Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
File: e1a46896-dfc0-4be1-91be-62fd0626c291.roa (raw, json)
Hash identifier: GY4a65WJh5k6oZfJu32WRZ9mGnsaMC8SQ1PpvvZtB3k=
Subject key identifier: 2B:5B:24:EC:21:62:2F:69:44:5B:51:5D:F2:23:84:FF:E4:00:FC:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 089F6193061AE330CBF045A220AD4BBD97B6F725
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:9f:61:93:06:1a:e3:30:cb:f0:45:a2:20:ad:4b:bd:97:b6:f7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:75:a2:70:c6:0c:f4:60:23:32:4b:a0:a0:a4:
ea:45:13:96:ad:f6:c1:c0:38:ef:da:d4:46:89:bc:
f0:e1:47:01:a2:1e:15:e8:3b:62:09:7e:b4:3d:9b:
72:6f:fc:b8:03:f6:a6:04:7b:52:d0:4d:18:63:77:
ca:a8:46:2d:31:43:9c:cc:ec:05:2a:8c:9b:4e:10:
e8:86:23:d1:b1:63:5d:55:78:a4:af:d5:b0:28:32:
0c:15:7b:2c:17:27:8e:3f:b6:a1:a6:0f:d8:c6:4a:
14:4c:b1:84:f6:e8:65:ca:cf:5d:54:1e:8f:e2:5a:
85:ab:d9:f7:8e:26:4e:40:0f:43:e7:ce:dd:78:1d:
0c:1b:55:98:bc:e5:63:62:9c:07:4e:f3:34:9d:13:
b6:88:da:51:e8:b2:3e:cf:46:98:e2:47:73:53:92:
1c:13:49:27:b9:28:6c:d2:c2:47:0d:30:38:56:d6:
25:e8:fa:dc:6b:32:33:ac:71:2d:1b:46:9f:b6:9c:
53:5b:4b:c9:a6:59:18:8a:f3:ef:b5:83:8e:72:47:
a3:50:c6:43:be:81:83:ca:2c:97:b1:93:2e:a3:1d:
c6:fa:e1:ba:65:04:2e:dc:bd:cc:fd:96:d7:44:f4:
2a:83:40:90:7a:5e:19:75:f7:bf:b6:71:49:21:2a:
8e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5B:24:EC:21:62:2F:69:44:5B:51:5D:F2:23:84:FF:E4:00:FC:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:14:04:cb:f3:8f:52:f7:26:84:ff:6e:b0:97:1c:23:52:e9:
55:5f:b7:ab:86:05:03:46:33:cc:f7:66:15:ae:d2:67:ea:18:
8b:64:17:67:72:86:07:3b:2b:cc:03:76:7f:53:7c:f9:7f:03:
f8:77:a4:bd:a9:d1:4b:dd:d6:7f:78:5f:99:3f:99:79:50:3e:
07:ff:10:53:d1:e2:58:47:6d:86:6c:3e:12:e4:25:92:3f:63:
78:87:80:da:23:ee:04:42:b6:28:9b:0b:e9:03:48:1b:ef:6c:
d3:e6:7c:34:1e:07:a2:73:a0:2e:db:92:46:13:f6:b4:7c:16:
1d:95:9b:a6:10:04:46:c2:e8:c5:a8:5e:68:44:33:09:8f:33:
57:d7:a3:73:57:58:ef:7d:c5:c5:26:ad:6d:b3:a7:2a:b3:ff:
62:24:e7:52:78:4b:9e:3a:36:bb:29:2d:15:e5:11:68:08:28:
50:71:a4:c1:f6:c0:44:9d:31:c0:a1:e0:29:66:3c:ae:d1:14:
80:1c:cf:b5:24:b6:d2:bf:da:58:09:f0:49:2a:ac:fb:e1:4f:
a9:10:4e:4b:4f:b4:16:bc:59:9a:88:c6:1f:b8:cd:00:7a:7c:
fb:69:2f:21:59:89:0b:32:12:5c:9e:e0:8f:b4:5e:56:46:b1:
3a:06:89:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCJ9hkwYa4zDL8EWiIK1LvZe29yUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4M2RmYWI2NWZkMWE2NTA1MTVmOGJiNDRjMTc0M2JlNzc1ODhjYzRmZjlk
NDc2YmQ3MzgzMTllNmRjNWE0YzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANl1onDGDPRgIzJLoKCk6kUTlq32wcA479rURom88OFHAaIeFeg7Ygl+tD2b
cm/8uAP2pgR7UtBNGGN3yqhGLTFDnMzsBSqMm04Q6IYj0bFjXVV4pK/VsCgyDBV7
LBcnjj+2oaYP2MZKFEyxhPboZcrPXVQej+JahavZ944mTkAPQ+fO3XgdDBtVmLzl
Y2KcB07zNJ0TtojaUeiyPs9GmOJHc1OSHBNJJ7kobNLCRw0wOFbWJej63GsyM6xx
LRtGn7acU1tLyaZZGIrz77WDjnJHo1DGQ76Bg8osl7GTLqMdxvrhumUELty9zP2W
10T0KoNAkHpeGXX3v7ZxSSEqjuECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQrWyTs
IWIvaURbUV3yI4T/5AD82DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFhNDY4OTYtZGZjMC00YmUxLTkxYmUtNjJmZDA2MjZjMjkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQBiFATL849S9yaE/26wlxwjUulVX7erhgUDRjPM92YV
rtJn6hiLZBdncoYHOyvMA3Z/U3z5fwP4d6S9qdFL3dZ/eF+ZP5l5UD4H/xBT0eJY
R22GbD4S5CWSP2N4h4DaI+4EQrYomwvpA0gb72zT5nw0Hgeic6Au25JGE/a0fBYd
lZumEARGwujFqF5oRDMJjzNX16NzV1jvfcXFJq1ts6cqs/9iJOdSeEueOja7KS0V
5RFoCChQcaTB9sBEnTHAoeApZjyu0RSAHM+1JLbSv9pYCfBJKqz74U+pEE5LT7QW
vFmaiMYfuM0Aenz7aS8hWYkLMhJcnuCPtF5WRrE6BolH
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:49 2025 by rpki-client