Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa
File: d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa (raw, json)
Hash identifier: TlfedWGIOrZSkNJbdUBBNsoZU+zLnMGAqldbMU0lY6I=
Subject key identifier: 3D:7D:86:64:43:CB:B7:F6:0E:6A:7A:45:B2:9D:27:E5:79:CE:67:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 579B7885CC4CD9F910C8BA4227D1D07DB10FED73
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9b:78:85:cc:4c:d9:f9:10:c8:ba:42:27:d1:d0:7d:b1:0f:ed:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:88:6d:ac:41:90:ec:75:3f:6f:1e:c3:20:6f:
ea:45:93:b6:1f:3e:2a:b9:94:c2:da:27:9e:17:e1:
b3:42:af:c3:6a:0b:68:e3:50:a4:72:6e:c9:73:31:
30:94:81:30:f2:6b:11:95:13:03:be:15:a0:4b:4c:
9b:dd:08:7f:0e:29:cb:78:9d:93:8e:cc:c4:c3:81:
ea:70:4a:a9:85:56:de:41:d0:3b:99:a2:09:72:47:
9f:35:16:11:c4:20:8e:70:fa:43:15:8c:a0:bf:ca:
07:5f:cf:c3:b7:55:64:da:70:54:bf:4b:fb:e0:20:
9e:1d:ef:1a:dc:6a:3b:50:ad:35:f7:61:dc:96:2d:
cd:f7:9b:82:74:4a:5e:a5:01:6b:35:c9:af:03:58:
51:22:6a:fc:2c:b5:30:27:ed:09:12:a0:48:b6:33:
f0:93:9b:c2:d1:5f:cb:d3:59:76:6c:1f:ac:e1:61:
2b:78:60:9b:b3:e9:2b:c2:04:85:9e:5d:3d:d9:35:
d5:10:dc:0e:30:3d:86:0a:1b:51:9a:f4:ce:33:fe:
03:f1:c2:e3:d7:4b:8f:28:34:8a:32:26:cb:cd:2e:
19:86:f6:29:59:ee:7e:a3:02:9a:de:62:4f:99:92:
c6:c7:fe:e7:01:42:3a:a4:0e:8d:33:72:7f:90:86:
9d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7D:86:64:43:CB:B7:F6:0E:6A:7A:45:B2:9D:27:E5:79:CE:67:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
41:85:2d:f5:8b:d4:6a:84:d5:61:c2:05:86:cb:1f:eb:85:e7:
73:29:6d:1c:3c:9e:0d:c5:22:d7:ff:94:3c:a4:8c:91:22:cc:
63:25:4d:37:c9:fa:97:c8:86:89:2f:bf:6f:80:45:50:d4:69:
e3:5c:8f:99:21:88:b4:cc:2e:4a:21:78:ee:88:e6:e0:b0:d6:
03:cd:a4:bf:e1:49:4a:ad:8c:27:09:d6:2c:29:77:06:6a:3f:
23:8f:c8:8a:67:17:94:3b:de:e9:8f:17:03:b7:77:ce:a3:8c:
79:1d:e2:19:43:1a:9f:90:12:4b:d6:e7:74:52:d3:17:75:1f:
d4:a6:72:6b:0c:cd:cf:b6:10:d2:4e:48:f2:54:57:37:d4:b0:
48:15:8b:a8:83:74:7e:87:3b:0a:5b:69:65:28:ca:8d:7a:4c:
c3:ba:37:81:2f:e4:09:c4:5e:5b:40:56:df:26:62:3a:95:fe:
75:e8:27:68:53:e9:3b:4a:6f:37:51:13:a0:73:1c:bd:62:09:
f8:64:64:79:0f:19:3f:65:4c:fe:91:99:13:bc:c0:3c:a3:9d:
87:02:e8:02:db:1b:86:2d:f6:bd:1a:98:e5:ce:42:f2:34:b1:
10:8d:38:c8:61:97:6d:9d:6a:fb:8b:9f:21:0d:09:26:f1:ec:
ec:46:0c:6c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV5t4hcxM2fkQyLpCJ9HQfbEP7XMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjZjA0ZmI4ODczMmI0ZDhjMjYyZDQ2OGExMGMwNTQyY2ZkYjAwYjM5YmFj
ZmE3NGM0YTk4N2NjZjdhN2VhMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaIbaxBkOx1P28ewyBv6kWTth8+KrmUwtonnhfhs0Kvw2oLaONQpHJuyXMx
MJSBMPJrEZUTA74VoEtMm90Ifw4py3idk47MxMOB6nBKqYVW3kHQO5miCXJHnzUW
EcQgjnD6QxWMoL/KB1/Pw7dVZNpwVL9L++Agnh3vGtxqO1CtNfdh3JYtzfebgnRK
XqUBazXJrwNYUSJq/Cy1MCftCRKgSLYz8JObwtFfy9NZdmwfrOFhK3hgm7PpK8IE
hZ5dPdk11RDcDjA9hgobUZr0zjP+A/HC49dLjyg0ijImy80uGYb2KVnufqMCmt5i
T5mSxsf+5wFCOqQOjTNyf5CGnZUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9fYZk
Q8u39g5qekWynSflec5neDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDBiMGFiZmEtODBiZS00ZGJiLTkxN2UtYWYxN2Q1ZWQ5ZGI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQBBhS31i9RqhNVhwgWGyx/rhedzKW0cPJ4NxSLX/5Q8
pIyRIsxjJU03yfqXyIaJL79vgEVQ1GnjXI+ZIYi0zC5KIXjuiObgsNYDzaS/4UlK
rYwnCdYsKXcGaj8jj8iKZxeUO97pjxcDt3fOo4x5HeIZQxqfkBJL1ud0UtMXdR/U
pnJrDM3PthDSTkjyVFc31LBIFYuog3R+hzsKW2llKMqNekzDujeBL+QJxF5bQFbf
JmI6lf516CdoU+k7Sm83UROgcxy9Ygn4ZGR5Dxk/ZUz+kZkTvMA8o52HAugC2xuG
Lfa9GpjlzkLyNLEQjTjIYZdtnWr7i58hDQkm8ezsRgxs
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:33 2025 by rpki-client