Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
File: 8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa (raw, json)
Hash identifier: P6mSqN+2cgnecSlbrIusGUOJzrSZhGiLoZ+HLKzpagI=
Subject key identifier: F4:06:8C:09:D6:8E:31:9E:F5:53:BB:76:D7:15:E6:C0:7B:2C:59:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 578BD7F047AE3278EB51B5AB9CED47276AA99D93
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:8b:d7:f0:47:ae:32:78:eb:51:b5:ab:9c:ed:47:27:6a:a9:9d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1b:fb:df:fb:69:40:60:c6:c5:1b:8f:2a:c4:
04:94:a2:b1:25:ab:93:2a:83:2a:af:2e:53:dd:ba:
c2:f1:9d:91:b5:69:ad:9a:12:a9:28:d9:d6:f1:10:
33:c0:ed:ec:39:e4:27:b1:e7:69:05:b8:48:94:a6:
5c:84:f9:ee:59:45:1e:cb:b6:c7:85:15:7d:ad:ae:
1b:8b:71:c0:d8:f8:eb:59:83:1d:58:a1:20:6b:b6:
24:80:f2:fc:58:20:91:1f:a7:f2:8f:a4:f7:54:de:
6e:0d:71:06:b9:a6:c6:a4:0e:4f:6a:93:b4:44:62:
83:b8:11:dc:a6:48:9d:db:30:6e:c5:53:5f:f8:8e:
d2:e1:75:f6:77:79:18:71:1b:67:70:01:0a:a8:01:
4e:f8:57:1a:46:2c:46:83:4c:c8:01:07:38:16:ad:
61:26:83:02:c6:43:05:40:ad:c1:65:b8:e0:7f:13:
50:81:d0:6c:f3:eb:f6:c3:86:12:b3:54:31:4e:54:
61:d1:09:79:53:f0:b3:a8:fe:83:c9:56:8b:5e:69:
d5:8a:c9:54:cb:60:09:a6:74:d5:89:2d:e6:9b:b6:
90:bb:99:01:e9:ea:c0:65:30:6b:72:e0:42:7a:46:
34:b8:7a:83:33:44:82:d0:3d:46:93:cb:a7:25:e5:
29:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:06:8C:09:D6:8E:31:9E:F5:53:BB:76:D7:15:E6:C0:7B:2C:59:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:11:d3:92:3c:a6:df:4f:e5:a5:f8:c4:37:dc:81:bf:b2:1c:
bd:30:72:bb:3a:4a:c9:59:d8:19:14:76:bf:7c:38:af:02:68:
f7:df:e6:6e:24:d7:8e:a1:c0:d0:b6:ef:c6:a8:6b:9d:80:5d:
ba:c0:14:ab:a5:09:e6:7d:e2:a0:d1:37:07:4f:ed:db:ec:5e:
e1:03:db:47:02:7b:bf:b4:18:09:83:52:a0:0c:bd:61:44:75:
5e:73:97:f1:2f:cc:9a:18:7d:e8:8d:4a:bd:19:5e:3f:bc:c9:
a4:dc:d0:8c:e3:35:e3:b2:e4:4c:4d:29:d8:f2:da:c4:2e:e8:
9a:f3:21:c5:22:ad:de:19:07:5b:f1:2b:f5:d6:f5:21:aa:37:
bc:7a:b2:3a:cc:7f:b3:14:ff:eb:0f:8e:b0:45:b2:6d:5b:9a:
a6:21:5e:e4:03:fe:f0:24:05:c7:4c:4b:e9:d6:3d:6f:7a:f2:
88:8b:7d:ca:e6:36:d0:dc:ea:95:69:c6:eb:d4:8a:7b:fa:d6:
17:5c:b9:99:da:ba:73:63:20:6b:9c:59:b7:8c:2e:16:59:b8:
a2:12:a0:a6:dd:47:ca:28:04:d7:dd:49:2f:8b:4b:4a:38:cc:
ee:dc:f2:96:2e:f9:9d:f6:3e:a2:8b:b8:80:ff:e0:52:bb:9d:
f2:a7:9d:4d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV4vX8EeuMnjrUbWrnO1HJ2qpnZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0OTA3NWE4YWRmODAyM2U0MDUxYzg1ZWIwMWJiYjU1Y2FlZDliODYyZWVj
M2EwMjQ1ZDQ0ZjUyOWJiYTAzNTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4b+9/7aUBgxsUbjyrEBJSisSWrkyqDKq8uU926wvGdkbVprZoSqSjZ1vEQ
M8Dt7DnkJ7HnaQW4SJSmXIT57llFHsu2x4UVfa2uG4txwNj461mDHVihIGu2JIDy
/FggkR+n8o+k91Tebg1xBrmmxqQOT2qTtERig7gR3KZIndswbsVTX/iO0uF19nd5
GHEbZ3ABCqgBTvhXGkYsRoNMyAEHOBatYSaDAsZDBUCtwWW44H8TUIHQbPPr9sOG
ErNUMU5UYdEJeVPws6j+g8lWi15p1YrJVMtgCaZ01Ykt5pu2kLuZAenqwGUwa3Lg
QnpGNLh6gzNEgtA9RpPLpyXlKYUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT0BowJ
1o4xnvVTu3bXFebAeyxZFDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGIxNGEwZjktODYyNy00ZTIzLWI5YWItZmE4ZGRkODM1ZjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQCUEdOSPKbfT+Wl+MQ33IG/shy9MHK7OkrJWdgZFHa/
fDivAmj33+ZuJNeOocDQtu/GqGudgF26wBSrpQnmfeKg0TcHT+3b7F7hA9tHAnu/
tBgJg1KgDL1hRHVec5fxL8yaGH3ojUq9GV4/vMmk3NCM4zXjsuRMTSnY8trELuia
8yHFIq3eGQdb8Sv11vUhqje8erI6zH+zFP/rD46wRbJtW5qmIV7kA/7wJAXHTEvp
1j1vevKIi33K5jbQ3OqVacbr1Ip7+tYXXLmZ2rpzYyBrnFm3jC4WWbiiEqCm3UfK
KATX3Ukvi0tKOMzu3PKWLvmd9j6ii7iA/+BSu53yp51N
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:39:21 2025 by rpki-client