Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
File: f4d4070b-fb20-4536-8c71-53420a83e347.roa (raw, json)
Hash identifier: kMNWEkZYwncQY1oW/0go/O2QjUBMnnxVYIH7fKr6BKI=
Subject key identifier: 08:2B:90:7A:B6:2D:CA:4F:8A:DD:4F:89:3B:10:C6:D5:44:05:43:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1069A04889897A2228300427C01660009F8902BF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:69:a0:48:89:89:7a:22:28:30:04:27:c0:16:60:00:9f:89:02:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:50:1c:91:54:86:94:ab:3e:1b:ad:2f:78:38:
39:5f:78:69:52:53:d3:9d:8f:96:c3:29:93:57:8b:
44:d5:11:aa:db:a8:ea:c6:1b:66:ce:57:13:b2:98:
5e:6b:bf:75:c6:36:4a:47:b5:12:d9:2e:87:a7:0f:
f5:86:17:7c:2a:7c:10:c5:d6:03:ed:e3:85:5e:01:
1b:38:52:26:d4:fa:5c:b8:f6:10:ab:10:09:d7:84:
33:8f:26:e7:9b:7f:0d:ca:d1:85:bd:cc:73:a3:77:
2d:f0:4a:2f:49:d5:71:04:8b:41:a7:41:46:e7:bb:
26:17:b7:50:5e:30:fd:88:26:33:dc:18:89:96:6e:
d5:e6:cb:7f:21:c8:15:fd:4b:1c:41:28:97:27:ad:
df:67:ed:63:c1:2e:9f:4b:88:08:a8:72:ec:21:b8:
91:a8:b1:4d:f3:71:81:c4:30:22:f0:a8:d4:55:d9:
0a:6c:e3:26:e5:ac:be:6f:ca:78:fa:2c:2b:fe:f0:
05:7e:63:a0:b5:93:d9:11:3e:3a:b5:c3:42:54:1c:
d1:1b:2c:b8:72:fb:84:30:79:bb:56:27:e2:ad:83:
63:d8:0d:fc:cf:8f:cd:8d:ca:a8:4f:15:ae:4e:ee:
bb:70:d6:96:a8:08:7a:27:9c:98:f4:ef:a1:b8:ae:
3a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2B:90:7A:B6:2D:CA:4F:8A:DD:4F:89:3B:10:C6:D5:44:05:43:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:ae:71:22:37:55:da:4b:e7:be:30:c4:4e:54:82:2a:f8:a6:
50:dd:35:07:04:fc:13:10:21:da:59:3b:5c:0f:00:62:bc:f3:
ac:45:5c:39:0e:35:ed:40:d9:5e:65:73:aa:db:c7:55:ec:22:
e9:a4:31:f3:4e:a8:4d:da:49:14:e0:a8:59:b5:b9:ae:e0:7a:
e0:c2:74:fd:76:dc:bd:3f:54:2a:a3:dc:8b:98:2b:3f:eb:a1:
42:ee:c2:69:0d:22:08:6f:24:e2:eb:e2:a6:4b:fa:c8:04:87:
c8:0f:77:b4:d2:96:17:1a:71:85:77:1a:b5:e1:9f:e8:46:1c:
3c:41:d8:9b:ba:5f:d1:fb:21:a6:5c:20:7f:cb:33:90:22:c8:
7d:ee:39:5a:d0:19:3d:1e:43:d9:1e:62:39:69:a9:9c:08:50:
ce:af:d6:c9:85:e7:67:8b:f4:5b:eb:49:a4:05:55:e2:6c:ad:
81:81:8e:9d:bf:3c:c7:fa:5c:bb:9b:96:42:12:06:6e:9d:2a:
d8:fd:e6:23:01:26:11:61:c4:10:ba:5f:8b:17:4f:59:fd:2e:
9f:1b:0e:d0:d2:39:71:1d:1c:73:16:1a:2d:0b:51:a5:74:c2:
ae:61:1c:f9:c0:a5:2f:99:bb:2c:da:96:84:7e:51:25:ae:d2:
a1:9e:73:b4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEGmgSImJeiIoMAQnwBZgAJ+JAr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNDJkNmRmODgwNGUyOWY0NWU1YjNiNWI2ZmY0MTgzYjFmY2I4MWM1MjE3
NDA0ZjU1MGI2ZTcwOTZmNGExNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5QHJFUhpSrPhutL3g4OV94aVJT052PlsMpk1eLRNURqtuo6sYbZs5XE7KY
Xmu/dcY2Ske1Etkuh6cP9YYXfCp8EMXWA+3jhV4BGzhSJtT6XLj2EKsQCdeEM48m
55t/DcrRhb3Mc6N3LfBKL0nVcQSLQadBRue7Jhe3UF4w/YgmM9wYiZZu1ebLfyHI
Ff1LHEEolyet32ftY8Eun0uICKhy7CG4kaixTfNxgcQwIvCo1FXZCmzjJuWsvm/K
ePosK/7wBX5joLWT2RE+OrXDQlQc0RssuHL7hDB5u1Yn4q2DY9gN/M+PzY3KqE8V
rk7uu3DWlqgIeiecmPTvobiuOncCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQIK5B6
ti3KT4rdT4k7EMbVRAVDaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjRkNDA3MGItZmIyMC00NTM2LThjNzEtNTM0MjBhODNlMzQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQCGrnEiN1XaS+e+MMROVIIq+KZQ3TUHBPwTECHaWTtc
DwBivPOsRVw5DjXtQNleZXOq28dV7CLppDHzTqhN2kkU4KhZtbmu4HrgwnT9dty9
P1Qqo9yLmCs/66FC7sJpDSIIbyTi6+KmS/rIBIfID3e00pYXGnGFdxq14Z/oRhw8
Qdibul/R+yGmXCB/yzOQIsh97jla0Bk9HkPZHmI5aamcCFDOr9bJhedni/Rb60mk
BVXibK2BgY6dvzzH+ly7m5ZCEgZunSrY/eYjASYRYcQQul+LF09Z/S6fGw7Q0jlx
HRxzFhotC1GldMKuYRz5wKUvmbss2paEflElrtKhnnO0
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:18:36 2025 by rpki-client