Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
File: 9a4f9b1d-c483-4904-8d04-be1592cba27d.roa (raw, json)
Hash identifier: pZ7GykMAOOSgTau9eBQf5nwnnKLhQ4yBgJnlyBdFSYE=
Subject key identifier: 55:31:4D:FA:58:1C:4F:56:4E:0C:75:83:9B:E2:E4:6C:5F:BF:3A:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2DEC7D1613C3A593D6CCA31E9ECE5E34683AAE2A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:ec:7d:16:13:c3:a5:93:d6:cc:a3:1e:9e:ce:5e:34:68:3a:ae:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0e:c5:55:2e:09:44:cf:b0:ba:35:6c:42:c9:
40:ec:59:57:2c:50:23:85:7c:2e:65:11:fb:e4:f0:
8e:26:3f:50:62:06:88:6a:36:72:84:49:e9:6e:11:
ba:61:1d:30:67:2c:05:fe:ee:1f:32:73:e7:b7:90:
58:67:11:7e:6b:0d:09:54:8b:15:58:aa:a4:de:08:
21:90:fd:7f:a1:05:64:fa:c3:8d:38:58:be:fa:5e:
0a:84:42:ea:66:34:54:77:bd:65:49:5a:ca:c8:7c:
bf:8c:49:d7:68:46:f4:36:0c:da:7e:2b:81:dc:d6:
48:15:e8:22:3c:de:28:13:b2:7b:ac:f7:1f:f8:40:
f1:2c:ac:49:0a:8d:86:5e:c7:0c:ee:31:0a:46:41:
4a:de:e7:b0:d3:70:c0:6f:0d:23:9b:b3:98:42:ed:
10:ac:5b:e3:cb:a7:3d:26:59:58:59:ed:08:ef:bd:
a6:a7:2f:33:ce:2a:8b:11:e7:ae:c3:d5:7e:26:b2:
77:c9:a1:1a:6c:5f:68:4a:99:cc:40:62:83:ab:4a:
f9:be:28:d5:60:a3:24:f2:b5:fb:77:23:ca:e4:2b:
33:57:3c:91:99:b8:dc:ec:2c:32:a6:41:a5:17:d6:
58:99:bb:ca:1c:70:cb:ae:bb:51:63:2d:80:4a:10:
1f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:31:4D:FA:58:1C:4F:56:4E:0C:75:83:9B:E2:E4:6C:5F:BF:3A:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cf:66:d1:12:4d:e8:90:84:ca:68:56:34:c2:09:15:0c:0f:eb:
b5:4c:d3:59:75:4e:8e:5b:7f:52:20:7c:f1:d9:27:d8:19:97:
33:53:c2:d8:ab:96:44:e1:12:f4:cd:db:a0:a9:9b:f1:2f:35:
df:ca:b8:c8:a9:8a:64:c8:ae:5d:ab:f8:8e:07:4a:d6:ae:aa:
ca:ab:2c:90:c0:e3:ad:4c:70:a3:0b:67:d5:d2:12:50:f4:4d:
ae:1e:71:4d:bc:51:3c:f0:67:37:aa:69:d3:9d:12:25:dd:07:
b1:44:52:34:c5:91:96:d9:8e:09:25:3c:64:dd:c7:f5:8f:2b:
89:43:52:16:3f:f4:c0:5c:bf:a8:1f:11:f1:6d:b1:37:6c:cf:
94:b1:96:50:37:b4:b7:10:3d:f6:96:75:e1:da:27:58:29:52:
11:b0:8b:53:07:a6:f1:d1:b1:b1:92:f9:39:8d:46:3c:e3:13:
8d:20:24:3c:da:b6:ea:d4:99:fb:d3:65:b4:04:99:a2:97:c0:
cd:e8:96:02:2e:4e:62:0b:88:62:bf:c2:6c:fa:88:f1:f4:5d:
46:f8:7d:f4:24:0b:97:a4:32:2b:38:4e:cc:00:55:ad:6d:6b:
11:e8:f5:0c:b5:20:6f:e7:7e:c0:e1:17:5a:4f:3b:d9:de:32:
df:1c:e2:cf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULex9FhPDpZPWzKMens5eNGg6riowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhZmU3YzBlZDRlMjdjMDE4NzhkN2ZhMDEzZjQ5YzY0YjZmOWQ0MzE1YzM1
ZDZkZGMwZTMzMTcxZTY0NjI0NTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0OxVUuCUTPsLo1bELJQOxZVyxQI4V8LmUR++TwjiY/UGIGiGo2coRJ6W4R
umEdMGcsBf7uHzJz57eQWGcRfmsNCVSLFViqpN4IIZD9f6EFZPrDjThYvvpeCoRC
6mY0VHe9ZUlaysh8v4xJ12hG9DYM2n4rgdzWSBXoIjzeKBOye6z3H/hA8SysSQqN
hl7HDO4xCkZBSt7nsNNwwG8NI5uzmELtEKxb48unPSZZWFntCO+9pqcvM84qixHn
rsPVfiayd8mhGmxfaEqZzEBig6tK+b4o1WCjJPK1+3cjyuQrM1c8kZm43OwsMqZB
pRfWWJm7yhxwy667UWMtgEoQH9MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRVMU36
WBxPVk4MdYOb4uRsX786XjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWE0ZjliMWQtYzQ4My00OTA0LThkMDQtYmUxNTkyY2JhMjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQDPZtESTeiQhMpoVjTCCRUMD+u1TNNZdU6OW39SIHzx
2SfYGZczU8LYq5ZE4RL0zdugqZvxLzXfyrjIqYpkyK5dq/iOB0rWrqrKqyyQwOOt
THCjC2fV0hJQ9E2uHnFNvFE88Gc3qmnTnRIl3QexRFI0xZGW2Y4JJTxk3cf1jyuJ
Q1IWP/TAXL+oHxHxbbE3bM+UsZZQN7S3ED32lnXh2idYKVIRsItTB6bx0bGxkvk5
jUY84xONICQ82rbq1Jn702W0BJmil8DN6JYCLk5iC4hiv8Js+ojx9F1G+H30JAuX
pDIrOE7MAFWtbWsR6PUMtSBv537A4RdaTzvZ3jLfHOLP
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:40:46 2025 by rpki-client