Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
File: 8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa (raw, json)
Hash identifier: 5SJMmeFWFPamyyIbP+le3gUGj02kp7lfA8Mr1clNJ2g=
Subject key identifier: CD:B4:98:31:9C:A2:9D:DD:F9:4F:59:9F:C2:12:D9:4F:A5:73:4A:F4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 09565291B9437CB7C674AF7D55B2F02F575040D1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:56:52:91:b9:43:7c:b7:c6:74:af:7d:55:b2:f0:2f:57:50:40:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f0:9a:27:bc:b2:d1:52:39:c3:70:0c:12:d0:
99:31:47:6e:40:83:79:02:81:58:6a:30:5b:e2:d7:
4c:f2:3e:f0:86:0e:6d:8f:28:2e:ee:39:b1:43:0b:
43:61:99:4d:96:c8:8b:93:dc:32:97:e3:4b:4f:5f:
c0:18:c3:97:56:7f:15:8a:8d:07:34:75:79:15:14:
05:db:c3:fc:c6:85:45:d1:68:de:1a:d9:30:48:ab:
2a:6a:ef:09:c9:cc:9b:60:c4:7c:d9:86:a6:eb:f6:
da:15:9c:2e:4f:e1:31:ac:53:c9:70:d1:d6:54:e6:
c5:c5:d8:28:82:01:f8:fb:0f:0c:fc:89:57:ba:3d:
97:08:cb:db:82:c2:53:11:9b:08:26:54:0a:40:25:
4d:be:c0:a3:95:4d:4b:b6:38:29:3d:6c:58:ec:45:
22:dc:2e:33:a6:b6:42:e3:e3:92:a6:c1:c7:e9:9c:
d0:ef:0f:95:98:ae:3b:47:70:ef:db:6e:a9:b5:ce:
4f:5b:c9:f5:63:78:fb:bd:ab:de:ec:e4:7a:d3:90:
55:bf:3a:b9:d9:4d:b0:95:32:ec:54:a6:6a:73:04:
75:ba:ee:0f:1e:87:26:2b:cf:03:c1:a1:d2:08:60:
bf:ad:98:a0:03:2d:06:09:c8:79:00:16:24:62:62:
bf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B4:98:31:9C:A2:9D:DD:F9:4F:59:9F:C2:12:D9:4F:A5:73:4A:F4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:b0:3b:1e:e1:f2:69:97:57:ed:11:b9:cb:68:7b:f4:c1:89:
c8:6c:32:9b:e4:f2:05:9a:cd:70:b5:d6:a8:bf:43:88:aa:52:
a8:58:b0:0a:6c:de:e8:e5:15:62:88:76:75:9c:d1:f7:8d:3e:
64:cf:55:6e:24:49:29:9f:c6:6b:ed:f1:73:ec:c5:7f:2c:3f:
75:ca:04:c7:3f:bf:12:a4:22:2c:c1:1e:e5:ee:27:18:3e:0f:
d1:15:30:0b:72:4f:0c:0f:76:8b:ca:9b:d9:06:02:d8:84:71:
ce:12:0e:e5:23:95:51:57:74:dc:f6:f7:3e:a7:4e:26:12:93:
73:ef:05:55:4c:00:0f:84:a4:f8:b1:d1:8a:a6:01:f3:08:4b:
7b:e1:2b:61:d1:bb:dd:ae:64:64:cd:81:b6:a6:97:6e:68:ef:
10:41:d3:cc:54:ff:18:56:0d:f1:35:d4:53:25:2c:69:55:2c:
d5:85:8a:bd:cc:d1:d1:e6:b5:1e:11:73:ee:ca:5e:df:c5:1f:
af:c1:ba:8c:e4:8c:21:8b:74:a4:06:b7:4c:b0:09:56:e5:fa:
2b:9f:36:95:4d:06:cf:7d:ab:1c:c7:72:0d:ad:35:70:39:58:
8c:b5:92:04:42:1f:07:99:58:58:c4:45:bf:c6:bf:19:bf:dd:
f9:4c:7a:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCVZSkblDfLfGdK99VbLwL1dQQNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjZTM0NTgwMjUxMDIzN2JmM2E4MzFmYTA3ODUwMmMxOWQ1YmNkNjI3YjVj
ZjYwNjNhYjIzZDYyOTFlMzVlOTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbwmie8stFSOcNwDBLQmTFHbkCDeQKBWGowW+LXTPI+8IYObY8oLu45sUML
Q2GZTZbIi5PcMpfjS09fwBjDl1Z/FYqNBzR1eRUUBdvD/MaFRdFo3hrZMEirKmrv
CcnMm2DEfNmGpuv22hWcLk/hMaxTyXDR1lTmxcXYKIIB+PsPDPyJV7o9lwjL24LC
UxGbCCZUCkAlTb7Ao5VNS7Y4KT1sWOxFItwuM6a2QuPjkqbBx+mc0O8PlZiuO0dw
79tuqbXOT1vJ9WN4+72r3uzketOQVb86udlNsJUy7FSmanMEdbruDx6HJivPA8Gh
0ghgv62YoAMtBgnIeQAWJGJiv4ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNtJgx
nKKd3flPWZ/CEtlPpXNK9DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGYxNGYwY2UtYjVlOC00ZTIyLWE1YjEtZTQ3YTNiZDc3YjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQA3sDse4fJpl1ftEbnLaHv0wYnIbDKb5PIFms1wtdao
v0OIqlKoWLAKbN7o5RViiHZ1nNH3jT5kz1VuJEkpn8Zr7fFz7MV/LD91ygTHP78S
pCIswR7l7icYPg/RFTALck8MD3aLypvZBgLYhHHOEg7lI5VRV3Tc9vc+p04mEpNz
7wVVTAAPhKT4sdGKpgHzCEt74Sth0bvdrmRkzYG2ppduaO8QQdPMVP8YVg3xNdRT
JSxpVSzVhYq9zNHR5rUeEXPuyl7fxR+vwbqM5Iwhi3SkBrdMsAlW5fornzaVTQbP
fascx3INrTVwOViMtZIEQh8HmVhYxEW/xr8Zv935THp1
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:45:27 2025 by rpki-client