Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
File: 2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa (raw, json)
Hash identifier: 3Dw7JA9AHdexEhmjmqOomblPcAEqnIxDa2zh/K2Wk2I=
Subject key identifier: 5E:2E:0C:50:C9:B8:A5:FC:C8:0C:8D:3B:30:9B:FB:35:EC:9D:E7:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27588F98C3F36CD3FD0FAC0718097DF5E92FCBBE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:58:8f:98:c3:f3:6c:d3:fd:0f:ac:07:18:09:7d:f5:e9:2f:cb:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=dd9bc5e96da599eab0ae47f15f1de6964ff42e9884f4d6783206f82325401a95, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:c7:88:c3:d8:68:d9:7c:ed:3f:19:6c:30:
44:7d:d5:fc:e6:fd:31:90:d3:12:06:d6:8f:aa:20:
08:63:5d:85:6a:2e:3a:c7:8c:d3:05:99:a3:3a:51:
13:50:81:79:aa:45:14:be:e9:db:f0:10:35:aa:b3:
00:c6:8d:14:06:e4:97:16:cc:6c:ae:39:8c:da:4f:
fd:41:1b:0f:48:fb:5d:cb:ec:0c:93:db:8b:65:9d:
fc:72:97:d2:a7:34:0a:3b:99:d2:29:80:dc:3a:f7:
7f:4f:3d:19:ec:66:81:59:de:8c:a4:83:d0:ca:35:
e6:3b:03:51:80:2b:5e:c3:c7:25:4a:3d:de:62:eb:
98:cd:7e:d1:2a:21:a4:b9:51:91:f4:80:18:ba:87:
52:14:7b:6c:38:74:ca:8a:3a:cd:8d:46:ac:2b:ff:
d1:c1:6d:0f:ab:5c:91:9d:cf:49:a6:4c:fc:3a:b2:
36:33:ae:1b:05:f7:41:e6:3b:f0:28:d4:34:7e:67:
ef:40:92:82:f5:e6:5a:c6:0f:21:b8:09:5c:41:df:
c2:58:1d:f3:57:2c:64:8f:42:15:dc:15:7c:17:85:
31:4f:ec:28:58:e9:6a:d7:b9:e8:39:97:9a:37:80:
2c:40:39:75:70:04:4c:b3:ee:0e:a7:0d:2e:8b:9d:
41:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:2E:0C:50:C9:B8:A5:FC:C8:0C:8D:3B:30:9B:FB:35:EC:9D:E7:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
ba:8a:ea:d2:79:f1:1a:e0:68:50:bb:b2:88:51:8a:1c:d9:5f:
5e:de:40:14:b5:f5:bb:5b:20:ec:bf:92:f8:49:8e:70:0a:ac:
42:f4:11:f1:27:0e:c0:df:d0:2b:bd:45:cc:70:17:e8:cf:fe:
77:0c:b7:d2:31:ba:1e:59:ef:a9:1d:c3:1d:58:75:61:3a:48:
0b:59:c1:af:eb:e9:33:9f:cf:25:9d:27:51:f4:90:4d:15:16:
0f:96:52:0f:b5:b7:74:09:13:47:84:36:d0:a1:5a:ea:0b:28:
13:f5:63:a7:6e:67:44:82:6b:92:c5:3d:fa:18:6a:f6:d2:6b:
e3:49:b6:9f:84:4c:95:fb:d0:6c:19:ff:05:9e:ee:9a:ed:9a:
3e:6d:19:60:f3:b8:fe:c0:3f:26:8d:15:d8:99:65:55:aa:5a:
29:6e:92:e0:9a:b5:f4:e8:11:75:65:48:e6:13:7b:e0:c8:46:
9a:06:3d:56:95:43:9f:3a:cb:ae:9a:dc:18:7f:04:ea:7a:df:
6c:0e:57:e3:26:16:80:c7:9c:32:de:17:b9:0b:12:1b:fa:aa:
b6:b8:75:01:7c:80:11:44:db:28:5c:fa:5c:df:24:f3:70:79:
6c:47:fc:2a:92:26:94:b8:01:04:4a:4a:76:80:cb:e8:0e:ee:
ec:b7:9a:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ1iPmMPzbNP9D6wHGAl99ekvy74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkOWJjNWU5NmRhNTk5ZWFiMGFlNDdmMTVmMWRlNjk2NGZmNDJlOTg4NGY0
ZDY3ODMyMDZmODIzMjU0MDFhOTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvnx4jD2GjZfO0/GWwwRH3V/Ob9MZDTEgbWj6ogCGNdhWouOseM0wWZozpR
E1CBeapFFL7p2/AQNaqzAMaNFAbklxbMbK45jNpP/UEbD0j7XcvsDJPbi2Wd/HKX
0qc0CjuZ0imA3Dr3f089GexmgVnejKSD0Mo15jsDUYArXsPHJUo93mLrmM1+0Soh
pLlRkfSAGLqHUhR7bDh0yoo6zY1GrCv/0cFtD6tckZ3PSaZM/DqyNjOuGwX3QeY7
8CjUNH5n70CSgvXmWsYPIbgJXEHfwlgd81csZI9CFdwVfBeFMU/sKFjpate56DmX
mjeALEA5dXAETLPuDqcNLoudQTUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBReLgxQ
ybil/MgMjTswm/s17J3nQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmU0YzI5MzQtOWU1NC00OWI2LWJiNDEtN2M3NmI1MDRkNzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAuorq0nnxGuBoULuyiFGKHNlfXt5AFLX1u1sg
7L+S+EmOcAqsQvQR8ScOwN/QK71FzHAX6M/+dwy30jG6HlnvqR3DHVh1YTpIC1nB
r+vpM5/PJZ0nUfSQTRUWD5ZSD7W3dAkTR4Q20KFa6gsoE/Vjp25nRIJrksU9+hhq
9tJr40m2n4RMlfvQbBn/BZ7umu2aPm0ZYPO4/sA/Jo0V2JllVapaKW6S4Jq19OgR
dWVI5hN74MhGmgY9VpVDnzrLrprcGH8E6nrfbA5X4yYWgMecMt4XuQsSG/qqtrh1
AXyAEUTbKFz6XN8k83B5bEf8KpImlLgBBEpKdoDL6A7u7Lea4w==
-----END CERTIFICATE-----
Generated at Fri May 9 10:10:15 2025 by rpki-client