Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
File: 7f93618f-074f-4431-abe6-691e069b191f.roa (raw, json)
Hash identifier: caV6qkk8um2batrc26fvTiu1Xkqbyi6+sPE2DQpz07E=
Subject key identifier: F5:86:49:F6:A3:E5:BB:28:85:F1:3A:CF:6E:52:F3:CF:8F:31:8B:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1742916AD26D3018F06C57EDC9C41AD2F25BB5F1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:42:91:6a:d2:6d:30:18:f0:6c:57:ed:c9:c4:1a:d2:f2:5b:b5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7f:ed:03:9a:47:ca:2f:20:f0:af:e4:af:7c:
56:3d:27:40:08:83:08:10:dd:72:9a:a3:ce:73:45:
b7:53:81:fc:89:fd:9e:d1:76:b8:c0:c0:00:71:1a:
37:70:f4:b8:e3:22:74:ea:63:8a:86:e9:1b:44:b6:
9a:89:dc:f9:69:81:c6:15:85:21:3b:ae:9c:23:59:
91:d3:ff:83:6a:53:9a:5b:f3:27:7d:4b:57:89:34:
98:6d:dd:7c:ab:d1:14:aa:fa:ab:2e:db:e3:94:9c:
fe:d4:b7:b3:6e:ce:3a:72:81:16:c4:90:c3:3f:58:
d0:d1:34:55:d0:20:4f:f8:50:5b:0d:82:91:c2:5e:
c3:89:21:21:6a:48:c8:3a:1c:60:42:a2:6f:64:2a:
23:98:39:de:5f:01:18:92:f3:e1:bc:be:92:51:f4:
ed:ef:4b:13:d2:f6:11:48:b4:10:0c:f3:84:a0:cd:
8c:b8:fb:c8:b5:37:ce:42:f4:86:2f:80:75:bc:64:
eb:7f:cb:e6:30:82:e3:20:6b:28:1f:39:ee:c8:fa:
bc:7f:70:db:fc:38:80:d5:5f:ef:3e:13:95:4f:e6:
cb:9e:a0:cc:90:8c:b7:97:88:74:7f:fc:66:b8:d3:
ce:0a:ff:6c:79:8b:3a:9e:b1:1d:e7:8d:30:f3:71:
fa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:86:49:F6:A3:E5:BB:28:85:F1:3A:CF:6E:52:F3:CF:8F:31:8B:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:1d:bd:98:6e:8e:69:10:09:e5:37:b7:3b:76:42:0b:49:ca:
18:d8:ae:47:55:5d:9c:f0:90:d1:b6:4e:bd:1c:3b:ba:be:50:
46:83:38:9f:49:42:8b:b7:22:3f:ef:6e:9a:f3:07:d8:7d:d0:
0a:d5:bf:9f:14:ec:6b:89:01:53:2a:a7:2c:56:3f:63:3a:f8:
1c:51:bc:22:ee:28:eb:41:89:9b:66:a7:7d:7f:00:49:93:28:
79:b1:59:60:1c:c4:68:5f:dd:c4:08:70:c4:4c:08:e0:39:25:
2a:45:59:a0:37:27:1d:5b:3d:88:99:9c:2b:ca:4e:ea:2a:b4:
d6:69:10:44:92:0b:a6:7d:42:eb:ac:27:10:9a:ae:ca:00:aa:
86:78:66:0d:4e:06:0c:85:94:c2:44:f0:ff:46:d6:a8:bc:78:
e4:a1:95:81:50:7b:8c:6f:97:e7:7f:0e:ba:31:e4:78:43:e0:
db:e7:a8:64:89:62:26:72:6d:42:ef:03:2c:3a:7f:04:fa:3a:
3f:c5:83:7a:40:36:44:c3:f7:5e:43:1c:cc:cd:c2:fa:75:40:
bc:09:f5:6d:c0:fc:7c:23:88:1c:ed:29:c4:5e:ff:f4:99:b5:
6c:d7:33:3d:12:7e:b7:28:aa:8d:68:c6:41:18:f7:40:cc:d6:
6a:5e:39:4d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF0KRatJtMBjwbFftycQa0vJbtfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNWFiY2IwZmE2YzcxYWMwMDk2N2U4MWRjZGNlNTBkYWQ1MDkxZDVjYmI3
MTE2MTUwYWU0YTA2ZTcyNTRkNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANx/7QOaR8ovIPCv5K98Vj0nQAiDCBDdcpqjznNFt1OB/In9ntF2uMDAAHEa
N3D0uOMidOpjiobpG0S2monc+WmBxhWFITuunCNZkdP/g2pTmlvzJ31LV4k0mG3d
fKvRFKr6qy7b45Sc/tS3s27OOnKBFsSQwz9Y0NE0VdAgT/hQWw2CkcJew4khIWpI
yDocYEKib2QqI5g53l8BGJLz4by+klH07e9LE9L2EUi0EAzzhKDNjLj7yLU3zkL0
hi+Adbxk63/L5jCC4yBrKB857sj6vH9w2/w4gNVf7z4TlU/my56gzJCMt5eIdH/8
ZrjTzgr/bHmLOp6xHeeNMPNx+rkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT1hkn2
o+W7KIXxOs9uUvPPjzGL7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y5MzYxOGYtMDc0Zi00NDMxLWFiZTYtNjkxZTA2OWIxOTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQCyHb2Ybo5pEAnlN7c7dkILScoY2K5HVV2c8JDRtk69
HDu6vlBGgzifSUKLtyI/726a8wfYfdAK1b+fFOxriQFTKqcsVj9jOvgcUbwi7ijr
QYmbZqd9fwBJkyh5sVlgHMRoX93ECHDETAjgOSUqRVmgNycdWz2ImZwryk7qKrTW
aRBEkgumfULrrCcQmq7KAKqGeGYNTgYMhZTCRPD/RtaovHjkoZWBUHuMb5fnfw66
MeR4Q+Db56hkiWImcm1C7wMsOn8E+jo/xYN6QDZEw/deQxzMzcL6dUC8CfVtwPx8
I4gc7SnEXv/0mbVs1zM9En63KKqNaMZBGPdAzNZqXjlN
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:20:06 2025 by rpki-client