Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
File: 97deaf2e-9439-42f2-812d-4cd489ce3cab.roa (raw, json)
Hash identifier: cTI+fKnmSLs+ZiBw3pIh1GGwq5YpArk7KRhmUBNCGuc=
Subject key identifier: B4:A6:3D:CB:6F:00:E2:8B:39:78:C2:41:EE:CF:2D:8B:76:36:A9:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A32BAC88B2368D108DC2C43A66F998252CE38C2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:32:ba:c8:8b:23:68:d1:08:dc:2c:43:a6:6f:99:82:52:ce:38:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:df:6d:b7:8d:ef:6e:5e:d5:48:ff:c3:cd:96:
4a:a3:7f:7f:3a:cc:6f:7b:14:da:51:45:80:d1:e5:
ce:3f:98:66:58:ab:bf:d7:e0:01:be:55:04:bd:4f:
d6:9a:ab:28:4b:47:48:0e:53:a5:93:46:c6:e3:f0:
c3:7f:3a:90:8b:7d:4c:20:e9:bc:a9:3f:48:35:81:
c0:6f:2f:cd:6d:4e:41:23:68:2a:f3:77:71:1a:11:
fd:8d:14:62:6f:c9:fa:8f:07:99:d0:f8:bc:c9:f5:
66:b8:d5:11:b3:85:a4:e1:72:ae:55:00:6f:b2:56:
f4:26:02:f6:e8:27:a1:dd:9e:b7:77:2f:93:9f:2c:
6f:77:c3:7a:f9:71:f6:e4:56:46:9a:12:36:90:37:
0d:36:3c:c2:95:8d:8d:31:5f:2a:28:3c:75:5a:14:
3b:b7:01:20:f3:e9:4d:d5:e6:23:46:80:51:f4:ce:
77:9a:5f:e7:5a:39:45:f3:62:80:f0:1d:31:70:2a:
42:19:81:0b:f2:30:4e:d7:e6:f3:68:d3:62:e9:96:
8d:90:89:3a:b1:55:ed:02:c2:dc:56:85:83:9c:ac:
5d:f0:b5:a1:c8:0e:a0:ac:9d:be:4f:fc:63:87:9c:
c1:d2:2a:65:96:49:a8:04:1f:d4:d4:20:dc:21:86:
ed:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A6:3D:CB:6F:00:E2:8B:39:78:C2:41:EE:CF:2D:8B:76:36:A9:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
53:1a:4e:35:b9:65:5e:56:c9:28:e2:fb:08:8b:c8:09:83:2a:
53:6b:1e:25:d6:cf:92:4b:f1:14:24:b2:6e:81:33:60:b6:99:
1e:2a:fc:29:4f:3b:76:6d:7e:fd:5b:03:ce:ff:aa:42:82:17:
f3:ae:65:2a:8b:70:06:4a:c0:0f:e1:97:20:9c:e5:b7:d0:f0:
bc:e4:ef:c9:12:d5:48:b1:c7:45:d3:1a:01:72:d6:45:74:12:
80:28:2c:55:6a:36:63:f6:e9:3b:c2:84:55:c9:14:13:80:83:
37:81:c5:e1:a7:83:37:4c:05:c0:3c:d9:dd:38:1a:78:1b:44:
a4:c6:d8:c8:0e:f7:60:a1:d9:dd:a3:1e:a7:e6:61:34:fc:3b:
19:d5:8b:73:d1:eb:b4:89:72:cc:b7:4b:9a:cf:b1:37:0f:fc:
eb:e9:63:40:eb:5d:78:cf:e9:bd:82:b7:5e:e5:2e:50:12:91:
47:22:f3:b6:24:8e:c6:4e:a4:11:12:b5:d9:73:dc:aa:04:c9:
e7:af:9a:91:b6:15:11:a8:d4:c4:bc:46:a3:3e:98:e7:3e:ce:
a6:8f:26:39:80:fe:ef:8c:93:58:ec:e5:44:0d:8c:38:7b:5d:
7f:63:31:3d:66:97:8d:be:45:33:01:d1:cb:0a:13:3c:9b:54:
ab:bb:9d:46
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSjK6yIsjaNEI3CxDpm+ZglLOOMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkOTFiNDAzZjBlYTBmMjFjZGRhMTJhZTM5NDBjZDk1ZDExYjhiNjI3ZjFj
N2Y4NWM2MWJkZDk3ZTZkYzBmNWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXfbbeN725e1Uj/w82WSqN/fzrMb3sU2lFFgNHlzj+YZlirv9fgAb5VBL1P
1pqrKEtHSA5TpZNGxuPww386kIt9TCDpvKk/SDWBwG8vzW1OQSNoKvN3cRoR/Y0U
Ym/J+o8HmdD4vMn1ZrjVEbOFpOFyrlUAb7JW9CYC9ugnod2et3cvk58sb3fDevlx
9uRWRpoSNpA3DTY8wpWNjTFfKig8dVoUO7cBIPPpTdXmI0aAUfTOd5pf51o5RfNi
gPAdMXAqQhmBC/IwTtfm82jTYumWjZCJOrFV7QLC3FaFg5ysXfC1ocgOoKydvk/8
Y4ecwdIqZZZJqAQf1NQg3CGG7fsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS0pj3L
bwDiizl4wkHuzy2LdjapVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTdkZWFmMmUtOTQzOS00MmYyLTgxMmQtNGNkNDg5Y2UzY2FiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUxpONbllXlbJKOL7CIvICYMqU2seJdbPkkvxFCSy
boEzYLaZHir8KU87dm1+/VsDzv+qQoIX865lKotwBkrAD+GXIJzlt9DwvOTvyRLV
SLHHRdMaAXLWRXQSgCgsVWo2Y/bpO8KEVckUE4CDN4HF4aeDN0wFwDzZ3TgaeBtE
pMbYyA73YKHZ3aMep+ZhNPw7GdWLc9HrtIlyzLdLms+xNw/86+ljQOtdeM/pvYK3
XuUuUBKRRyLztiSOxk6kERK12XPcqgTJ56+akbYVEajUxLxGoz6Y5z7Opo8mOYD+
74yTWOzlRA2MOHtdf2MxPWaXjb5FMwHRywoTPJtUq7udRg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:30 2025 by rpki-client