Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
File: fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa (raw, json)
Hash identifier: X9gyQSsEsnyNX6lIuvcjM3blCeznWKJ8xXgpfwH7E+Y=
Subject key identifier: B3:96:DD:9E:A9:5A:BA:8D:05:4D:11:C2:D1:62:AD:07:E2:6A:2D:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53B72C78F26212CE6620E904C629CC7090992BE0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:b7:2c:78:f2:62:12:ce:66:20:e9:04:c6:29:cc:70:90:99:2b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:1a:9e:4a:08:51:c7:cd:88:c6:27:f6:ed:57:
30:21:2a:2c:32:b6:1c:00:c5:3f:32:42:cc:aa:68:
63:94:30:eb:e9:7a:d2:27:31:df:66:36:48:a1:ea:
40:71:76:ab:67:7d:16:ad:f4:7b:13:d1:14:5a:b8:
69:85:0f:e4:0f:94:e9:72:86:51:50:53:f9:7c:f9:
e7:72:15:57:73:cd:b7:d1:1f:28:19:cc:f2:ca:08:
10:78:e5:93:82:1b:1f:e5:88:97:2c:ff:47:b6:c3:
d1:d0:c6:4f:2f:52:a7:f3:66:98:06:d4:06:44:f9:
7d:31:a8:55:2f:e0:72:1e:ba:8c:6c:4e:27:19:81:
a9:ac:e5:88:fa:37:2e:5d:c3:94:e0:4a:94:3a:af:
6a:8a:4d:57:41:33:92:b2:44:43:b4:ad:9c:ee:91:
2b:72:4f:12:44:31:26:b4:e4:6e:f9:7a:39:3b:b8:
7f:32:a1:17:e1:3d:78:34:c9:20:72:66:c6:3a:45:
bd:b4:f8:d6:b4:d8:d0:67:fb:b2:10:71:50:4f:fb:
65:c1:ad:12:87:4f:75:7e:9d:c3:cc:be:92:7e:b6:
2b:0e:fd:83:8e:34:56:32:19:82:1f:9c:9b:6c:49:
6b:cd:53:0c:06:02:5d:df:9f:da:f4:d4:35:54:de:
2e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:96:DD:9E:A9:5A:BA:8D:05:4D:11:C2:D1:62:AD:07:E2:6A:2D:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
71:9a:6e:1e:10:d9:a9:b3:e6:9f:e5:84:91:98:b7:e7:14:b2:
8c:0e:73:62:cf:6f:de:61:44:d7:a6:f8:51:8d:13:bf:08:a3:
28:1c:fb:ba:93:7f:99:61:8a:b7:53:aa:75:79:4b:8f:de:cb:
a9:f2:09:16:24:7b:34:50:6e:67:f8:12:80:17:33:ad:62:00:
27:f9:84:7f:59:f5:24:d4:8a:e2:fd:e4:15:8f:12:32:96:09:
7e:5d:03:55:47:a6:1a:8f:a9:7b:89:16:0a:8d:cd:82:32:bf:
04:e5:80:dd:b8:16:fd:09:fd:c2:e4:cb:6d:d5:21:59:14:92:
f8:79:d8:10:3d:27:30:73:6f:7c:3c:1f:81:6b:ed:f0:00:4a:
cc:1c:ac:02:0c:6b:a2:47:2b:9e:a3:bc:55:6c:a9:d9:be:db:
d4:e8:07:35:01:21:81:59:11:9a:5a:8f:65:95:e3:e3:48:2d:
2e:47:9a:60:f6:49:03:55:d5:1a:4f:d6:84:ff:c3:2f:7a:de:
95:53:b9:07:92:a8:b7:a3:2e:dc:d1:3a:1c:d2:cc:3d:f9:90:
77:7b:0d:46:46:c2:c3:65:fd:3b:a9:96:c7:a5:e7:f2:86:59:
d8:5b:68:1f:ee:e7:f8:17:ec:ef:28:64:ad:e3:36:f8:34:e2:
59:a3:bb:e9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU7csePJiEs5mIOkExinMcJCZK+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwOGRjNDlhNmE2OTg2YmRiMzkyNTcwNTAzNzQ0MjhjNmI0ODA5NjJhMGRh
MGQ4YTA4ODhlMDZlOGYxMjdlMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPEankoIUcfNiMYn9u1XMCEqLDK2HADFPzJCzKpoY5Qw6+l60icx32Y2SKHq
QHF2q2d9Fq30exPRFFq4aYUP5A+U6XKGUVBT+Xz553IVV3PNt9EfKBnM8soIEHjl
k4IbH+WIlyz/R7bD0dDGTy9Sp/NmmAbUBkT5fTGoVS/gch66jGxOJxmBqazliPo3
Ll3DlOBKlDqvaopNV0EzkrJEQ7StnO6RK3JPEkQxJrTkbvl6OTu4fzKhF+E9eDTJ
IHJmxjpFvbT41rTY0Gf7shBxUE/7ZcGtEodPdX6dw8y+kn62Kw79g440VjIZgh+c
m2xJa81TDAYCXd+f2vTUNVTeLosCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSzlt2e
qVq6jQVNEcLRYq0H4motOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU5NmY2ZTYtNzRiMS00ZjY5LWJiMTgtMmQ5YWFlMzU0ZDhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAcZpuHhDZqbPmn+WEkZi35xSyjA5zYs9v3mFE16b4
UY0TvwijKBz7upN/mWGKt1OqdXlLj97LqfIJFiR7NFBuZ/gSgBczrWIAJ/mEf1n1
JNSK4v3kFY8SMpYJfl0DVUemGo+pe4kWCo3NgjK/BOWA3bgW/Qn9wuTLbdUhWRSS
+HnYED0nMHNvfDwfgWvt8ABKzBysAgxrokcrnqO8VWyp2b7b1OgHNQEhgVkRmlqP
ZZXj40gtLkeaYPZJA1XVGk/WhP/DL3relVO5B5Kot6Mu3NE6HNLMPfmQd3sNRkbC
w2X9O6mWx6Xn8oZZ2FtoH+7n+Bfs7yhkreM2+DTiWaO76Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:00:39 2025 by rpki-client