Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa
File: f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa (raw, json)
Hash identifier: 8v1wgOGbzmkRqj6QOpWkPKT/chjHCNJ5RBUoAO6p8EQ=
Subject key identifier: 0F:E6:4B:E2:B1:5D:DC:59:7B:28:09:A1:5F:DC:88:12:B3:E9:B5:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B61311D80C237F241AE85D8E1B7AC552B4A7BC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:61:31:1d:80:c2:37:f2:41:ae:85:d8:e1:b7:ac:55:2b:4a:7b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:15:08:64:f0:24:49:55:23:47:42:a6:bf:45:
26:cc:64:e4:0a:c3:40:4a:e3:cf:06:55:38:58:e0:
27:3a:18:87:05:18:f9:43:45:3a:2a:60:b8:13:84:
c4:29:1a:93:79:de:1b:d9:ff:8d:09:fe:56:09:ba:
df:b1:fa:9a:9d:26:c6:09:f5:4d:0b:5c:5e:5c:4b:
42:c3:8c:3e:50:67:0a:da:9f:cd:d8:ee:b5:9c:cf:
90:14:20:14:61:c4:af:46:5a:8d:cd:78:14:87:7d:
b1:4c:c5:dd:05:84:f1:6c:0c:6c:4c:ed:fb:10:9a:
ad:f8:da:6a:11:07:d1:52:b4:bd:64:25:79:e3:ff:
fd:0f:46:1c:49:09:61:d0:d5:ed:65:ca:13:2f:85:
e2:54:41:74:cb:41:b7:2d:5f:68:4d:0e:e5:47:09:
5c:a3:18:07:93:cf:ec:62:f5:da:70:dc:f6:81:fb:
ec:59:60:4a:d6:3d:37:28:b5:9a:db:80:76:ac:27:
2e:4f:ca:2a:5f:07:21:80:ce:ea:50:43:77:d3:8f:
08:ec:f0:af:de:dc:a5:82:ec:e3:55:2a:45:32:9a:
22:ef:be:69:2b:24:c0:fb:c4:5a:f7:e5:58:b2:84:
cc:2e:5e:b8:30:45:f1:4b:22:e7:f1:f6:d8:93:c1:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E6:4B:E2:B1:5D:DC:59:7B:28:09:A1:5F:DC:88:12:B3:E9:B5:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:4c:4a:bb:c7:6d:bc:85:7e:fe:52:22:69:20:7c:20:73:80:
3d:3b:56:0c:b4:ab:8e:8a:dd:71:31:e1:c2:12:ed:90:49:c9:
f6:7b:be:74:61:61:50:71:8a:db:06:97:ff:2f:02:f7:ef:8e:
13:69:90:e0:8b:36:42:90:67:cb:ed:16:1f:49:b0:f3:72:4e:
2e:d8:25:00:5b:be:15:8d:a7:96:c7:38:23:25:53:15:33:8d:
a1:c6:48:ba:32:c0:01:3b:2d:b5:0a:71:8b:3d:f4:4d:0b:b9:
38:c8:73:25:76:80:1b:d2:58:89:86:9a:26:47:b3:99:8f:77:
c8:13:e2:84:eb:3d:e7:f1:90:64:8d:b0:6a:17:05:68:7d:a5:
aa:94:2e:30:a5:33:f1:a3:db:f4:1f:ad:ac:2f:99:f5:d0:0e:
70:95:c0:88:03:00:f7:fe:77:cc:30:7d:d5:0c:f2:e0:06:5d:
90:e6:2d:ea:10:5d:09:cc:03:33:ce:9b:90:21:7c:fa:2d:ab:
8e:4f:30:9b:7c:1f:99:bd:28:0d:d8:03:52:ba:8f:9c:c5:d4:
00:7f:a3:65:e4:71:f6:7a:29:43:97:1f:72:e8:c0:11:25:fe:
b4:6a:4d:61:04:d3:50:b4:ce:4b:87:74:bc:06:f8:e3:4d:64:
4e:9f:80:83
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe2ExHYDCN/JBroXY4besVStKe8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkZTU4NjM5MTI2NzMzOGNjMTA2NmQ1NDhlYjQ4NjU4MDY5Njg1NjMwYWQ4
ZGY5N2MxNTlkMzc2OWMxMjY2NzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwVCGTwJElVI0dCpr9FJsxk5ArDQErjzwZVOFjgJzoYhwUY+UNFOipguBOE
xCkak3neG9n/jQn+Vgm637H6mp0mxgn1TQtcXlxLQsOMPlBnCtqfzdjutZzPkBQg
FGHEr0Zajc14FId9sUzF3QWE8WwMbEzt+xCarfjaahEH0VK0vWQleeP//Q9GHEkJ
YdDV7WXKEy+F4lRBdMtBty1faE0O5UcJXKMYB5PP7GL12nDc9oH77FlgStY9Nyi1
mtuAdqwnLk/KKl8HIYDO6lBDd9OPCOzwr97cpYLs41UqRTKaIu++aSskwPvEWvfl
WLKEzC5euDBF8Usi5/H22JPB5HUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQP5kvi
sV3cWXsoCaFf3IgSs+m1vDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjI2NjNmOTctM2I2YS00MmNmLWFlY2YtMzljZGJiMzQ0ZDYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAHUxKu8dtvIV+/lIiaSB8IHOAPTtWDLSrjordcTHh
whLtkEnJ9nu+dGFhUHGK2waX/y8C9++OE2mQ4Is2QpBny+0WH0mw83JOLtglAFu+
FY2nlsc4IyVTFTONocZIujLAATsttQpxiz30TQu5OMhzJXaAG9JYiYaaJkezmY93
yBPihOs95/GQZI2wahcFaH2lqpQuMKUz8aPb9B+trC+Z9dAOcJXAiAMA9/53zDB9
1Qzy4AZdkOYt6hBdCcwDM86bkCF8+i2rjk8wm3wfmb0oDdgDUrqPnMXUAH+jZeRx
9nopQ5cfcujAESX+tGpNYQTTULTOS4d0vAb4401kTp+Agw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:48 2025 by rpki-client