Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
File: 6ae34828-513c-4833-b505-1b83f25fa93e.roa (raw, json)
Hash identifier: MaWqQ8dvioyOnIpzENWHN9I2RpSxYfSz3lVwpcWVSlE=
Subject key identifier: A1:D1:91:7F:6F:39:86:ED:09:30:EB:27:6F:58:5A:27:51:26:5A:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F32985B5D054D3F07650D40EA9ACA1BA7C61CD2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:32:98:5b:5d:05:4d:3f:07:65:0d:40:ea:9a:ca:1b:a7:c6:1c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:93:a2:a7:ef:d8:b7:5e:27:23:92:51:6f:4d:
b0:1e:be:58:b0:1b:01:ca:df:7f:a1:e7:b0:24:4f:
9d:74:cd:f3:18:02:a8:0a:fc:74:14:e4:a9:7a:dc:
b5:e0:e1:84:c8:2a:66:58:84:5a:aa:de:d9:4d:a6:
8f:d6:f9:8d:59:9f:07:de:21:85:a8:cc:03:66:23:
15:f5:80:04:0b:9a:62:b8:62:5c:e2:3e:c5:fc:09:
c9:9a:3c:76:a8:bb:7e:2d:59:32:2e:9f:90:fd:ae:
62:6c:c7:43:6c:db:55:aa:17:52:eb:18:43:b5:72:
06:af:23:d3:d9:69:1b:2a:4f:cc:a7:b5:96:7d:27:
a7:5e:8f:6a:b2:63:8e:a2:54:bb:8f:f7:56:fa:47:
e8:58:6f:9c:83:ab:33:2d:0d:fe:89:60:27:de:c2:
ca:b2:d8:ea:a8:f9:d8:3e:9e:fe:21:e9:ac:c2:82:
13:16:cb:a2:aa:11:62:3e:8c:76:72:e7:53:30:fb:
9a:3b:85:77:43:ce:81:a1:09:60:cb:fc:f5:97:82:
aa:61:a7:0e:e0:ef:52:1d:69:50:0c:df:cd:db:92:
25:da:40:10:0f:d6:69:4c:37:a5:d3:b3:2d:7b:d2:
3a:63:6f:2f:e6:77:8a:f2:ea:05:e8:d0:05:ac:1b:
cf:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D1:91:7F:6F:39:86:ED:09:30:EB:27:6F:58:5A:27:51:26:5A:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:50:2c:5b:11:30:61:26:12:e3:61:f8:e0:6b:f6:2a:9f:aa:
00:89:08:32:9c:3c:7e:2e:e7:ed:f7:90:f4:1a:1d:ee:fe:a7:
31:c5:a4:6c:be:ae:7d:66:4a:54:15:be:fc:b5:d0:ec:c6:83:
09:1d:9e:fd:2a:65:46:28:fd:9c:59:14:12:17:f5:ba:3c:75:
92:56:d2:b5:e9:79:83:a3:6a:3b:9a:de:07:f2:bb:ea:7b:bd:
d9:f8:38:c3:9b:6c:58:e8:a8:e3:2d:79:62:43:f2:b4:96:5b:
1f:83:97:d0:98:1b:d0:7f:35:1d:ae:db:0d:1d:f9:da:22:d2:
e8:94:aa:55:f8:d2:e6:00:d2:ea:7a:bf:85:15:92:0f:5a:61:
36:06:fd:55:e9:3b:16:15:dc:59:88:47:c6:c3:5c:0f:d5:74:
0c:73:e5:70:91:6c:21:8e:14:55:97:dd:e6:78:81:d0:78:87:
5b:7b:b9:7d:18:97:9e:21:76:b8:3d:7a:58:e2:eb:9c:59:6f:
b2:47:c0:19:f2:89:af:0d:93:1a:79:bf:3b:07:b0:8e:2c:0b:
16:4d:a8:db:a8:6a:32:db:5b:7e:b9:e0:d7:bc:a0:e0:20:37:
21:14:05:15:a2:01:3b:74:1c:33:22:9d:2d:1c:b2:1d:a6:9e:
d8:4a:93:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTzKYW10FTT8HZQ1A6prKG6fGHNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ZjUyZDdhNTU0OTRmMGNlZWIwY2FlMTQwMGJhZWQ4NTYxNWUwMWFhMWMw
N2RmNTJkZjQxMjVhYjBiMTZlYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaToqfv2LdeJyOSUW9NsB6+WLAbAcrff6HnsCRPnXTN8xgCqAr8dBTkqXrc
teDhhMgqZliEWqre2U2mj9b5jVmfB94hhajMA2YjFfWABAuaYrhiXOI+xfwJyZo8
dqi7fi1ZMi6fkP2uYmzHQ2zbVaoXUusYQ7VyBq8j09lpGypPzKe1ln0np16ParJj
jqJUu4/3VvpH6FhvnIOrMy0N/olgJ97CyrLY6qj52D6e/iHprMKCExbLoqoRYj6M
dnLnUzD7mjuFd0POgaEJYMv89ZeCqmGnDuDvUh1pUAzfzduSJdpAEA/WaUw3pdOz
LXvSOmNvL+Z3ivLqBejQBawbz6kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSh0ZF/
bzmG7Qkw6ydvWFonUSZaODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmFlMzQ4MjgtNTEzYy00ODMzLWI1MDUtMWI4M2YyNWZhOTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQAlUCxbETBhJhLjYfjga/Yqn6oAiQgynDx+Luft95D0
Gh3u/qcxxaRsvq59ZkpUFb78tdDsxoMJHZ79KmVGKP2cWRQSF/W6PHWSVtK16XmD
o2o7mt4H8rvqe73Z+DjDm2xY6KjjLXliQ/K0llsfg5fQmBvQfzUdrtsNHfnaItLo
lKpV+NLmANLqer+FFZIPWmE2Bv1V6TsWFdxZiEfGw1wP1XQMc+VwkWwhjhRVl93m
eIHQeIdbe7l9GJeeIXa4PXpY4uucWW+yR8AZ8omvDZMaeb87B7COLAsWTajbqGoy
21t+ueDXvKDgIDchFAUVogE7dBwzIp0tHLIdpp7YSpM7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:18 2025 by rpki-client