Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b55a7d70-dcb0-4ff4-8efc-7edac63a74f3.roa
File: b55a7d70-dcb0-4ff4-8efc-7edac63a74f3.roa (raw, json)
Hash identifier: HyOZHow9p5SeLIW9KXTe0GkRfwCqGRosrRZVUn/VtI4=
Subject key identifier: 60:F6:05:0D:4D:17:EA:3B:55:F8:A5:BE:E2:D7:DD:9D:E8:F9:75:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E51789E640F32AFF7BB5795ED7D9390AE320AB2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b55a7d70-dcb0-4ff4-8efc-7edac63a74f3.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:51:78:9e:64:0f:32:af:f7:bb:57:95:ed:7d:93:90:ae:32:0a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9a:a7:60:27:9f:87:e9:92:a3:e0:39:53:ec:
cd:56:c6:97:cd:36:79:a5:44:0f:d2:f6:a4:aa:cb:
c8:c8:98:a1:6f:43:58:0f:1e:c0:a3:89:e9:5b:f2:
e9:2c:3a:6d:08:6a:13:8b:80:b6:ec:3b:91:5b:a5:
f2:88:ab:ff:1b:31:61:ee:22:5b:0c:64:b1:96:91:
29:7c:cc:5a:ec:84:17:8e:e4:bf:e7:08:d0:23:0d:
29:31:e5:95:85:fe:14:28:a2:75:1a:87:53:aa:69:
77:b5:90:9a:60:d4:9e:b4:3b:63:c4:68:9c:8e:8b:
9a:46:c5:d8:35:56:28:f1:4e:e9:90:02:37:c6:83:
81:d5:c4:18:fb:0e:c7:84:38:10:43:33:f1:26:7d:
5e:b3:cf:22:c1:16:ff:66:7c:7f:46:be:cb:7f:cf:
d7:0d:3b:5c:ad:ec:b2:dd:c3:35:a3:a4:0f:24:1f:
f6:b3:5d:a7:7d:e3:6d:91:3f:7b:1d:94:e3:fc:07:
16:9d:22:66:07:01:ae:25:58:9b:c7:67:96:3d:3e:
bc:11:e5:a7:4f:32:55:7c:6f:17:be:9b:96:e9:50:
02:8c:c8:fc:de:2f:d8:4d:24:61:e9:60:c0:47:02:
1b:ee:30:35:88:58:11:41:8f:5a:9c:a6:ff:d3:71:
80:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F6:05:0D:4D:17:EA:3B:55:F8:A5:BE:E2:D7:DD:9D:E8:F9:75:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b55a7d70-dcb0-4ff4-8efc-7edac63a74f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:eb:38:21:48:5f:87:44:17:16:97:a9:fc:5f:a1:75:92:bc:
3f:96:04:e4:34:5f:fd:0c:d4:e2:9a:a1:c0:27:91:2a:e6:44:
9a:06:9e:01:8a:c5:fd:48:f0:0a:79:8b:aa:6c:e6:78:30:ad:
d0:60:cd:36:03:6f:41:66:a7:38:28:f5:db:cc:06:da:11:a5:
f6:7c:77:0e:22:fc:5a:18:05:ba:28:80:4f:ca:41:47:31:c5:
49:20:29:6b:67:8f:07:89:b0:42:6f:82:98:5f:d4:5d:e0:db:
10:53:ed:9e:59:3f:e0:e8:d4:51:a3:cb:9c:91:08:a3:c6:18:
b8:df:aa:79:ae:56:68:76:7b:47:e7:88:19:b3:73:fb:73:94:
1d:ff:d5:10:47:4f:7e:79:10:f6:b5:1b:11:d2:0a:8f:58:33:
35:36:12:a7:60:cd:46:44:4e:91:2d:f4:5f:5a:d6:35:4f:dc:
73:41:8e:68:6d:4a:9e:87:2c:07:15:e9:72:c7:d5:f6:a1:a2:
4d:38:6c:e0:c2:65:07:0e:8d:a8:da:ef:3b:eb:7a:de:fe:15:
47:3a:ed:38:37:6a:9e:8d:d3:03:03:df:d8:26:2a:ae:8c:82:
83:ab:95:b1:b7:36:80:a0:1c:e1:83:5a:8a:57:46:57:19:cb:
71:3d:4d:62
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHlF4nmQPMq/3u1eV7X2TkK4yCrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMzQ3YzJjNmRjZTdlNjEyNzUwYzY1MjNmYjAzNjFlOWY0OTBhYmNmZjc3
NDdiN2E1Y2M2Mjc2ZGQ2Yjc2ZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCap2Ann4fpkqPgOVPszVbGl802eaVED9L2pKrLyMiYoW9DWA8ewKOJ6Vvy
6Sw6bQhqE4uAtuw7kVul8oir/xsxYe4iWwxksZaRKXzMWuyEF47kv+cI0CMNKTHl
lYX+FCiidRqHU6ppd7WQmmDUnrQ7Y8RonI6LmkbF2DVWKPFO6ZACN8aDgdXEGPsO
x4Q4EEMz8SZ9XrPPIsEW/2Z8f0a+y3/P1w07XK3sst3DNaOkDyQf9rNdp33jbZE/
ex2U4/wHFp0iZgcBriVYm8dnlj0+vBHlp08yVXxvF76blulQAozI/N4v2E0kYelg
wEcCG+4wNYhYEUGPWpym/9NxgHsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRg9gUN
TRfqO1X4pb7i192d6Pl1fTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjU1YTdkNzAtZGNiMC00ZmY0LThlZmMtN2VkYWM2M2E3NGYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQB96zghSF+HRBcWl6n8X6F1krw/lgTkNF/9DNTimqHA
J5Eq5kSaBp4BisX9SPAKeYuqbOZ4MK3QYM02A29BZqc4KPXbzAbaEaX2fHcOIvxa
GAW6KIBPykFHMcVJIClrZ48HibBCb4KYX9Rd4NsQU+2eWT/g6NRRo8uckQijxhi4
36p5rlZodntH54gZs3P7c5Qd/9UQR09+eRD2tRsR0gqPWDM1NhKnYM1GRE6RLfRf
WtY1T9xzQY5obUqehywHFelyx9X2oaJNOGzgwmUHDo2o2u8763re/hVHOu04N2qe
jdMDA9/YJiqujIKDq5WxtzaAoBzhg1qKV0ZXGctxPU1i
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:42 2025 by rpki-client