Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa
File: d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa (raw, json)
Hash identifier: 50SUbF7hFKgOBaewOtRDRdurjL6MN5d0PfC/JIFbZZk=
Subject key identifier: 77:2E:71:86:FF:A2:26:43:0F:98:28:12:31:B3:11:5C:5F:F9:6F:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F726216881C3704169E5EA783CB51999B29CABD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:72:62:16:88:1c:37:04:16:9e:5e:a7:83:cb:51:99:9b:29:ca:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9a:a2:99:2f:a8:f2:56:e9:a2:cf:07:49:51:
ec:08:e5:cc:c4:22:2d:a2:a4:85:d7:2d:49:1c:66:
fc:76:64:1a:bc:c1:10:11:b2:49:7f:20:c8:ed:1d:
2d:b8:03:11:e5:bf:22:63:eb:3d:15:5e:b6:60:d0:
07:d2:70:58:41:76:c5:32:77:2e:df:b0:a0:5c:2f:
19:81:6a:60:01:fb:4e:58:6c:74:1b:f7:cb:d3:7d:
33:e3:a4:f6:6f:80:7b:cb:be:78:e7:59:28:1d:39:
da:95:cf:5a:96:09:39:0d:fb:80:6b:67:2e:46:c6:
99:79:6a:44:af:c7:aa:9b:30:2e:87:b3:bc:6b:03:
e6:b9:c3:e9:98:36:56:78:fc:d2:e2:ff:c5:39:3c:
85:b7:d5:0a:b6:bb:cc:7e:4e:38:dd:d3:32:5e:f0:
b8:98:13:c4:ff:11:2b:05:ef:bd:c0:da:ce:88:cd:
ef:97:ea:1e:16:d0:d7:82:59:a7:09:9e:6f:91:4f:
54:b5:92:fc:7f:06:83:75:23:b1:13:e0:dd:c5:cb:
35:ed:62:83:ac:d3:a6:33:e3:34:f7:bb:af:0f:58:
5a:19:bc:43:3e:df:f1:72:ca:5a:0f:bf:80:a6:7b:
46:77:19:61:a2:10:00:98:89:26:7f:b3:d5:cd:41:
e8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:2E:71:86:FF:A2:26:43:0F:98:28:12:31:B3:11:5C:5F:F9:6F:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
4f:0f:6c:bc:69:ec:47:79:fd:de:6a:fc:34:f1:1a:f8:dd:e6:
90:d8:31:dc:d3:a9:0f:0b:3b:e6:27:b9:47:49:37:1f:95:b8:
cc:a6:35:fb:74:e6:6b:cd:3c:95:f9:f5:5a:4a:9a:16:f9:84:
1a:a7:92:9f:91:9a:ae:d8:b1:f3:79:5a:a9:66:8a:e3:90:e4:
0b:6f:7c:47:29:53:85:52:91:8c:f5:ef:ea:33:a5:4b:96:a4:
fe:24:05:8f:10:8c:91:cb:a2:d6:af:49:e8:fe:e9:9c:7a:de:
43:a7:2b:2b:b3:5b:74:e5:29:8a:03:e8:ec:52:f9:37:85:f1:
c6:d4:74:7a:59:3e:31:db:c0:00:f8:05:ae:b1:2e:ec:0e:75:
0a:8c:0b:5a:19:02:2e:4f:1e:e0:33:9c:28:07:3e:49:72:4e:
eb:f6:8e:5e:a6:a3:6b:25:90:a4:42:7d:7a:26:33:e9:1d:40:
f7:2f:fa:8c:10:9b:ac:d1:b9:8c:bb:65:3d:4f:fa:72:55:72:
12:3d:9b:3a:1a:0a:d7:77:d6:88:92:c6:9d:33:0c:b3:ef:65:
70:f7:19:c2:4c:b3:e2:68:5c:f6:65:1c:20:a4:4b:2d:65:e5:
00:68:77:04:4a:51:7a:ae:a2:81:1d:e1:cb:c4:60:f2:7e:bc:
76:ac:79:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf3JiFogcNwQWnl6ng8tRmZspyr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlNjBmOWM5N2FmOWQ0YTI2MjMxNTBhZGRmMWFjODhlNWFmMjgzNWIwOTMz
NTE4YWQxMmU4YTE1NDI3ZTc2OTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKaopkvqPJW6aLPB0lR7AjlzMQiLaKkhdctSRxm/HZkGrzBEBGySX8gyO0d
LbgDEeW/ImPrPRVetmDQB9JwWEF2xTJ3Lt+woFwvGYFqYAH7TlhsdBv3y9N9M+Ok
9m+Ae8u+eOdZKB052pXPWpYJOQ37gGtnLkbGmXlqRK/HqpswLoezvGsD5rnD6Zg2
Vnj80uL/xTk8hbfVCra7zH5OON3TMl7wuJgTxP8RKwXvvcDazojN75fqHhbQ14JZ
pwmeb5FPVLWS/H8Gg3UjsRPg3cXLNe1ig6zTpjPjNPe7rw9YWhm8Qz7f8XLKWg+/
gKZ7RncZYaIQAJiJJn+z1c1B6L0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3LnGG
/6ImQw+YKBIxsxFcX/lv/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDJjYWZhMDktZGQ2Ny00YTVkLWE5N2EtZTg0ZDg1YzdiYzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQBPD2y8aexHef3eavw08Rr43eaQ2DHc06kPCzvm
J7lHSTcflbjMpjX7dOZrzTyV+fVaSpoW+YQap5KfkZqu2LHzeVqpZorjkOQLb3xH
KVOFUpGM9e/qM6VLlqT+JAWPEIyRy6LWr0no/umcet5Dpysrs1t05SmKA+jsUvk3
hfHG1HR6WT4x28AA+AWusS7sDnUKjAtaGQIuTx7gM5woBz5Jck7r9o5epqNrJZCk
Qn16JjPpHUD3L/qMEJus0bmMu2U9T/pyVXISPZs6GgrXd9aIksadMwyz72Vw9xnC
TLPiaFz2ZRwgpEstZeUAaHcESlF6rqKBHeHLxGDyfrx2rHmm
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:42 2025 by rpki-client