Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
File: 8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa (raw, json)
Hash identifier: SoZsoQdg7Obmi7PdE2GdxexUSv67ob0EBlOx7i1lp04=
Subject key identifier: E5:48:5B:85:38:91:BD:EA:DB:7E:95:79:19:08:6B:28:6C:A3:4F:E6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77B6571F35C4A3162967A28A76A998FE751AE0C3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:b6:57:1f:35:c4:a3:16:29:67:a2:8a:76:a9:98:fe:75:1a:e0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:b3:0c:10:f6:a9:cd:ab:fa:07:e8:c0:19:
ae:e6:52:0c:06:27:b3:ad:d2:12:f5:6e:a8:97:00:
ca:e2:7c:fe:6c:07:a1:0e:19:df:f8:06:95:e3:fb:
e4:26:07:54:7a:17:7e:4a:c6:ed:61:fb:e9:59:6f:
1b:fe:11:0d:f5:fa:ae:e9:92:4e:b3:f7:41:24:b9:
56:7b:8e:4d:97:12:7c:9d:8c:81:ca:cd:5a:82:c2:
07:cb:43:34:5a:39:f3:23:9b:71:b3:a6:08:0d:55:
97:25:1a:a6:3a:bc:3a:24:f8:23:e8:c9:b5:b5:f0:
3f:0d:11:d8:b7:bb:46:39:9c:75:ba:47:cd:d6:1e:
51:2f:4d:1b:92:bf:af:58:16:4f:28:6c:62:56:70:
1e:6a:28:e4:1e:26:d3:90:45:bf:75:63:2b:0f:14:
70:5c:05:5a:ae:dd:0e:b8:34:c8:40:c6:f1:a4:be:
52:f5:60:e5:90:ef:0f:7b:c5:91:2c:d0:c0:3b:eb:
eb:fb:1a:69:85:8e:bc:f8:ec:d2:ee:fd:b4:c0:56:
b2:a5:b1:0f:9c:0f:51:6e:3e:68:fd:2e:15:6d:77:
2d:e8:0b:e5:a4:5b:e9:69:26:2b:5c:6e:91:9f:ce:
06:3d:af:d0:0a:e5:c3:84:ad:c5:d7:b6:be:3e:eb:
52:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:48:5B:85:38:91:BD:EA:DB:7E:95:79:19:08:6B:28:6C:A3:4F:E6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:25:db:3d:73:54:30:45:76:c4:1b:9b:e4:c6:b4:66:99:40:
05:f3:da:82:6b:51:00:e1:19:3f:c5:c5:df:e4:06:c2:3b:7b:
f3:4c:77:7d:c4:e4:4e:62:ba:a4:e5:12:d5:94:7b:72:65:e6:
fe:ba:db:67:44:e0:19:0d:62:c2:21:c1:e3:aa:4a:84:90:d2:
99:38:aa:7f:9d:94:bf:c4:35:4b:ec:80:ca:50:9b:97:fa:8a:
dd:0b:26:ce:45:cc:be:d5:50:a6:ef:ed:eb:15:e3:27:f3:a2:
17:92:00:8d:d9:53:97:2c:6b:57:25:01:6c:3e:c6:54:aa:17:
01:15:a3:0e:4f:b1:48:7e:8a:c9:3f:e6:8e:df:1b:b0:38:1d:
bc:d9:46:aa:2f:6e:3a:46:b4:15:a3:35:27:b4:e5:f1:ac:b9:
a7:b3:12:2e:08:bb:bf:d7:88:c8:ba:a7:6b:9e:87:b8:f0:38:
f5:57:3b:2f:9c:83:70:de:f6:eb:8a:f1:04:8f:2f:a7:76:a6:
5a:b7:22:b8:04:71:fc:6a:71:47:23:4e:43:85:b3:7c:f8:68:
5b:43:41:6c:8f:3b:f4:b9:bd:62:b8:42:a3:ba:f7:ca:b9:10:
70:fe:0d:9b:7e:b9:5b:92:7e:d2:49:03:d5:08:48:16:59:8c:
64:6f:e8:8a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd7ZXHzXEoxYpZ6KKdqmY/nUa4MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwMmMzOGE2MzA4YmZiODE1ZjcyN2U5OWZiNDcxYTVlMDhhY2M0NTQ3ZDg1
ZTE5OWM5NmQ5OTQyZGVmYjE0N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLcswwQ9qnNq/oH6MAZruZSDAYns63SEvVuqJcAyuJ8/mwHoQ4Z3/gGleP7
5CYHVHoXfkrG7WH76VlvG/4RDfX6rumSTrP3QSS5VnuOTZcSfJ2MgcrNWoLCB8tD
NFo58yObcbOmCA1VlyUapjq8OiT4I+jJtbXwPw0R2Le7RjmcdbpHzdYeUS9NG5K/
r1gWTyhsYlZwHmoo5B4m05BFv3VjKw8UcFwFWq7dDrg0yEDG8aS+UvVg5ZDvD3vF
kSzQwDvr6/saaYWOvPjs0u79tMBWsqWxD5wPUW4+aP0uFW13LegL5aRb6WkmK1xu
kZ/OBj2v0Arlw4Stxde2vj7rUmMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTlSFuF
OJG96tt+lXkZCGsobKNP5jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0OGU0ZmUtYTY5Ny00NGIwLWJhYjItMWI1NDkzNWE1MGYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQBHJds9c1QwRXbEG5vkxrRmmUAF89qCa1EA4Rk/xcXf
5AbCO3vzTHd9xOROYrqk5RLVlHtyZeb+uttnROAZDWLCIcHjqkqEkNKZOKp/nZS/
xDVL7IDKUJuX+ordCybORcy+1VCm7+3rFeMn86IXkgCN2VOXLGtXJQFsPsZUqhcB
FaMOT7FIforJP+aO3xuwOB282UaqL246RrQVozUntOXxrLmnsxIuCLu/14jIuqdr
noe48Dj1VzsvnINw3vbrivEEjy+ndqZatyK4BHH8anFHI05DhbN8+GhbQ0Fsjzv0
ub1iuEKjuvfKuRBw/g2bfrlbkn7SSQPVCEgWWYxkb+iK
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:42 2025 by rpki-client