Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
File: b8f4b2da-8da0-4108-b565-e257413d5a23.roa (raw, json)
Hash identifier: Lhygvc7g3SSiP5wN3O7aBaCpzdaFOaz60TN4Wzs0Rew=
Subject key identifier: 74:EE:AF:4D:20:25:72:4E:4F:22:AA:83:43:63:98:B5:B1:B0:6B:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 9207EA8317F422AB1B2E48093C7B8DE68BBFCA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
92:07:ea:83:17:f4:22:ab:1b:2e:48:09:3c:7b:8d:e6:8b:bf:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7b:81:6a:6c:af:96:ad:bf:cb:ad:1f:ed:86:
d1:b1:5c:04:3c:ee:e8:86:cd:87:4d:44:d7:b8:29:
c9:46:59:b2:96:4e:5a:af:cd:14:b1:f7:d6:a0:09:
a2:f6:8a:0c:ad:41:40:47:96:29:bb:65:ec:46:c7:
fd:1d:d2:dc:40:0d:cc:97:7f:f6:84:49:f4:ab:a8:
21:52:0b:cf:f2:c4:6b:be:5b:2f:cf:60:34:ac:10:
55:62:17:1f:27:fa:95:f2:9c:a5:bc:2c:34:66:ac:
71:19:a7:d0:cf:4d:2d:29:85:f0:62:63:51:98:f6:
e5:aa:6b:84:53:09:fb:0e:d2:bf:29:51:7e:b1:57:
03:21:0d:1f:d2:8e:82:44:93:9c:9f:ca:ac:d7:74:
5a:8e:e1:11:07:37:62:05:50:17:d6:fc:74:c3:25:
07:71:fd:4b:a5:d2:a6:02:cf:dd:c2:34:b8:c6:53:
b5:31:eb:b5:8a:b2:56:16:b6:cd:fe:e9:33:1b:35:
12:a2:72:b2:d1:c6:4e:c0:d0:1d:cb:9d:55:3e:9c:
37:17:23:34:f5:99:0d:42:e4:e0:b9:f0:a5:c0:59:
7a:0e:83:ab:2c:1c:3d:2c:f1:bd:8b:da:eb:be:c8:
38:61:c0:0b:93:9a:bf:2d:d5:8b:02:0c:e4:6f:90:
af:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EE:AF:4D:20:25:72:4E:4F:22:AA:83:43:63:98:B5:B1:B0:6B:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
d3:7f:c7:7e:38:99:16:8d:60:3e:5d:58:9c:34:70:ab:80:13:
46:07:1b:75:66:a6:b4:e2:9c:95:ec:f5:e3:aa:27:ca:31:f8:
83:5d:26:74:a7:60:13:70:f0:60:3d:6e:9e:9b:5d:e9:e6:b8:
bb:4d:32:3d:bc:55:60:86:88:6e:42:d3:ff:6a:97:4a:c3:67:
c2:14:ed:ed:c7:5d:36:ae:95:db:77:3b:30:56:1f:f2:3c:80:
73:97:a3:a1:db:63:dd:0c:61:ef:5e:55:fc:84:35:d3:38:b8:
86:26:56:45:72:c7:ed:08:aa:7d:44:cd:7a:12:63:2f:84:31:
d7:a5:03:99:18:57:aa:15:84:90:ae:3a:af:b8:59:d5:5c:95:
2d:3c:7b:d5:bb:d0:85:2d:4e:8f:9b:8f:53:5f:91:f1:8b:32:
aa:b8:97:25:b3:58:23:7d:78:5e:9e:3a:e9:80:b7:6f:1d:3f:
71:8b:61:6c:a2:51:da:2e:27:c9:1b:43:c0:75:0a:08:61:97:
64:6c:b5:49:20:be:6f:5e:ca:4f:e5:ca:f7:82:ea:d9:e5:be:
24:62:ea:9f:25:43:8e:ff:05:ba:d8:2c:52:9c:26:73:54:ee:
c2:60:55:e3:8c:11:27:99:6b:71:a8:2d:68:19:a9:c3:87:9f:
be:e1:e1:04
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAJIH6oMX9CKrGy5ICTx7jeaLv8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNDlkZjE3MDliODc1NTRiYTBiN2JhY2JhZTU5NGZmMmYxNmJmMzhmOGNi
NDdjOTBmZTQ3YjI3YWE2MzhmOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANd7gWpsr5atv8utH+2G0bFcBDzu6IbNh01E17gpyUZZspZOWq/NFLH31qAJ
ovaKDK1BQEeWKbtl7EbH/R3S3EANzJd/9oRJ9KuoIVILz/LEa75bL89gNKwQVWIX
Hyf6lfKcpbwsNGascRmn0M9NLSmF8GJjUZj25aprhFMJ+w7SvylRfrFXAyENH9KO
gkSTnJ/KrNd0Wo7hEQc3YgVQF9b8dMMlB3H9S6XSpgLP3cI0uMZTtTHrtYqyVha2
zf7pMxs1EqJystHGTsDQHcudVT6cNxcjNPWZDULk4LnwpcBZeg6DqywcPSzxvYva
677IOGHAC5Oavy3ViwIM5G+Qr20CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR07q9N
ICVyTk8iqoNDY5i1sbBr3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjhmNGIyZGEtOGRhMC00MTA4LWI1NjUtZTI1NzQxM2Q1YTIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEA03/HfjiZFo1gPl1YnDRwq4ATRgcbdWamtOKclez1
46onyjH4g10mdKdgE3DwYD1unptd6ea4u00yPbxVYIaIbkLT/2qXSsNnwhTt7cdd
Nq6V23c7MFYf8jyAc5ejodtj3Qxh715V/IQ10zi4hiZWRXLH7QiqfUTNehJjL4Qx
16UDmRhXqhWEkK46r7hZ1VyVLTx71bvQhS1Oj5uPU1+R8YsyqriXJbNYI314Xp46
6YC3bx0/cYthbKJR2i4nyRtDwHUKCGGXZGy1SSC+b17KT+XK94Lq2eW+JGLqnyVD
jv8FutgsUpwmc1TuwmBV44wRJ5lrcagtaBmpw4efvuHhBA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:39:49 2025 by rpki-client