Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/621fb82e-99a7-4d33-a646-877fafc69f46.roa
File: 621fb82e-99a7-4d33-a646-877fafc69f46.roa (raw, json)
Hash identifier: gjoizpHh5zGbM7Uj+/T7GYhcjLyy/WUOs8tmwHB8i/Y=
Subject key identifier: BC:B6:0E:E8:96:D8:DF:9F:27:03:86:23:15:92:88:7F:F5:AE:F0:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 675CA8965BE3850B06E6B90C0F8BD993C76DD71B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/621fb82e-99a7-4d33-a646-877fafc69f46.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:5c:a8:96:5b:e3:85:0b:06:e6:b9:0c:0f:8b:d9:93:c7:6d:d7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9c:79:7e:81:15:0b:92:99:3f:8b:69:fc:d9:
89:49:5f:d2:7f:d9:37:93:da:95:4e:02:12:78:c8:
3e:de:16:7f:87:98:ab:c9:95:66:cb:83:cb:3e:e9:
bc:ab:f4:5e:39:f0:97:16:58:f3:c5:f0:3a:d0:ea:
49:66:c5:ba:b2:4d:6e:96:b4:44:fe:36:54:29:aa:
e2:d1:55:15:49:c4:69:29:d8:bb:d4:38:a6:ec:0d:
e6:7a:4a:22:81:31:87:1b:7a:34:99:36:39:4c:78:
f3:33:bb:d9:c2:13:fd:80:23:4a:99:43:ae:bc:c4:
92:e5:aa:28:70:0f:21:1c:f6:b1:77:70:19:8a:18:
89:aa:09:93:74:c3:19:3f:90:26:e2:0c:a2:59:ee:
9e:74:4a:25:ba:f4:a1:4a:c1:06:27:43:f0:13:a3:
26:ff:a4:f2:c2:f8:e2:9a:c5:9a:54:d5:03:02:03:
cc:1e:e6:fd:b0:d5:2c:e6:73:ee:7b:26:0e:7d:16:
7d:f2:6a:86:9e:a5:c9:35:dd:fe:76:59:9c:b7:1a:
71:19:65:0d:81:e1:34:8a:99:33:14:87:96:8e:dc:
d7:a6:98:d8:97:d2:dd:0f:88:18:e5:b9:b2:32:c1:
33:c5:98:fe:51:11:35:b0:1c:77:e6:d5:d8:2d:9a:
45:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B6:0E:E8:96:D8:DF:9F:27:03:86:23:15:92:88:7F:F5:AE:F0:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/621fb82e-99a7-4d33-a646-877fafc69f46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ac:60:eb:1e:1f:89:25:9e:9d:46:c2:83:f4:d3:34:84:9c:4e:
a4:d7:c4:33:8f:e7:d6:91:ed:8b:bf:85:be:ec:3b:64:89:ad:
74:73:db:bb:82:62:b4:75:91:2e:3c:0a:a2:a0:6e:40:e8:02:
d6:6c:7e:a7:06:7f:49:37:80:70:7f:76:9e:08:2f:cf:f8:c5:
23:3b:37:35:5e:9d:ee:91:52:dc:ad:9e:7a:fc:f6:5a:94:fd:
63:82:44:d4:a3:e1:39:3e:72:e5:5f:a8:ec:c1:52:6d:39:40:
83:af:02:05:c8:08:51:aa:79:3e:87:56:c0:14:20:1d:3a:e8:
ba:e2:3d:59:22:ff:ea:80:b5:1d:1d:c5:9a:0e:1d:2d:f0:64:
76:30:5d:f9:51:9b:60:35:13:cc:21:8e:c2:1b:b3:c7:42:63:
a3:7c:98:21:b6:a2:72:2c:57:36:0f:a9:b8:32:ec:52:00:51:
3c:55:0b:73:07:1e:38:38:37:b9:e4:46:78:c1:40:ec:3c:5e:
d0:fd:4e:08:fc:a6:1b:31:dc:c3:71:d4:97:11:5a:1b:4b:e1:
77:b0:ea:f4:f4:9a:e0:a2:13:bd:0a:7c:bc:e3:5d:8d:d0:7a:
b3:38:d2:74:33:4c:e1:0c:0a:9a:9f:d0:a0:5a:69:12:67:a7:
fa:32:bb:cb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ1yollvjhQsG5rkMD4vZk8dt1xswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzZjAyMmFmNTkxMzY0NGFlYWYyMTM4ZGI5ZTU1NmFiZTk0MDkxMDYzMDI4
NDU2Y2IwOWVjYTRmMDVlOWQ5ZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKceX6BFQuSmT+LafzZiUlf0n/ZN5PalU4CEnjIPt4Wf4eYq8mVZsuDyz7p
vKv0XjnwlxZY88XwOtDqSWbFurJNbpa0RP42VCmq4tFVFUnEaSnYu9Q4puwN5npK
IoExhxt6NJk2OUx48zO72cIT/YAjSplDrrzEkuWqKHAPIRz2sXdwGYoYiaoJk3TD
GT+QJuIMolnunnRKJbr0oUrBBidD8BOjJv+k8sL44prFmlTVAwIDzB7m/bDVLOZz
7nsmDn0WffJqhp6lyTXd/nZZnLcacRllDYHhNIqZMxSHlo7c16aY2JfS3Q+IGOW5
sjLBM8WY/lERNbAcd+bV2C2aRdECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8tg7o
ltjfnycDhiMVkoh/9a7wkTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjIxZmI4MmUtOTlhNy00ZDMzLWE2NDYtODc3ZmFmYzY5ZjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEArGDrHh+JJZ6dRsKD9NM0hJxOpNfEM4/n1pHti7+F
vuw7ZImtdHPbu4JitHWRLjwKoqBuQOgC1mx+pwZ/STeAcH92nggvz/jFIzs3NV6d
7pFS3K2eevz2WpT9Y4JE1KPhOT5y5V+o7MFSbTlAg68CBcgIUap5PodWwBQgHTro
uuI9WSL/6oC1HR3Fmg4dLfBkdjBd+VGbYDUTzCGOwhuzx0Jjo3yYIbaicixXNg+p
uDLsUgBRPFULcwceODg3ueRGeMFA7Dxe0P1OCPymGzHcw3HUlxFaG0vhd7Dq9PSa
4KITvQp8vONdjdB6szjSdDNM4QwKmp/QoFppEmen+jK7yw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:32 2025 by rpki-client