Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa
File: ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa (raw, json)
Hash identifier: ra6IQ2AAwtuBJj4h3PvKPUcQy9kA4R7oSBN7kLOolpo=
Subject key identifier: 9F:B4:A7:13:D9:E5:01:09:45:A2:D9:2A:A7:E2:F4:F5:17:03:39:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A425F2FE3FE2D4078A9ECFB2F6DCF5C63CD4D86
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:42:5f:2f:e3:fe:2d:40:78:a9:ec:fb:2f:6d:cf:5c:63:cd:4d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:24:23:97:f7:25:b5:e9:66:07:03:f9:ed:e5:
ae:99:75:b1:f6:67:37:85:3e:7f:2e:fd:c5:40:16:
5d:48:5d:2c:52:78:a5:89:07:ee:d9:47:86:81:ed:
e2:74:dc:bb:e7:6d:3b:d9:db:4e:6f:13:8a:c7:9b:
ac:5a:bc:cc:ec:03:6b:74:88:ee:f1:5b:44:d1:43:
b4:e3:0b:58:aa:8e:0b:75:d0:fd:39:18:61:8c:ec:
d6:24:e7:4f:1f:1f:44:84:d3:19:44:3f:50:38:95:
bc:69:3c:fe:a0:4d:82:7c:c5:a3:af:5f:13:1a:8f:
9b:dc:97:e4:c4:91:29:ab:56:87:bf:3b:a8:8f:a1:
ea:7f:6f:9b:4e:4d:8e:b1:9a:8c:3c:19:0b:b5:0e:
cd:c1:ec:95:a1:86:56:06:fc:8c:a5:e5:30:01:07:
a2:4f:f6:5b:ab:05:f0:93:90:0e:ab:96:73:31:67:
7c:ba:7c:e9:dd:64:ae:87:ec:99:22:cf:6b:91:82:
a6:3f:a7:59:45:58:27:5c:71:bf:78:ad:34:35:6a:
ea:bc:a3:e0:d1:6b:4e:aa:0f:7f:43:d9:83:11:49:
8b:d1:dc:78:0f:b6:98:52:a4:2b:43:a3:04:23:9c:
5c:c3:53:18:fc:01:05:fd:4c:d3:58:e6:65:b8:82:
b2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B4:A7:13:D9:E5:01:09:45:A2:D9:2A:A7:E2:F4:F5:17:03:39:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:86:1e:a2:d8:21:f0:c8:0e:e2:1c:94:94:e1:34:14:a4:37:
73:66:fb:9d:a5:66:78:35:27:a3:46:ec:12:3e:b3:8f:b8:00:
d6:39:53:1b:c8:88:c1:92:e8:17:a0:5d:c5:d6:7d:a3:5d:fa:
f3:48:87:8d:61:8a:4d:65:e1:62:09:d3:dd:5a:12:d0:8d:53:
44:2f:b0:dd:22:6f:c7:53:6f:c6:7e:f4:76:61:01:97:31:52:
af:0b:cd:b4:24:84:f0:54:9f:27:49:15:c1:38:64:f1:5d:c7:
de:71:74:5a:ba:d9:46:12:f1:ae:f8:ed:5a:38:b7:ce:b6:76:
d6:ed:14:ab:b9:55:25:e1:dc:cc:76:05:d6:7d:34:01:66:dc:
8c:09:2c:2a:76:9d:87:2c:ef:34:db:c3:85:10:15:da:f1:9f:
3b:be:86:96:ac:f5:a5:40:81:39:83:15:be:91:16:95:7c:1c:
22:0e:1c:43:01:65:7c:3c:e4:83:53:11:b2:94:df:ef:73:77:
ad:58:6c:fb:e8:63:1e:c8:59:af:a6:41:c4:11:0a:58:23:eb:
52:de:85:86:91:1a:10:fd:1d:b3:67:98:d1:df:a0:1b:40:a6:
05:01:0d:fe:b4:f7:6a:3e:f1:b7:b7:7b:c9:e7:40:0c:2e:b1:
14:26:43:b2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOkJfL+P+LUB4qez7L23PXGPNTYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZTY3YmJiMzFiZTQxN2RhNmE5MzM1NzBjNDQzMGU5MGJmMmYzZDY0YmE1
Njg1NzdkZjUwZTQ2ZmIxZTA0MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwkI5f3JbXpZgcD+e3lrpl1sfZnN4U+fy79xUAWXUhdLFJ4pYkH7tlHhoHt
4nTcu+dtO9nbTm8TisebrFq8zOwDa3SI7vFbRNFDtOMLWKqOC3XQ/TkYYYzs1iTn
Tx8fRITTGUQ/UDiVvGk8/qBNgnzFo69fExqPm9yX5MSRKatWh787qI+h6n9vm05N
jrGajDwZC7UOzcHslaGGVgb8jKXlMAEHok/2W6sF8JOQDquWczFnfLp86d1krofs
mSLPa5GCpj+nWUVYJ1xxv3itNDVq6ryj4NFrTqoPf0PZgxFJi9HceA+2mFKkK0Oj
BCOcXMNTGPwBBf1M01jmZbiCsmkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSftKcT
2eUBCUWi2Sqn4vT1FwM5pTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWIzYzhlZWUtM2MwYi00M2MzLTkxMmEtYzMxOGM0NjUwNGFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQA2hh6i2CHwyA7iHJSU4TQUpDdzZvudpWZ4NSejRuwS
PrOPuADWOVMbyIjBkugXoF3F1n2jXfrzSIeNYYpNZeFiCdPdWhLQjVNEL7DdIm/H
U2/GfvR2YQGXMVKvC820JITwVJ8nSRXBOGTxXcfecXRautlGEvGu+O1aOLfOtnbW
7RSruVUl4dzMdgXWfTQBZtyMCSwqdp2HLO8028OFEBXa8Z87voaWrPWlQIE5gxW+
kRaVfBwiDhxDAWV8POSDUxGylN/vc3etWGz76GMeyFmvpkHEEQpYI+tS3oWGkRoQ
/R2zZ5jR36AbQKYFAQ3+tPdqPvG3t3vJ50AMLrEUJkOy
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:56 2025 by rpki-client