Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b61821-4c64-448c-91eb-241e2326e11e.roa
File: a8b61821-4c64-448c-91eb-241e2326e11e.roa (raw, json)
Hash identifier: ysv6sf6jXNK+CJuXuoDJKEgYL7UKvvtHGrr6RaAoPa4=
Subject key identifier: 1F:86:A2:E8:D3:03:8C:B0:30:8E:8C:C5:81:4E:B9:44:A2:7E:17:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 346809E9A8AEA2205CED9F1AC7B521D64423DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b61821-4c64-448c-91eb-241e2326e11e.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:68:09:e9:a8:ae:a2:20:5c:ed:9f:1a:c7:b5:21:d6:44:23:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:67:d4:e2:d5:73:bc:98:9d:02:20:8e:bb:
86:19:1a:10:25:e0:31:06:52:f8:ed:f9:c9:5c:af:
77:1c:03:66:ee:93:60:bd:10:a6:85:a9:c1:db:ce:
d6:bf:e6:96:2b:69:d7:13:d6:7b:2f:b6:5a:d4:60:
3c:e8:6f:91:be:1f:e2:6e:7c:39:97:45:cc:bf:07:
90:cb:dc:8a:83:a5:95:88:eb:88:65:06:38:c0:10:
16:f0:47:5a:43:38:ed:70:69:8d:75:91:54:26:1c:
da:fc:61:c6:68:33:48:c7:f4:1b:ec:aa:ec:89:8a:
2f:ff:48:18:6a:0e:5b:21:66:c7:5a:22:c9:c2:3e:
3e:31:2b:32:d9:ba:bd:01:c6:a2:94:9e:b4:ab:8c:
39:e5:4a:6d:1f:e2:23:eb:7e:83:c6:11:a8:62:90:
d4:50:fa:fc:86:ac:e6:76:bb:9e:3c:df:3e:75:6a:
a6:48:49:79:80:bf:33:f6:28:ba:8f:9d:f1:13:18:
fd:c4:bb:8b:89:bb:cb:28:11:33:2a:9b:8e:70:65:
e0:63:2e:18:b0:5d:c4:b1:7a:5f:fd:26:8b:a1:51:
0c:08:07:17:9c:87:40:a2:d2:2c:d0:50:bf:d7:98:
91:c7:20:68:37:ea:e6:d9:ba:4c:12:43:a4:a4:9a:
6a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:86:A2:E8:D3:03:8C:B0:30:8E:8C:C5:81:4E:B9:44:A2:7E:17:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b61821-4c64-448c-91eb-241e2326e11e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
5f:c1:bb:1b:3f:70:08:bf:9d:53:fe:bf:f7:73:c3:d5:52:1b:
3c:57:1f:46:de:82:26:52:fc:e1:b0:bc:2c:54:f3:e5:cd:1c:
03:f3:b4:04:37:3c:8e:1f:a8:cd:a2:be:72:c9:a9:7b:e1:b0:
d6:dd:78:08:28:3a:12:44:60:9c:fb:fa:91:f3:46:cc:2e:50:
7d:94:29:ed:f8:da:66:9e:b0:31:d2:0e:f1:ad:23:2d:90:a3:
96:75:b7:44:06:d3:d2:27:fe:3f:a4:1b:fa:4e:82:d3:70:f8:
c5:8e:2f:41:0d:46:45:d5:c0:f9:c9:e5:27:21:09:18:76:a0:
04:52:28:2d:88:a2:4e:cd:39:e0:c5:c8:13:df:6f:d2:a4:a0:
56:c9:1f:a7:2b:6a:c8:7c:cc:13:bb:a2:67:e3:5f:6c:30:ea:
ac:28:6e:fb:b3:50:ba:41:63:b5:2a:ff:74:f4:96:5b:45:26:
8a:94:a0:97:86:8a:42:5f:c6:8a:7e:ec:6f:56:86:7a:c6:35:
1b:57:14:65:9e:b5:73:51:29:9f:e7:64:53:39:19:b7:ae:96:
01:de:60:e7:ad:da:d9:dc:c8:4f:9e:14:6c:f8:38:d5:85:21:
b5:1d:87:c2:a7:1a:09:b4:a5:fe:09:cb:81:c3:0d:ed:44:71:
49:51:d5:08
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITNGgJ6aiuoiBc7Z8ax7Uh1kQj3TANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI0MTIxMzAwMDAwMFoXDTI1MDExNzIzNTk1OVowejFJMEcGA1UE
BRNAMDg4YjEyMDQwOWJiMmNjYjM4MDg4MjcyYjU1NjA1NWFiYzMxNzgzODExZDk1
ODM5M2FhYjY4MWU5NTk5ZDY5ODEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq6hn1OLVc7yYnQIgjruGGRoQJeAxBlL47fnJXK93HANm7pNgvRCmhanB287W
v+aWK2nXE9Z7L7Za1GA86G+Rvh/ibnw5l0XMvweQy9yKg6WViOuIZQY4wBAW8Eda
QzjtcGmNdZFUJhza/GHGaDNIx/Qb7KrsiYov/0gYag5bIWbHWiLJwj4+MSsy2bq9
AcailJ60q4w55UptH+Ij636DxhGoYpDUUPr8hqzmdruePN8+dWqmSEl5gL8z9ii6
j53xExj9xLuLibvLKBEzKpuOcGXgYy4YsF3EsXpf/SaLoVEMCAcXnIdAotIs0FC/
15iRxyBoN+rm2bpMEkOkpJpqNQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFB+GoujT
A4ywMI6MxYFOuUSifhcLMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy9h
OGI2MTgyMS00YzY0LTQ0OGMtOTFlYi0yNDFlMjMyNmUxMWUucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgEFeBQw
DQYJKoZIhvcNAQELBQADggEBAF/Buxs/cAi/nVP+v/dzw9VSGzxXH0begiZS/OGw
vCxU8+XNHAPztAQ3PI4fqM2ivnLJqXvhsNbdeAgoOhJEYJz7+pHzRswuUH2UKe34
2maesDHSDvGtIy2Qo5Z1t0QG09In/j+kG/pOgtNw+MWOL0ENRkXVwPnJ5SchCRh2
oARSKC2Iok7NOeDFyBPfb9KkoFbJH6crash8zBO7omfjX2ww6qwobvuzULpBY7Uq
/3T0lltFJoqUoJeGikJfxop+7G9WhnrGNRtXFGWetXNRKZ/nZFM5GbeulgHeYOet
2tncyE+eFGz4ONWFIbUdh8KnGgm0pf4Jy4HDDe1EcUlR1Qg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:41 2025 by rpki-client