Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9792ad79-8b80-43b9-8574-bf0d7945ed45.roa
File: 9792ad79-8b80-43b9-8574-bf0d7945ed45.roa (raw, json)
Hash identifier: KTKaRiTRkvFZhPbzh3/ZKqE5ep3mmQwKHsJEQFteQWY=
Subject key identifier: 4A:35:84:91:01:54:4A:CB:26:F5:B2:3C:C1:76:32:85:55:2D:38:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A90C9B2515956CB3681C70947956EE83C3811B4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9792ad79-8b80-43b9-8574-bf0d7945ed45.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:90:c9:b2:51:59:56:cb:36:81:c7:09:47:95:6e:e8:3c:38:11:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e4:f7:b1:a5:80:7e:8f:b2:39:26:30:9d:4a:
e3:76:4d:bb:c0:c6:01:c8:48:43:a8:bb:15:5d:59:
25:3d:37:6d:44:8b:a0:e3:16:1a:99:5d:a5:e4:e7:
42:58:85:3c:72:d8:41:50:6b:36:b1:c1:a6:55:34:
a3:ea:d0:9c:f2:d6:e0:4f:23:28:4e:2e:b7:98:db:
5c:4f:b1:26:05:f9:03:30:c6:f2:30:05:7e:85:eb:
8f:71:48:92:bb:ac:8e:3f:a4:40:04:99:e1:0f:68:
df:ae:2e:ee:b5:17:10:9f:25:47:ce:43:9d:f1:6d:
7c:27:6d:2e:33:e5:b7:1c:61:de:9a:dc:0a:73:50:
5f:79:7c:6b:39:88:87:ff:5d:99:f6:b8:b1:32:8c:
96:44:03:46:f1:7a:a5:c7:94:42:95:c3:06:65:57:
c2:25:ac:4b:2d:21:96:42:7e:63:89:60:88:a2:84:
5c:a7:8a:74:bb:d0:67:55:f2:40:36:f5:3e:14:ce:
fa:4a:5e:3c:95:a9:95:b3:a5:b1:11:7e:ac:c1:c4:
22:29:20:a6:36:37:5c:f3:02:cb:4c:10:27:9d:80:
11:7f:95:88:e4:de:d7:85:cd:3a:9a:62:4a:33:6d:
c9:62:d9:c2:1a:08:71:ee:a9:49:c6:11:04:e2:8a:
4c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:35:84:91:01:54:4A:CB:26:F5:B2:3C:C1:76:32:85:55:2D:38:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9792ad79-8b80-43b9-8574-bf0d7945ed45.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cd:36:80:78:52:3e:46:06:7d:93:f8:bc:80:76:7c:4c:f6:7a:
72:e7:37:4a:10:7a:2e:7b:89:06:57:e3:f7:58:29:42:c5:32:
e5:8a:5f:8b:22:17:76:46:38:08:b6:1d:9d:f4:99:6c:f9:97:
58:42:1d:06:5a:dd:ce:74:11:43:bb:ae:65:f2:71:59:d7:2d:
07:fc:d8:43:f5:89:2c:7c:4c:83:13:11:8c:73:23:01:72:d1:
cb:6a:63:9d:93:ca:cf:28:ce:78:de:38:4d:5a:b0:a6:ad:bb:
28:0f:d4:97:93:01:68:70:0e:07:48:a6:f4:5d:13:d1:df:8a:
54:98:4a:d1:0c:7c:08:e6:4d:62:ee:b5:55:b9:ff:06:95:e9:
8b:40:68:e3:9c:85:26:93:4c:13:18:92:be:0a:45:53:5d:8d:
df:93:8b:84:28:66:a3:f2:db:c0:0f:3c:35:c9:5e:72:79:1c:
2f:eb:a4:14:b8:9d:25:d7:59:06:5b:4f:03:ad:37:dd:d7:47:
e1:f2:21:d1:b8:46:d7:cf:62:bc:0b:12:d4:68:82:52:a0:80:
ff:cc:4b:e3:e6:9f:eb:9e:8e:86:bf:53:da:74:c6:b2:95:44:
1d:a3:39:5e:a1:67:05:88:c5:2b:e3:a4:95:6b:d3:76:ef:bf:
dd:2c:53:af
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCpDJslFZVss2gccJR5Vu6Dw4EbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlZWIzYmIxM2MwODM4NjgxOThiY2ZmODNiZjQ4MmJkMzg1NjE3Y2M3M2I1
NDE2NGRhNzQ0YjU2MjhmM2ZkYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDk97GlgH6PsjkmMJ1K43ZNu8DGAchIQ6i7FV1ZJT03bUSLoOMWGpldpeTn
QliFPHLYQVBrNrHBplU0o+rQnPLW4E8jKE4ut5jbXE+xJgX5AzDG8jAFfoXrj3FI
krusjj+kQASZ4Q9o364u7rUXEJ8lR85DnfFtfCdtLjPltxxh3prcCnNQX3l8azmI
h/9dmfa4sTKMlkQDRvF6pceUQpXDBmVXwiWsSy0hlkJ+Y4lgiKKEXKeKdLvQZ1Xy
QDb1PhTO+kpePJWplbOlsRF+rMHEIikgpjY3XPMCy0wQJ52AEX+ViOTe14XNOppi
SjNtyWLZwhoIce6pScYRBOKKTF0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRKNYSR
AVRKyyb1sjzBdjKFVS04LzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc5MmFkNzktOGI4MC00M2I5LTg1NzQtYmYwZDc5NDVlZDQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQDNNoB4Uj5GBn2T+LyAdnxM9npy5zdKEHoue4kGV+P3
WClCxTLlil+LIhd2RjgIth2d9Jls+ZdYQh0GWt3OdBFDu65l8nFZ1y0H/NhD9Yks
fEyDExGMcyMBctHLamOdk8rPKM543jhNWrCmrbsoD9SXkwFocA4HSKb0XRPR34pU
mErRDHwI5k1i7rVVuf8GlemLQGjjnIUmk0wTGJK+CkVTXY3fk4uEKGaj8tvADzw1
yV5yeRwv66QUuJ0l11kGW08DrTfd10fh8iHRuEbXz2K8CxLUaIJSoID/zEvj5p/r
no6Gv1PadMaylUQdozleoWcFiMUr46SVa9N277/dLFOv
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:37 2025 by rpki-client