Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
File: 52763e98-2920-46fc-8dad-f7cba491e994.roa (raw, json)
Hash identifier: 8cVyhWG10tVnciU8y9DwROhRU+dWeLe5cWmizifiy5Q=
Subject key identifier: E4:7C:20:9E:F3:CF:11:BE:CB:07:49:C0:94:DD:AD:9C:14:85:B5:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 575A08897CFFE0BC177CC5968B90DFBF61EDFB1D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:5a:08:89:7c:ff:e0:bc:17:7c:c5:96:8b:90:df:bf:61:ed:fb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=ea987d0407d8c925a9026108347850b1cfee2fc5d28de968de0f38870cdc15e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1a:a4:6c:67:cf:dd:45:1e:40:ec:8f:05:0b:
2c:7a:48:32:a2:4a:88:70:1c:b9:24:61:9d:1f:03:
61:fb:b5:18:37:f5:29:a9:d4:52:ff:d6:64:cd:bf:
04:d3:41:4e:26:3b:7d:1a:6a:45:f8:b5:c4:b4:c8:
7e:be:12:d0:ec:5f:db:c4:ac:f6:28:e1:ea:79:07:
bd:5e:d4:44:86:dd:e6:f6:85:23:f4:88:cb:a0:2b:
71:8c:99:c1:82:31:87:8d:b0:e9:29:55:a9:02:21:
36:b1:f2:2c:a9:3e:8e:8a:81:2b:d0:72:ce:b9:f0:
6c:a0:8d:08:ee:3c:73:4d:02:5f:41:0b:25:c7:cc:
22:85:0a:be:19:a9:2e:aa:fa:fb:05:74:13:06:ac:
54:fa:9e:69:c1:20:9b:49:94:2f:68:7d:95:65:41:
bc:82:27:b6:a6:55:9b:6c:33:26:94:51:7f:0f:38:
13:f2:ea:2d:57:eb:76:a4:45:8c:5d:46:36:80:8e:
9f:30:a9:09:4c:b9:d3:31:5b:32:84:24:00:97:a8:
28:34:46:e9:76:13:62:e5:3c:92:ce:0e:87:ca:78:
8f:0f:5d:61:47:d3:89:e6:b8:f7:92:0c:89:57:b9:
a3:c8:43:c7:a6:54:9f:ba:1b:87:4b:8e:e7:29:b6:
2e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:7C:20:9E:F3:CF:11:BE:CB:07:49:C0:94:DD:AD:9C:14:85:B5:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
8c:7a:c3:84:58:9e:40:76:0a:59:a7:8b:57:20:ea:3e:e3:9c:
4b:9a:25:e9:04:39:02:f6:7f:36:32:2d:80:ed:9e:92:e1:72:
88:07:d3:22:de:83:e4:54:a2:af:07:0d:38:02:e2:db:0c:dc:
16:f2:9e:37:3a:95:a5:78:e6:07:b3:45:b0:da:5d:1f:d6:84:
24:a1:35:76:c3:cc:f7:d6:3d:18:07:f3:10:e4:a5:db:1a:df:
78:dd:fc:72:93:25:d2:ff:2e:09:f6:82:1c:2d:3c:81:20:32:
71:5d:27:bf:b7:00:20:ed:52:99:c5:eb:24:d1:f7:41:9a:9b:
51:9f:85:72:15:f3:2c:fe:3b:80:6a:e1:44:c0:c9:08:f0:39:
51:4c:35:cb:ae:03:9b:f9:e1:cc:51:9b:5d:26:56:ff:5f:bf:
b0:31:81:f8:59:85:61:83:4f:38:f4:af:88:7b:f2:5d:04:d5:
39:74:cf:3b:35:b9:27:23:53:61:cf:a2:37:e4:f8:bc:f0:65:
36:b8:99:97:0d:63:a5:6e:fc:08:4c:a0:c7:5b:48:6e:69:c0:
33:2d:46:df:da:57:2d:a6:78:69:5d:9e:23:5f:15:d4:2b:9a:
a1:ac:53:c6:b6:73:c3:c4:ce:1f:f6:7b:bc:d6:af:c4:e6:db:
87:03:f1:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV1oIiXz/4LwXfMWWi5Dfv2Ht+x0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhOTg3ZDA0MDdkOGM5MjVhOTAyNjEwODM0Nzg1MGIxY2ZlZTJmYzVkMjhk
ZTk2OGRlMGYzODg3MGNkYzE1ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkapGxnz91FHkDsjwULLHpIMqJKiHAcuSRhnR8DYfu1GDf1KanUUv/WZM2/
BNNBTiY7fRpqRfi1xLTIfr4S0Oxf28Ss9ijh6nkHvV7URIbd5vaFI/SIy6ArcYyZ
wYIxh42w6SlVqQIhNrHyLKk+joqBK9ByzrnwbKCNCO48c00CX0ELJcfMIoUKvhmp
Lqr6+wV0EwasVPqeacEgm0mUL2h9lWVBvIIntqZVm2wzJpRRfw84E/LqLVfrdqRF
jF1GNoCOnzCpCUy50zFbMoQkAJeoKDRG6XYTYuU8ks4Oh8p4jw9dYUfTiea495IM
iVe5o8hDx6ZUn7obh0uO5ym2LisCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkfCCe
888RvssHScCU3a2cFIW1ATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTI3NjNlOTgtMjkyMC00NmZjLThkYWQtZjdjYmE0OTFlOTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQCMesOEWJ5AdgpZp4tXIOo+45xLmiXpBDkC9n82
Mi2A7Z6S4XKIB9Mi3oPkVKKvBw04AuLbDNwW8p43OpWleOYHs0Ww2l0f1oQkoTV2
w8z31j0YB/MQ5KXbGt943fxykyXS/y4J9oIcLTyBIDJxXSe/twAg7VKZxesk0fdB
mptRn4VyFfMs/juAauFEwMkI8DlRTDXLrgOb+eHMUZtdJlb/X7+wMYH4WYVhg084
9K+Ie/JdBNU5dM87NbknI1Nhz6I35Pi88GU2uJmXDWOlbvwITKDHW0huacAzLUbf
2lctpnhpXZ4jXxXUK5qhrFPGtnPDxM4f9nu81q/E5tuHA/GO
-----END CERTIFICATE-----
Generated at Fri May 9 10:19:46 2025 by rpki-client