Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0c6b4210-6d33-4120-9b45-22888da2c0a8.roa
File: 0c6b4210-6d33-4120-9b45-22888da2c0a8.roa (raw, json)
Hash identifier: i/Cy7s70kPBIgl0U7aBAFJ7YucPlCBm/MmEMnfPHTEc=
Subject key identifier: C5:49:36:E3:14:AC:76:6F:83:0A:7C:66:71:D9:C1:50:5D:CE:20:AF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49C128935D3A71C8DBDFC90724D7F3598C614D67
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0c6b4210-6d33-4120-9b45-22888da2c0a8.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:c1:28:93:5d:3a:71:c8:db:df:c9:07:24:d7:f3:59:8c:61:4d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:21:15:f4:40:40:a0:86:ba:10:2c:6c:37:24:
ec:e6:88:24:80:90:42:c0:eb:c1:70:c6:a6:90:ba:
be:52:8e:e4:5c:22:93:f1:00:f5:6c:62:34:1f:e1:
e6:04:a0:d1:5f:ea:9f:a3:b0:53:28:d8:73:10:c8:
eb:ab:3f:64:9f:bb:a9:04:09:a0:f9:5e:c9:a3:1b:
7e:af:e1:e4:c0:0f:9b:42:49:41:f6:2d:dd:e7:cf:
aa:16:95:68:97:e5:5b:0d:9d:10:dc:a5:93:b1:ac:
f4:cc:58:7f:38:f4:3e:7c:b8:57:ca:04:ca:8c:4f:
33:d9:83:25:3e:c8:5c:44:41:6b:ea:28:45:de:ec:
0f:a8:b2:27:70:30:cc:1f:49:7f:58:6c:ec:ed:46:
a2:4d:36:22:28:58:63:7b:a9:a5:52:9d:3a:db:bf:
9b:fb:50:9b:e1:d4:94:f6:b6:66:5f:be:69:84:f8:
ed:41:a9:c4:c6:24:0f:22:40:f7:ff:5e:c4:14:56:
15:d2:ea:da:c5:f1:b8:05:e9:76:ea:84:ec:02:38:
37:ff:af:95:8b:7e:a9:1e:66:8b:91:30:76:ab:69:
bf:ec:3d:14:50:82:bb:11:72:c4:f4:30:e1:82:69:
c3:97:7d:f9:a6:52:d1:f9:49:00:d7:1d:45:32:4b:
f0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:49:36:E3:14:AC:76:6F:83:0A:7C:66:71:D9:C1:50:5D:CE:20:AF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0c6b4210-6d33-4120-9b45-22888da2c0a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
98:c9:94:f2:a9:75:fe:56:34:68:f2:cd:ec:f4:a1:0b:24:5f:
22:08:9e:af:24:e9:80:03:29:52:1f:0b:e9:85:5b:ed:41:2e:
11:ae:61:59:cb:f3:5e:11:32:97:9a:2b:21:78:a7:89:ef:7c:
ae:af:7e:34:8b:0a:ba:14:05:53:aa:f6:41:1d:3f:35:8d:e5:
9c:3a:40:5c:c5:c3:0d:bf:36:30:50:6a:3e:4e:11:ab:12:60:
a7:23:94:52:d9:a7:10:90:62:6f:ba:23:0f:fc:e3:b5:59:bc:
d0:65:bb:79:65:ee:21:8c:a0:16:67:7a:99:1e:8d:19:e8:59:
ab:1a:2a:b5:92:5d:66:c7:40:71:0a:b3:c9:33:43:e9:64:68:
73:df:ef:d9:4c:a7:50:b3:97:dc:ab:2f:f4:9e:e5:a5:22:f3:
ef:53:66:9d:f3:c9:23:0c:b9:35:67:59:12:6f:1c:ea:6f:6f:
6d:a9:19:72:c6:13:81:de:a6:3e:6b:42:ce:ed:21:ed:9e:b5:
41:a7:69:1b:08:30:8f:67:d7:ac:73:b3:49:bb:51:ef:d5:ad:
6a:e4:4c:96:2b:52:9c:76:43:c6:f4:b1:b9:dd:24:05:20:a9:
d1:8f:fb:e7:b1:92:22:7b:fb:ca:54:8a:37:55:e9:42:e6:18:
2b:af:42:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUScEok106ccjb38kHJNfzWYxhTWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MTkyM2Q0NGYzZTA2NWM0NDQzNjdjYzI5NzgwODJlNDIzMzQ1N2E3MTM2
ZTQ3OTM3MWM1ODY5ODFlMzA2NzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANghFfRAQKCGuhAsbDck7OaIJICQQsDrwXDGppC6vlKO5Fwik/EA9WxiNB/h
5gSg0V/qn6OwUyjYcxDI66s/ZJ+7qQQJoPleyaMbfq/h5MAPm0JJQfYt3efPqhaV
aJflWw2dENylk7Gs9MxYfzj0Pny4V8oEyoxPM9mDJT7IXERBa+ooRd7sD6iyJ3Aw
zB9Jf1hs7O1Gok02IihYY3uppVKdOtu/m/tQm+HUlPa2Zl++aYT47UGpxMYkDyJA
9/9exBRWFdLq2sXxuAXpduqE7AI4N/+vlYt+qR5mi5Ewdqtpv+w9FFCCuxFyxPQw
4YJpw5d9+aZS0flJANcdRTJL8AECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTFSTbj
FKx2b4MKfGZx2cFQXc4grzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGM2YjQyMTAtNmQzMy00MTIwLTliNDUtMjI4ODhkYTJjMGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAmMmU8ql1/lY0aPLN7PShCyRfIgieryTpgAMpUh8L
6YVb7UEuEa5hWcvzXhEyl5orIXinie98rq9+NIsKuhQFU6r2QR0/NY3lnDpAXMXD
Db82MFBqPk4RqxJgpyOUUtmnEJBib7ojD/zjtVm80GW7eWXuIYygFmd6mR6NGehZ
qxoqtZJdZsdAcQqzyTND6WRoc9/v2UynULOX3Ksv9J7lpSLz71NmnfPJIwy5NWdZ
Em8c6m9vbakZcsYTgd6mPmtCzu0h7Z61QadpGwgwj2fXrHOzSbtR79WtauRMlitS
nHZDxvSxud0kBSCp0Y/757GSInv7ylSKN1XpQuYYK69CPQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:49 2025 by rpki-client