Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f98cf399-52e9-47a9-a65e-9953c8a44c49.roa
File: f98cf399-52e9-47a9-a65e-9953c8a44c49.roa (raw, json)
Hash identifier: Afki7+wMypZvUTLN+9gZJhmu6Gk6XNRKOIvQckLTpg8=
Subject key identifier: 18:38:BD:AC:0B:AC:6C:30:C7:A3:84:BC:80:EF:62:86:72:B6:D4:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 580878840AA081293EB77ED6AF22AC876F846080
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f98cf399-52e9-47a9-a65e-9953c8a44c49.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:08:78:84:0a:a0:81:29:3e:b7:7e:d6:af:22:ac:87:6f:84:60:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6e:58:48:49:f6:49:0a:4b:eb:61:ca:a8:37:
d8:51:13:e1:d4:d2:18:af:73:d8:84:80:93:5a:4e:
84:43:ae:29:91:96:a6:73:db:ba:f1:d9:0c:d1:24:
82:ef:27:96:ff:a8:6c:cc:2c:48:f9:fb:0a:d9:51:
d4:7b:56:01:d0:49:de:ad:0f:2e:1d:85:f8:dd:e8:
c4:f5:49:b6:85:c4:06:4b:38:54:9a:22:45:0c:7d:
de:a1:52:44:d0:00:47:4c:e4:57:53:17:fc:20:4b:
b7:22:83:35:c4:65:10:d9:51:cc:4b:e9:8a:92:33:
ca:24:81:c0:bf:0c:13:f3:36:37:fc:77:5f:03:e1:
fd:22:94:97:8b:b0:22:04:07:07:54:03:8b:71:57:
00:37:0d:b1:0a:37:89:58:24:b9:5c:75:53:56:24:
f9:f5:70:0e:c1:12:b4:45:73:c7:6a:23:1e:49:3b:
d7:ba:65:cc:6b:a6:16:83:ce:11:28:11:8a:0e:28:
8b:e7:aa:69:31:f8:5d:0e:c7:0b:73:77:d0:7c:ac:
b2:c7:2d:90:dd:e5:ad:fe:3c:fb:75:58:4f:d3:9f:
a6:08:c9:2c:d2:13:db:3b:e8:8e:dc:ad:0f:a3:e5:
a8:67:14:71:3f:7f:98:7c:15:4d:90:c4:08:cf:a0:
60:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:38:BD:AC:0B:AC:6C:30:C7:A3:84:BC:80:EF:62:86:72:B6:D4:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f98cf399-52e9-47a9-a65e-9953c8a44c49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:66:fa:26:4f:6b:e0:1d:7d:99:83:d1:57:42:70:6b:1b:1d:
a1:6f:f2:f0:67:30:f9:20:a8:bd:23:3e:39:c7:89:4c:63:75:
4f:c2:61:25:5f:dc:06:e7:f8:7f:82:90:8a:56:a5:4c:8c:60:
dc:e0:57:c3:66:81:66:b4:1c:a9:36:56:37:72:f8:ea:5c:7a:
68:32:6a:31:f4:19:15:ce:e1:ac:79:7b:af:d2:24:53:be:77:
e1:b6:4e:57:d4:03:6d:bf:7f:5a:8c:89:98:a1:d5:61:35:00:
e5:cc:2e:68:3a:01:51:83:95:de:84:65:82:91:18:4a:15:33:
71:65:32:7c:27:23:8c:23:dd:93:14:19:42:10:da:25:c8:46:
5e:d2:19:79:fd:f6:06:42:9d:cc:64:8b:5b:2c:e2:80:c6:dc:
35:ac:54:b8:1e:e2:d9:8d:f8:7f:c1:89:83:4d:be:cb:dc:3d:
b7:38:d6:81:e2:3c:ab:f6:fa:28:51:ac:42:bd:29:8b:46:5f:
60:95:51:77:41:55:e1:20:d4:39:8a:10:65:ca:cf:d2:7c:74:
c2:d2:e2:ff:43:ad:32:86:2e:2b:a6:91:7c:00:dc:be:4e:a3:
cb:f5:2e:89:93:2f:ca:cb:33:5c:f6:5d:ee:42:e5:aa:fb:84:
b3:5e:d6:c0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWAh4hAqggSk+t37WryKsh2+EYIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlZGFmNDc3ZDE0ZTIxNGI0OTNmNTM2OThmZDNlMmI0MGJhOWQ2MDVlZjBk
MjhiMDFkNGE4OTdlYTU2ZTY1MjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKduWEhJ9kkKS+thyqg32FET4dTSGK9z2ISAk1pOhEOuKZGWpnPbuvHZDNEk
gu8nlv+obMwsSPn7CtlR1HtWAdBJ3q0PLh2F+N3oxPVJtoXEBks4VJoiRQx93qFS
RNAAR0zkV1MX/CBLtyKDNcRlENlRzEvpipIzyiSBwL8ME/M2N/x3XwPh/SKUl4uw
IgQHB1QDi3FXADcNsQo3iVgkuVx1U1Yk+fVwDsEStEVzx2ojHkk717plzGumFoPO
ESgRig4oi+eqaTH4XQ7HC3N30HysssctkN3lrf48+3VYT9OfpgjJLNIT2zvojtyt
D6PlqGcUcT9/mHwVTZDECM+gYAcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYOL2s
C6xsMMejhLyA72KGcrbUQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Zjk4Y2YzOTktNTJlOS00N2E5LWE2NWUtOTk1M2M4YTQ0YzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQAcZvomT2vgHX2Zg9FXQnBrGx2hb/LwZzD5IKi9Iz45
x4lMY3VPwmElX9wG5/h/gpCKVqVMjGDc4FfDZoFmtBypNlY3cvjqXHpoMmox9BkV
zuGseXuv0iRTvnfhtk5X1ANtv39ajImYodVhNQDlzC5oOgFRg5XehGWCkRhKFTNx
ZTJ8JyOMI92TFBlCENolyEZe0hl5/fYGQp3MZItbLOKAxtw1rFS4HuLZjfh/wYmD
Tb7L3D23ONaB4jyr9vooUaxCvSmLRl9glVF3QVXhINQ5ihBlys/SfHTC0uL/Q60y
hi4rppF8ANy+TqPL9S6Jky/KyzNc9l3uQuWq+4SzXtbA
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:37:15 2025 by rpki-client