86:a3:2b:8e:b8:a3:8b:ed:63:eb:8b:28:82:
85:75:b2:39:7a:40:22:05:c1:60:33:bf:ef:8f:6e:
20:e0:c6:5e:60:6b:cc:74:44:33:84:8f:da:38:95:
12:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E0:AC:E8:64:A5:77:31:52:FF:54:46:3B:75:50:F7:6B:34:9B:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/36
Signature Algorithm: sha256WithRSAEncryption
03:fe:a4:07:16:9c:82:38:96:0f:12:8a:7a:f8:73:b4:10:e6:
31:7d:9b:30:cf:15:80:2e:a4:ac:12:ee:df:09:55:4f:40:34:
c9:16:f4:f5:be:68:4c:71:af:9f:e3:d7:ef:70:a2:60:0b:d4:
9d:b1:36:3a:04:89:02:ae:33:da:cd:93:41:7a:01:05:14:f7:
b5:1c:99:c3:55:b4:66:3a:c7:d8:ff:b0:9d:5a:01:be:67:3d:
47:e8:ea:5c:51:79:d5:f5:43:12:d4:b5:3e:f0:2d:b3:95:02:
c6:14:63:1c:2c:4d:72:ac:46:06:c2:44:31:a7:e1:48:6a:c4:
08:b3:2a:66:08:fd:db:3e:ba:e3:60:c0:da:03:cd:8a:f3:38:
43:80:81:18:c3:cb:2c:08:d4:fe:cb:e9:41:e5:25:c9:35:12:
a9:7b:8b:b2:bb:3e:6a:ef:db:06:62:e9:1b:f9:09:5e:8b:f4:
ba:eb:5e:2d:fb:7c:8a:6f:89:75:b0:c8:61:99:d8:ee:ba:d0:
5a:30:f2:fd:95:08:f1:84:d8:be:d4:1c:80:72:d1:d3:ac:4a:
d6:57:47:85:ae:53:e5:2e:0f:fd:9b:46:a0:e7:83:60:6c:eb:
c6:2f:8b:18:52:80:a9:b0:29:47:c1:88:7b:a0:82:a2:02:69:
10:70:b5:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbKZBJmJQaUFbCkVpYbQZUdtB7SgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyYmFiNzE1ODEwOTI3NmE1N2QzYWZiNDk3NTNlZDBkZTIzMzQ4ZWQ5YTBh
OWJlODczMjhiZDNmMGIwNjVkMDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM442ICeQODs2WMH6yWIdhQypcdyEgBWtM1tPYu86/tiIF3NYeUcOm+s5rPL
8/qGjRBGAi0tcRa+1qrj91YHcmYYcqQlO/brjYU2UsGDhtlZq+SulXYwUh9Bt4Vg
nBSoMkQ3Q57rxjqAiQo6gOm2WkYkl89AbQ43tQwQoO5fwp1Avn+DmqHm2k+uICI5
t1eTVXh28QMy/saOG9HXk4ak08oLf4xl+YgUtLrmHbp3q9aMngIbbQ9PrqWZZTIo
ECd/B2LBnN4vfBXLQfWIEkejSaZZefuGoyuOuKOL7WPriyiChXWyOXpAIgXBYDO/
749uIODGXmBrzHREM4SP2jiVEh0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSz4Kzo
ZKV3MVL/VEY7dVD3azSbkTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y0NDIxNmMtNjQ1Mi00NjZlLWJlNGYtOTNhZTE1NDdmNmQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoBBXgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAD/qQHFpyCOJYPEop6+HO0EOYxfZswzxWALqSs
Eu7fCVVPQDTJFvT1vmhMca+f49fvcKJgC9SdsTY6BIkCrjPazZNBegEFFPe1HJnD
VbRmOsfY/7CdWgG+Zz1H6OpcUXnV9UMS1LU+8C2zlQLGFGMcLE1yrEYGwkQxp+FI
asQIsypmCP3bPrrjYMDaA82K8zhDgIEYw8ssCNT+y+lB5SXJNRKpe4uyuz5q79sG
Yukb+Qlei/S6614t+3yKb4l1sMhhmdjuutBaMPL9lQjxhNi+1ByActHTrErWV0eF
rlPlLg/9m0ag54NgbOvGL4sYUoCpsClHwYh7oIKiAmkQcLXg
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:38:57 2025 by rpki-client