Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
File: 90388c93-39d3-4cb9-9baa-867b601facea.roa (raw, json)
Hash identifier: zeqjRVPeoPmyi1ZCuCTezjHdfObYhXav/xzk3LNWhMs=
Subject key identifier: 7A:8A:17:E6:C4:E3:87:8F:13:4F:D5:DB:9E:9F:59:59:0F:3E:13:AB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1433353B32EF86D38A4F89E2496B13E8D68647E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:33:35:3b:32:ef:86:d3:8a:4f:89:e2:49:6b:13:e8:d6:86:47:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:46:d9:5b:75:f4:7a:af:4d:f4:4a:3b:7d:4f:
83:97:5c:88:9b:8b:b4:15:4d:5f:cc:b1:f5:4a:92:
22:23:d1:26:0d:2b:14:cb:15:d6:fe:9c:e0:46:fb:
4f:7b:66:77:a7:c7:0a:44:90:3e:02:e5:35:fc:f8:
42:6a:b4:44:a3:95:db:b7:aa:a4:12:50:98:72:32:
78:08:62:22:2f:58:5d:5c:58:fb:de:d0:d6:df:20:
50:bb:70:7d:56:81:98:db:92:e7:82:cf:06:ad:43:
e9:b7:ab:53:c2:15:a8:ca:19:35:8a:bc:e2:ea:2f:
53:54:5a:49:cf:5e:43:4e:45:87:58:d5:37:96:ab:
da:88:b2:4d:b0:3f:94:66:2c:6b:c3:59:e8:b2:2a:
5f:39:4e:06:ba:3e:06:ac:43:9a:61:6c:61:cb:35:
47:29:71:5d:82:77:cd:66:8d:80:3d:cf:70:7f:2d:
a7:63:49:f3:26:3b:8d:32:e2:90:7d:43:b4:cf:f0:
39:e8:22:1d:51:f9:b3:68:1e:80:5e:b0:51:87:27:
d3:0d:a9:88:09:dd:72:99:aa:33:3b:5f:44:9d:85:
1d:fe:ed:38:d4:ea:ed:da:a1:00:cd:2a:31:64:52:
05:43:06:0a:9d:2d:fb:96:d7:d5:2f:e1:80:56:ed:
ab:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:8A:17:E6:C4:E3:87:8F:13:4F:D5:DB:9E:9F:59:59:0F:3E:13:AB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
8e:45:bb:a7:01:5c:e1:49:3c:e3:90:4a:c8:1d:09:ae:ad:8d:
17:fc:ba:38:4b:ec:95:09:cd:dc:c9:30:c3:99:fc:2f:bd:42:
3f:5d:6a:8c:27:6d:ed:dc:30:24:8c:fa:38:d6:da:32:c6:c5:
6d:f8:a0:c1:a1:d9:8d:7f:7c:08:01:5d:7b:28:53:a3:01:08:
5c:f1:23:f0:9e:a3:ed:69:1e:58:42:9f:55:7d:a0:b8:91:e9:
b1:86:f9:e2:f2:dc:fb:d4:bd:17:c5:8e:f3:b1:46:64:e4:94:
15:0b:8c:20:50:fb:3c:c4:0e:79:9f:6c:d1:60:db:48:7a:e4:
47:60:b6:18:bb:75:5d:fb:55:4c:6e:c3:fb:1d:0c:ac:3b:ee:
06:3a:19:e3:18:f0:93:1d:d9:bd:6c:d8:43:2a:b1:a9:eb:73:
a0:da:bd:da:41:60:df:1c:96:33:ed:e4:5a:b8:eb:c8:0b:70:
dc:be:9c:9b:82:2d:75:33:48:ed:11:52:c4:3f:25:0c:b5:b8:
e3:0f:95:92:44:05:66:cb:cd:39:31:88:12:7d:ac:65:9f:76:
fc:e1:57:8c:a5:be:90:5c:c8:e8:b1:dc:fc:d5:9c:41:bc:2c:
7e:84:98:17:fc:40:6d:f9:9e:98:8d:79:b2:77:26:3f:46:df:
dd:ee:50:7b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUFDM1OzLvhtOKT4niSWsT6NaGR+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNDkyYTA2NDZlYmUyMDNmYTBlOTUwMmUzNjU5ZGNlYWU4ZmRmZTE3OGQ1
OGQwNGY4OTVmYTdjYWVjNjdiMjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxG2Vt19HqvTfRKO31Pg5dciJuLtBVNX8yx9UqSIiPRJg0rFMsV1v6c4Eb7
T3tmd6fHCkSQPgLlNfz4Qmq0RKOV27eqpBJQmHIyeAhiIi9YXVxY+97Q1t8gULtw
fVaBmNuS54LPBq1D6berU8IVqMoZNYq84uovU1RaSc9eQ05Fh1jVN5ar2oiyTbA/
lGYsa8NZ6LIqXzlOBro+BqxDmmFsYcs1RylxXYJ3zWaNgD3PcH8tp2NJ8yY7jTLi
kH1DtM/wOegiHVH5s2gegF6wUYcn0w2piAndcpmqMztfRJ2FHf7tONTq7dqhAM0q
MWRSBUMGCp0t+5bX1S/hgFbtq0UCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR6ihfm
xOOHjxNP1duen1lZDz4TqzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTAzODhjOTMtMzlkMy00Y2I5LTliYWEtODY3YjYwMWZhY2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAI5Fu6cBXOFJPOOQSsgdCa6tjRf8ujhL7JUJzdzJ
MMOZ/C+9Qj9daownbe3cMCSM+jjW2jLGxW34oMGh2Y1/fAgBXXsoU6MBCFzxI/Ce
o+1pHlhCn1V9oLiR6bGG+eLy3PvUvRfFjvOxRmTklBULjCBQ+zzEDnmfbNFg20h6
5Edgthi7dV37VUxuw/sdDKw77gY6GeMY8JMd2b1s2EMqsanrc6DavdpBYN8cljPt
5Fq468gLcNy+nJuCLXUzSO0RUsQ/JQy1uOMPlZJEBWbLzTkxiBJ9rGWfdvzhV4yl
vpBcyOix3PzVnEG8LH6EmBf8QG35npiNebJ3Jj9G393uUHs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:08:44 2025 by rpki-client