Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
File: 8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa (raw, json)
Hash identifier: 1m+rUicRt6zv/98i9du2pTTYIfl6gE8Xmhd8j7blFe8=
Subject key identifier: 70:CA:A2:1B:40:35:FA:84:ED:AF:C0:EF:65:E7:ED:CC:B8:E9:82:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 126330D4FB4DF506FD9DFFB3F0902192B311E28E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:63:30:d4:fb:4d:f5:06:fd:9d:ff:b3:f0:90:21:92:b3:11:e2:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5c:b7:82:eb:fb:21:31:26:1f:ad:29:4a:2d:
f1:f6:12:20:3f:e9:6a:d1:10:94:bd:af:16:9a:d0:
89:4a:18:37:fe:d1:a6:31:59:77:6e:b0:cd:74:b7:
be:d1:f8:c3:ef:8b:13:00:b6:41:78:76:74:c1:3a:
be:3b:73:4c:da:88:f0:56:88:fb:64:3e:62:f1:89:
32:b9:c8:60:0b:79:73:2c:54:1e:71:e2:6a:e8:dc:
0c:51:ec:93:c0:b9:f1:34:65:d3:de:a9:68:e7:fa:
90:c1:63:ee:58:57:a7:d5:0e:cb:93:fc:6b:35:2f:
54:da:83:e8:dd:13:eb:e6:b3:d5:40:06:2a:6f:d4:
b2:bd:25:50:fd:9a:53:83:6a:c0:31:90:44:1c:dc:
31:73:2a:f7:8c:dd:e2:6a:63:c5:a8:25:39:ed:99:
01:b6:14:2b:fe:34:08:ba:bc:1a:4b:78:9a:4c:53:
6a:8d:11:8d:8f:3e:98:d0:db:95:bd:70:f3:6f:50:
c6:20:6a:43:ba:53:bf:a0:ce:7c:92:ac:0a:e4:c4:
ba:58:24:11:10:82:c2:8c:8e:5b:18:06:c3:b5:4a:
44:6d:ff:c3:71:95:09:05:50:2c:b0:10:9d:7c:2b:
aa:24:96:a4:fa:7d:77:b7:b7:15:bc:55:1a:68:f1:
f4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CA:A2:1B:40:35:FA:84:ED:AF:C0:EF:65:E7:ED:CC:B8:E9:82:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:66:55:4e:c9:f4:43:49:f5:24:b0:3f:e3:fc:75:d4:b5:64:
83:7a:b9:90:5e:63:d3:92:c3:77:18:32:7f:37:73:dc:7c:e9:
cb:55:a3:63:fc:16:8f:46:5d:17:0b:7d:00:fc:5a:67:1d:2e:
57:81:25:01:4c:19:24:f0:6b:ea:67:46:52:af:e4:6c:95:e2:
89:aa:d7:c7:4b:9f:c8:8f:3d:70:a4:0f:d8:c5:8d:c7:65:46:
3d:e7:80:3a:66:24:f3:7b:f3:96:16:59:43:eb:c1:24:f0:1d:
c4:16:10:b1:57:3a:f7:f3:2c:9e:c4:29:7e:61:86:d6:08:6c:
32:d8:e6:fb:d0:67:3e:d2:78:d6:58:e8:95:34:d9:ec:d5:ee:
f2:87:82:31:a3:ce:ce:e1:f7:08:29:f8:74:81:cc:d7:57:d9:
35:03:05:32:33:01:ca:7f:77:8b:b1:a0:df:bd:ef:96:b1:b9:
3b:77:04:ad:c2:e9:86:81:b0:7e:1f:08:10:11:db:c2:ec:10:
37:8e:f0:f6:be:56:3a:91:e1:bc:af:92:51:09:fb:c9:dd:83:
fd:7d:66:b0:ab:0f:68:ad:32:26:28:bc:3c:e9:e6:22:c3:99:
3d:a8:71:9a:87:a8:91:8a:00:b4:e5:9d:e8:a5:09:0f:4c:eb:
8a:cd:a9:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEmMw1PtN9Qb9nf+z8JAhkrMR4o4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YWEwNDNjZmI2NTkwNzkyZDhlZDQ3YjcxNjFkOWJlNzVjOTE5OWEyOTgx
NmMzYWY0ZWNkZDEyNjAzOGU4NDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5ct4Lr+yExJh+tKUot8fYSID/patEQlL2vFprQiUoYN/7RpjFZd26wzXS3
vtH4w++LEwC2QXh2dME6vjtzTNqI8FaI+2Q+YvGJMrnIYAt5cyxUHnHiaujcDFHs
k8C58TRl096paOf6kMFj7lhXp9UOy5P8azUvVNqD6N0T6+az1UAGKm/Usr0lUP2a
U4NqwDGQRBzcMXMq94zd4mpjxaglOe2ZAbYUK/40CLq8Gkt4mkxTao0RjY8+mNDb
lb1w829QxiBqQ7pTv6DOfJKsCuTEulgkERCCwoyOWxgGw7VKRG3/w3GVCQVQLLAQ
nXwrqiSWpPp9d7e3FbxVGmjx9KkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwyqIb
QDX6hO2vwO9l5+3MuOmCPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGViMDJlZTgtM2U4Zi00MzY5LWJhMGYtNDQ0N2Q0OTAyZmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQBbZlVOyfRDSfUksD/j/HXUtWSDermQXmPTksN3GDJ/
N3PcfOnLVaNj/BaPRl0XC30A/FpnHS5XgSUBTBkk8GvqZ0ZSr+RsleKJqtfHS5/I
jz1wpA/YxY3HZUY954A6ZiTze/OWFllD68Ek8B3EFhCxVzr38yyexCl+YYbWCGwy
2Ob70Gc+0njWWOiVNNns1e7yh4Ixo87O4fcIKfh0gczXV9k1AwUyMwHKf3eLsaDf
ve+Wsbk7dwStwumGgbB+HwgQEdvC7BA3jvD2vlY6keG8r5JRCfvJ3YP9fWawqw9o
rTImKLw86eYiw5k9qHGah6iRigC05Z3opQkPTOuKzalV
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:39:20 2025 by rpki-client