Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
File: 6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa (raw, json)
Hash identifier: kpnohPqnVaDfmeyY+vWGyPd7Uodgl0eOTqBcBVjyjVI=
Subject key identifier: C4:20:19:40:FA:BF:B9:12:53:D0:29:44:3C:65:11:10:0A:F0:03:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72CBF6617E1DE5DFE6A6752DEC3E5B35E50D1881
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1010::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:cb:f6:61:7e:1d:e5:df:e6:a6:75:2d:ec:3e:5b:35:e5:0d:18:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=4b0fb9ebdd973142a63e8565eddaa17bc660ad11deb4cc2f1eb42341cdc89764, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:77:c8:02:df:7e:91:e0:27:98:1d:18:fa:d8:
7b:70:b8:1b:d8:8d:f8:7c:88:81:83:da:34:69:9f:
8f:f5:d1:c0:f8:af:c0:9b:fe:a7:ee:b4:52:c7:20:
65:15:cf:76:ab:18:79:a5:7c:20:08:2f:83:eb:c7:
dc:c1:2d:d7:e8:35:cf:ae:0a:5d:88:ac:75:96:a4:
a0:b9:97:16:6f:25:f6:84:50:98:b5:45:f8:f8:6c:
b6:84:79:2f:22:58:f1:6d:32:c9:2c:98:c2:ab:5f:
1b:68:e4:c5:2a:ed:4a:45:90:1f:cc:12:1d:bf:dc:
c8:eb:67:17:56:55:26:2b:59:d2:95:61:ef:37:c8:
78:b2:bc:1c:8f:1f:37:40:ca:33:07:31:51:23:d7:
de:68:e5:6b:68:33:c8:76:68:33:1f:55:e9:6b:ed:
ca:f7:d9:2f:26:33:03:ae:88:e3:c8:ee:c8:8f:8f:
26:90:cd:82:38:91:75:cc:f8:71:61:fa:dc:0d:d6:
cc:87:39:c4:05:cb:fd:28:02:fe:93:82:61:89:c4:
5c:ee:f8:85:79:a9:24:f7:30:cc:4b:46:18:b5:05:
cf:54:d0:1f:ff:c3:57:72:ae:d2:01:00:e0:7d:9e:
0e:c5:3d:d5:d8:e4:45:06:59:76:2e:08:72:8f:5e:
72:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:20:19:40:FA:BF:B9:12:53:D0:29:44:3C:65:11:10:0A:F0:03:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1010::/44
Signature Algorithm: sha256WithRSAEncryption
ad:1c:0a:9d:e8:27:7d:b9:b1:52:b2:16:e3:bf:b1:0f:37:b6:
8b:98:62:45:2e:a9:07:9a:34:cf:d1:95:c9:0a:49:f0:be:96:
70:ff:58:ba:bf:b0:12:8b:02:a4:01:1c:97:f2:95:fa:ff:b6:
24:91:f4:e8:c4:ff:70:69:0b:c0:ad:72:3a:4c:c0:2c:14:2d:
6d:de:12:b8:ff:8a:1b:c4:e2:cb:af:ba:30:54:9a:a4:1a:f0:
a8:71:d5:17:b9:2a:0e:24:1f:49:10:bc:fe:74:a7:e6:f7:65:
c5:24:29:90:7f:18:93:50:bd:c7:96:63:6a:86:ef:a6:19:b4:
60:10:86:8a:01:b5:0d:3b:fa:12:6b:1f:76:8a:9b:27:22:f6:
73:be:dd:6e:c0:1d:8e:9f:ed:87:5d:d9:cc:fc:5b:a3:f1:28:
99:40:5c:5a:a1:b9:db:0f:a4:89:b9:ca:98:fd:96:d4:1f:6e:
f5:c8:1c:f8:dc:1c:40:5c:7e:58:27:ba:29:98:18:10:a9:a4:
15:31:ed:11:70:0b:a3:e9:bb:b5:8a:77:d5:a9:ae:f6:87:44:
eb:a2:6c:0f:b1:a1:4f:df:20:7c:e1:ff:a4:11:cb:75:c0:f8:
3e:63:29:24:67:ca:95:2b:05:10:ef:dd:37:81:e4:a7:6f:76:
7e:ea:66:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcsv2YX4d5d/mpnUt7D5bNeUNGIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiMGZiOWViZGQ5NzMxNDJhNjNlODU2NWVkZGFhMTdiYzY2MGFkMTFkZWI0
Y2MyZjFlYjQyMzQxY2RjODk3NjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMV3yALffpHgJ5gdGPrYe3C4G9iN+HyIgYPaNGmfj/XRwPivwJv+p+60Uscg
ZRXPdqsYeaV8IAgvg+vH3MEt1+g1z64KXYisdZakoLmXFm8l9oRQmLVF+PhstoR5
LyJY8W0yySyYwqtfG2jkxSrtSkWQH8wSHb/cyOtnF1ZVJitZ0pVh7zfIeLK8HI8f
N0DKMwcxUSPX3mjla2gzyHZoMx9V6WvtyvfZLyYzA66I48juyI+PJpDNgjiRdcz4
cWH63A3WzIc5xAXL/SgC/pOCYYnEXO74hXmpJPcwzEtGGLUFz1TQH//DV3Ku0gEA
4H2eDsU91djkRQZZdi4Ico9ecncCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTEIBlA
+r+5ElPQKUQ8ZREQCvADJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmY3ZWIwZTYtZmJmNi00ODcyLThhNzAtODM4Y2JiYTQwZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoBBXgQ
EDANBgkqhkiG9w0BAQsFAAOCAQEArRwKnegnfbmxUrIW47+xDze2i5hiRS6pB5o0
z9GVyQpJ8L6WcP9Yur+wEosCpAEcl/KV+v+2JJH06MT/cGkLwK1yOkzALBQtbd4S
uP+KG8Tiy6+6MFSapBrwqHHVF7kqDiQfSRC8/nSn5vdlxSQpkH8Yk1C9x5Zjaobv
phm0YBCGigG1DTv6EmsfdoqbJyL2c77dbsAdjp/th13ZzPxbo/EomUBcWqG52w+k
ibnKmP2W1B9u9cgc+NwcQFx+WCe6KZgYEKmkFTHtEXALo+m7tYp31amu9odE66Js
D7GhT98gfOH/pBHLdcD4PmMpJGfKlSsFEO/dN4Hkp292fupmuA==
-----END CERTIFICATE-----
Generated at Fri May 9 12:36:26 2025 by rpki-client