Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
File: ac4c449e-69e4-45a7-85e4-1915d006207d.roa (raw, json)
Hash identifier: xMxmtJIJ95hLDpClZx7F1ko5JRyaRDEDrFxxuV3rgDY=
Subject key identifier: 88:2F:9A:64:EF:BD:21:F3:83:56:F3:52:33:76:0C:44:E8:CF:0B:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7734C1A7F764EB5CCA7C1C2C049DF16665C527D9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:34:c1:a7:f7:64:eb:5c:ca:7c:1c:2c:04:9d:f1:66:65:c5:27:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a3:fd:3f:06:58:4f:a4:ef:c3:6c:f6:7d:57:
8b:97:59:27:f9:27:8a:2e:ba:db:36:55:c4:93:94:
16:d8:81:d8:ff:cb:37:e4:33:f5:70:ae:2a:a5:ce:
65:88:47:ae:dd:8e:0f:40:37:f3:00:0d:1a:c7:bc:
ee:69:a5:33:5a:c2:20:1a:e7:e7:8d:2e:7f:0b:79:
e7:47:46:d0:3f:4b:79:10:e7:9a:fe:d9:32:ae:34:
38:54:df:ad:81:68:e7:c7:c3:54:93:f2:b0:f3:70:
26:49:5f:ee:e9:66:ae:0b:b3:77:cb:48:85:f2:a4:
a5:3e:b2:c7:75:2f:74:e5:c6:dd:0f:6f:09:72:48:
1e:ab:e9:14:16:47:14:c1:bf:fe:26:16:35:fe:9a:
ca:c2:6f:20:df:1e:77:aa:b3:08:29:ee:f5:76:6c:
ef:65:37:40:f4:53:09:b3:b3:b0:c4:0b:65:a5:50:
c8:0f:ff:d6:de:b5:2a:32:35:a4:69:5a:32:30:ab:
be:a5:ae:dd:17:93:fa:59:c7:f7:8a:f7:a6:68:ba:
e9:68:bf:91:9e:df:9d:a2:fb:e4:be:89:38:f0:0c:
f0:89:5e:e6:cd:3e:94:47:21:3f:7e:12:ea:38:cf:
e7:54:c8:41:01:b4:07:08:11:c7:bb:0f:ea:34:70:
08:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2F:9A:64:EF:BD:21:F3:83:56:F3:52:33:76:0C:44:E8:CF:0B:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
10:e8:a4:de:67:1a:22:25:9a:15:d5:1e:16:57:5e:83:41:77:
7e:6b:9a:49:45:17:eb:b8:f5:2a:de:27:c9:49:f1:51:ba:31:
bc:a0:10:f3:ef:0f:4a:7e:78:be:d5:11:ab:e8:c5:87:78:56:
90:0d:cf:8d:54:84:25:c2:7a:c2:8f:1c:49:ba:ca:17:4a:eb:
c0:86:74:d0:50:36:df:cf:f5:11:95:0f:3b:ad:0e:e1:23:f1:
ae:d8:f3:81:56:8b:e1:f6:40:32:e4:49:06:c9:93:76:fd:7d:
95:b2:d9:11:e4:c8:9f:67:52:ba:bd:93:f3:aa:15:1d:ee:cb:
8d:3b:d5:1c:c3:cd:aa:a3:26:2a:e7:2a:0b:44:8e:85:88:91:
96:f0:c7:53:b0:96:8b:bc:35:14:72:70:9d:20:bd:6b:dd:76:
cf:9f:01:66:bb:6f:ea:25:8d:83:4a:e9:9c:03:15:be:79:a2:
91:f1:14:17:5f:b6:4d:5b:09:75:2c:20:d6:80:ad:01:32:14:
56:b4:7c:3a:18:d2:8a:76:ec:27:71:24:b1:4f:aa:ef:0a:4e:
6c:b5:a3:8d:31:15:06:2a:3a:0c:50:1b:38:46:7d:0c:77:c7:
5a:4e:67:82:e5:3c:0c:f6:a2:26:5b:eb:c0:41:db:4f:3e:cd:
5e:6b:94:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdzTBp/dk61zKfBwsBJ3xZmXFJ9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyYWYxMjNhMzE2ZWQyYjc3MzYwZDQ0MGE4ZmY2Mzc3ZmYxYjRjYzZjMDM1
MmE4NTUyMjk1MTEwMzFkYzE2MmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmj/T8GWE+k78Ns9n1Xi5dZJ/knii662zZVxJOUFtiB2P/LN+Qz9XCuKqXO
ZYhHrt2OD0A38wANGse87mmlM1rCIBrn540ufwt550dG0D9LeRDnmv7ZMq40OFTf
rYFo58fDVJPysPNwJklf7ulmrguzd8tIhfKkpT6yx3UvdOXG3Q9vCXJIHqvpFBZH
FMG//iYWNf6aysJvIN8ed6qzCCnu9XZs72U3QPRTCbOzsMQLZaVQyA//1t61KjI1
pGlaMjCrvqWu3ReT+lnH94r3pmi66Wi/kZ7fnaL75L6JOPAM8Ile5s0+lEchP34S
6jjP51TIQQG0BwgRx7sP6jRwCMECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIL5pk
770h84NW81IzdgxE6M8LqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YzQ0OWUtNjllNC00NWE3LTg1ZTQtMTkxNWQwMDYyMDdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAEOik3mcaIiWaFdUeFldeg0F3fmuaSUUX67j1
Kt4nyUnxUboxvKAQ8+8PSn54vtURq+jFh3hWkA3PjVSEJcJ6wo8cSbrKF0rrwIZ0
0FA238/1EZUPO60O4SPxrtjzgVaL4fZAMuRJBsmTdv19lbLZEeTIn2dSur2T86oV
He7LjTvVHMPNqqMmKucqC0SOhYiRlvDHU7CWi7w1FHJwnSC9a912z58BZrtv6iWN
g0rpnAMVvnmikfEUF1+2TVsJdSwg1oCtATIUVrR8OhjSinbsJ3EksU+q7wpObLWj
jTEVBio6DFAbOEZ9DHfHWk5nguU8DPaiJlvrwEHbTz7NXmuUxg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:24 2025 by rpki-client