Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa
File: d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa (raw, json)
Hash identifier: /D+p0RZCTcLvE+ckfOOVg5s4crWQtxqh5BeVSAwVKjM=
Subject key identifier: 46:6F:88:C2:B3:36:29:DE:EE:43:8E:3A:25:85:D4:4E:0E:B9:A3:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55BF65E9AE825FDD2D2502FFE5ADE4C5823034D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:bf:65:e9:ae:82:5f:dd:2d:25:02:ff:e5:ad:e4:c5:82:30:34:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:7b:ab:ac:55:ee:66:2b:e5:4a:c3:96:3a:
10:06:74:b9:9d:24:3e:c0:69:55:f5:98:21:24:1f:
63:62:9d:61:40:a9:63:07:b1:4c:65:4e:76:36:a9:
9d:51:b8:5f:e0:50:8b:e7:22:d3:59:80:28:be:43:
cc:46:8e:14:9a:2d:c5:e0:1c:b5:aa:54:0b:6a:92:
de:66:39:4e:cd:8c:87:4a:f1:85:6b:a6:04:e2:89:
8c:84:60:32:5e:89:3f:79:c5:7a:cf:f3:7a:ba:26:
19:14:9d:3f:8d:f6:20:52:6b:b0:d1:15:88:55:be:
77:28:5f:0f:63:1e:7a:b6:a5:c6:9f:a3:57:36:1b:
fb:35:2f:c0:6b:a4:4c:de:ba:5b:e7:b9:a9:55:b0:
cd:36:2a:56:71:93:f5:c5:d0:f7:bc:93:54:ab:15:
5a:b1:00:5e:f3:ad:5e:bb:a1:2d:bd:22:3b:2a:97:
a4:e0:49:6c:d2:e9:88:c4:47:23:df:26:0b:08:c8:
06:45:0a:d2:93:35:e4:47:b1:51:0b:5e:e7:74:d9:
77:d4:88:1d:fc:2d:ea:b0:39:0d:fc:65:88:b5:96:
c7:5b:fa:f5:7e:8e:f2:17:55:f2:92:12:0c:5a:66:
89:b9:4a:3e:eb:c2:7c:85:f7:70:38:b0:bd:23:fe:
e8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:6F:88:C2:B3:36:29:DE:EE:43:8E:3A:25:85:D4:4E:0E:B9:A3:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/36
Signature Algorithm: sha256WithRSAEncryption
54:f7:4e:cb:8d:a1:ef:19:bf:91:5c:9b:ef:36:8d:2f:36:24:
24:8b:a9:c0:73:0b:fc:ad:4b:a7:6a:d6:c2:12:ab:58:ce:36:
72:e6:08:95:07:db:f7:84:7e:2a:f4:fe:9b:e0:cc:ed:64:6b:
1f:aa:89:b0:e7:48:cc:c2:68:a9:b8:7e:cf:1b:d2:a7:43:22:
51:09:67:3b:9f:02:55:fd:4c:c3:c1:e4:ab:ba:ca:6f:0e:38:
f7:3c:94:8a:be:8c:c4:cd:2e:7d:c1:26:51:d3:1a:b5:db:8d:
b4:b1:ec:77:22:95:88:d4:aa:7a:86:c0:25:55:0e:10:32:8d:
60:79:39:f0:a1:6b:76:20:a5:2f:b2:fd:71:af:34:02:26:f0:
a1:ff:52:92:f4:76:b0:56:64:e4:14:4d:87:68:54:fa:0a:f6:
49:2c:05:13:2c:9b:e4:d4:6d:c5:aa:28:88:4b:9c:fb:3c:af:
3e:1f:1a:ba:01:a2:65:54:a5:66:b0:d8:c8:f7:b6:9d:c7:8f:
3a:60:2f:90:18:b6:24:8e:ed:8d:5f:49:99:aa:46:11:7c:2b:
bd:48:86:b9:4d:15:fe:5d:e1:fe:7b:88:a0:2e:db:7e:39:b2:
53:a4:c5:4a:c5:17:1a:a6:0a:bd:66:ae:12:5d:8b:c7:06:c1:
e5:5a:46:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVb9l6a6CX90tJQL/5a3kxYIwNNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkMjkzNmEwNjU5NTNhZDI5ODMxMjZhNDNmOTcwMjg5OGJjZWFkNjQxYjky
MDg2ODhlOGQwMWI5YTNkNjRmMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFAe6usVe5mK+VKw5Y6EAZ0uZ0kPsBpVfWYISQfY2KdYUCpYwexTGVOdjap
nVG4X+BQi+ci01mAKL5DzEaOFJotxeActapUC2qS3mY5Ts2Mh0rxhWumBOKJjIRg
Ml6JP3nFes/zeromGRSdP432IFJrsNEViFW+dyhfD2Meeralxp+jVzYb+zUvwGuk
TN66W+e5qVWwzTYqVnGT9cXQ97yTVKsVWrEAXvOtXruhLb0iOyqXpOBJbNLpiMRH
I98mCwjIBkUK0pM15EexUQte53TZd9SIHfwt6rA5DfxliLWWx1v69X6O8hdV8pIS
DFpmiblKPuvCfIX3cDiwvSP+6NkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGb4jC
szYp3u5DjjolhdRODrmjWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDZmNmNhNDAtZTNkOC00MzljLTgxYTQtYjJjN2ZkODYyYzA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoBBXgA
MA0GCSqGSIb3DQEBCwUAA4IBAQBU907LjaHvGb+RXJvvNo0vNiQki6nAcwv8rUun
atbCEqtYzjZy5giVB9v3hH4q9P6b4MztZGsfqomw50jMwmipuH7PG9KnQyJRCWc7
nwJV/UzDweSruspvDjj3PJSKvozEzS59wSZR0xq12420sex3IpWI1Kp6hsAlVQ4Q
Mo1geTnwoWt2IKUvsv1xrzQCJvCh/1KS9HawVmTkFE2HaFT6CvZJLAUTLJvk1G3F
qiiIS5z7PK8+Hxq6AaJlVKVmsNjI97adx486YC+QGLYkju2NX0mZqkYRfCu9SIa5
TRX+XeH+e4igLtt+ObJTpMVKxRcapgq9Zq4SXYvHBsHlWkZI
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:39 2025 by rpki-client