Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
File: e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa (raw, json)
Hash identifier: A5uCL4DuUHxu70UKyBQOnPN+eHAe5ASQ+D/xm88wE2w=
Subject key identifier: B6:3F:6B:F1:F0:8D:13:5F:28:AA:31:86:6F:18:B6:01:3D:F7:50:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63B8F58181938D45D5515A5493F5C0397072677E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:b8:f5:81:81:93:8d:45:d5:51:5a:54:93:f5:c0:39:70:72:67:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b7:6d:90:f0:ec:5f:62:ba:c2:9a:14:8e:09:
e0:ec:59:58:b4:88:7a:c4:f4:24:0a:4f:32:ac:5a:
2a:75:1a:35:0c:14:76:52:f5:0e:43:ce:a1:e2:30:
e0:0a:1e:0d:75:c1:73:e3:3b:41:d0:5a:18:24:55:
c2:78:c7:95:90:91:de:08:5a:6f:12:25:49:33:7c:
20:11:f0:89:d0:76:a1:ab:f2:43:4a:1a:c3:9d:8b:
f8:e5:df:22:4d:42:41:45:82:8a:e7:3c:61:a4:1e:
72:9e:98:99:fa:72:b0:db:4c:87:f3:7b:2b:e4:ac:
57:84:13:eb:ba:6a:cf:14:c3:58:7f:34:63:9e:21:
f6:f8:af:05:8d:04:4d:a0:7c:ad:8f:97:fc:c4:7f:
15:a1:38:8a:e0:cb:ac:27:97:99:2a:3e:55:7b:05:
9a:bb:48:b1:8f:ba:e8:59:ac:f2:3d:bb:29:63:66:
a1:4e:30:dc:d9:0b:0e:76:6b:86:be:6f:e6:cf:23:
8c:cf:cf:d3:80:bb:5c:86:07:2e:b2:96:a8:ca:f7:
11:06:b3:99:6d:77:69:2d:b9:6a:b9:aa:3d:35:c2:
43:81:db:b6:01:3b:61:3a:c6:fe:09:a0:96:b2:e8:
99:ee:4a:fe:82:27:16:8c:71:55:c7:10:e8:19:62:
56:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3F:6B:F1:F0:8D:13:5F:28:AA:31:86:6F:18:B6:01:3D:F7:50:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
20:e0:19:3a:c2:28:07:5e:ac:41:73:e3:ee:d0:43:c8:61:31:
22:d1:e8:aa:ad:f2:38:a3:30:9d:a4:54:e8:b1:df:40:50:92:
2d:92:ce:d4:03:26:72:f7:9e:a4:09:e8:0d:0c:5a:14:37:35:
ee:73:c0:8c:44:02:b7:bc:93:63:d5:02:77:df:01:0d:66:ec:
05:8e:87:26:2c:ba:0c:cd:c7:de:cd:01:3c:5e:8b:a3:d6:66:
cb:a9:08:a5:30:e2:76:71:cf:b8:8d:a2:20:39:4f:2e:23:9c:
87:20:f6:86:c4:48:e7:ba:cc:cb:00:28:13:c4:d2:30:ec:10:
cb:46:a6:1a:d1:b8:6a:8c:6b:10:3a:3e:87:82:b1:c8:84:de:
fe:ba:b0:02:50:4b:a6:0a:0c:8e:6c:e4:2c:a3:4a:38:e5:98:
a3:91:56:d7:82:9d:67:ac:af:12:3c:32:67:dd:74:fd:42:91:
a7:7a:36:31:7c:87:c6:37:3c:43:00:6a:16:3b:b5:a1:3a:5e:
91:53:39:58:85:93:c8:92:45:04:75:78:0f:08:af:01:29:05:
6c:6f:04:c9:1e:4a:6c:6f:96:c1:ca:9c:c7:da:05:07:e5:f9:
15:f8:d4:b3:68:88:d5:c9:f0:f0:50:b9:3c:4a:70:40:92:ef:
bf:97:aa:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY7j1gYGTjUXVUVpUk/XAOXByZ34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkYTg1YTczODdhOGE4OGUwNDhiODQ4NTY4OGE5ZjE3M2ViMjY0YzFiMzUw
ZTJlMzg1NGY4NDBiM2MyMzJkYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKO3bZDw7F9iusKaFI4J4OxZWLSIesT0JApPMqxaKnUaNQwUdlL1DkPOoeIw
4AoeDXXBc+M7QdBaGCRVwnjHlZCR3ghabxIlSTN8IBHwidB2oavyQ0oaw52L+OXf
Ik1CQUWCiuc8YaQecp6YmfpysNtMh/N7K+SsV4QT67pqzxTDWH80Y54h9vivBY0E
TaB8rY+X/MR/FaE4iuDLrCeXmSo+VXsFmrtIsY+66Fms8j27KWNmoU4w3NkLDnZr
hr5v5s8jjM/P04C7XIYHLrKWqMr3EQazmW13aS25armqPTXCQ4HbtgE7YTrG/gmg
lrLome5K/oInFoxxVccQ6BliVrcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2P2vx
8I0TXyiqMYZvGLYBPfdQdzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTE4YmE3NGQtZTQ2Yi00YmRjLWFkYTktZTlhOTA3MmUwNjI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQAg4Bk6wigHXqxBc+Pu0EPIYTEi0eiqrfI4ozCdpFTo
sd9AUJItks7UAyZy956kCegNDFoUNzXuc8CMRAK3vJNj1QJ33wENZuwFjocmLLoM
zcfezQE8Xouj1mbLqQilMOJ2cc+4jaIgOU8uI5yHIPaGxEjnuszLACgTxNIw7BDL
RqYa0bhqjGsQOj6HgrHIhN7+urACUEumCgyObOQso0o45ZijkVbXgp1nrK8SPDJn
3XT9QpGnejYxfIfGNzxDAGoWO7WhOl6RUzlYhZPIkkUEdXgPCK8BKQVsbwTJHkps
b5bBypzH2gUH5fkV+NSzaIjVyfDwULk8SnBAku+/l6oP
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:43 2025 by rpki-client