Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d9f56b92-7135-4c68-941d-3d63aa91ee36.roa
File: d9f56b92-7135-4c68-941d-3d63aa91ee36.roa (raw, json)
Hash identifier: bDdeQfKCz+K7eTCezguav+Hpe7wr8V3PzszVVCOJCyg=
Subject key identifier: B2:EF:FA:CE:A5:92:25:91:9B:E4:5C:64:19:16:A8:DC:44:C9:4C:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B6B94BE6F0C5FEFBF5EF2E56E7AAA96CC9194E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d9f56b92-7135-4c68-941d-3d63aa91ee36.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:6b:94:be:6f:0c:5f:ef:bf:5e:f2:e5:6e:7a:aa:96:cc:91:94:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:13:d5:79:51:81:e0:0c:13:af:a9:a9:99:20:
77:ef:e4:a3:d2:0c:fa:8b:f2:c7:d7:ca:eb:cb:ed:
2d:b8:c9:b2:d1:e5:c8:9a:0c:7e:69:89:1e:79:ae:
ca:7a:f2:7b:6d:c2:c9:05:fe:b6:9b:f5:6f:bf:9b:
f6:1a:2e:bc:df:44:0e:d2:e3:78:2f:51:f5:35:8a:
8d:70:24:02:30:40:b2:35:a1:a1:32:3e:55:42:89:
1a:0a:67:24:df:6a:92:90:b2:59:11:c9:89:95:55:
a4:de:9b:06:00:2c:92:2d:49:b1:41:0d:9a:c8:17:
ea:8f:ff:3d:02:68:25:7e:b9:1f:e4:63:b7:53:0d:
4a:ea:fa:68:b6:00:92:9d:3e:7f:38:9b:d6:c3:63:
4c:fa:eb:46:22:ca:af:45:84:fc:da:13:2f:91:be:
66:00:7c:1c:29:d5:77:0c:54:4d:67:a6:23:3c:f7:
ef:33:02:6d:03:cc:b9:f1:b1:88:d1:c3:62:a3:91:
03:e0:88:dc:af:cc:28:00:96:39:b8:47:4f:d3:50:
36:fa:65:50:56:d7:04:7c:15:dc:5c:4a:3c:bc:b2:
ad:e1:e9:6c:b0:85:89:b4:11:1b:17:f5:ec:84:73:
2e:c1:af:91:47:29:8b:39:0e:bc:6b:7e:72:65:d9:
2d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EF:FA:CE:A5:92:25:91:9B:E4:5C:64:19:16:A8:DC:44:C9:4C:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d9f56b92-7135-4c68-941d-3d63aa91ee36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:5f:71:ae:f6:36:b8:14:46:6d:98:19:07:a0:b6:61:ca:22:
7a:6c:99:62:c0:48:89:0e:84:69:5b:7e:ed:e2:2f:d3:46:45:
bb:f8:ff:1f:52:02:06:6c:4b:d5:a1:40:e5:ec:27:2f:79:f1:
ef:46:24:53:a8:c1:1b:36:c0:c1:5b:0b:32:58:cc:25:27:c3:
e8:c3:56:26:7c:df:36:fa:81:e8:9a:81:c8:27:12:cc:09:57:
d8:eb:3a:7d:3d:3c:c6:de:80:eb:e7:d5:d4:e1:d1:7b:dd:e9:
99:9b:f0:ac:c5:9b:48:b1:98:f8:2c:5c:66:47:9f:01:80:18:
0e:98:dc:d0:6d:4e:8e:ef:f3:76:ce:7c:05:20:3a:c9:ed:90:
4e:3c:2a:aa:3d:4e:e3:4d:af:ab:7c:2f:73:9e:37:47:2a:c1:
61:99:ec:c2:d9:39:8b:b7:1e:f1:75:2e:57:34:2d:01:54:f6:
eb:bc:f4:00:03:ea:db:4c:ab:c8:1d:16:e5:88:e2:c9:0e:10:
2b:8f:c3:be:5d:87:89:94:8a:46:4d:ba:ad:43:bc:de:7b:a5:
54:a4:ff:eb:cc:18:f2:57:38:b1:77:da:8c:29:73:02:36:7d:
80:43:1a:10:28:a2:6b:87:e0:66:9a:b8:e6:11:3f:e0:2c:7c:
0d:89:48:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG2uUvm8MX++/XvLlbnqqlsyRlOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmOTE0N2YwMjlmNTRlOTlmNGJkMDJmODNlOTlkMmQ2MWJhZjU2ZGE5Y2Rh
NTMxZGIxZjAwYmU2ZDY5ZmRiMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgT1XlRgeAME6+pqZkgd+/ko9IM+ovyx9fK68vtLbjJstHlyJoMfmmJHnmu
ynrye23CyQX+tpv1b7+b9houvN9EDtLjeC9R9TWKjXAkAjBAsjWhoTI+VUKJGgpn
JN9qkpCyWRHJiZVVpN6bBgAski1JsUENmsgX6o//PQJoJX65H+Rjt1MNSur6aLYA
kp0+fzib1sNjTPrrRiLKr0WE/NoTL5G+ZgB8HCnVdwxUTWemIzz37zMCbQPMufGx
iNHDYqORA+CI3K/MKACWObhHT9NQNvplUFbXBHwV3FxKPLyyreHpbLCFibQRGxf1
7IRzLsGvkUcpizkOvGt+cmXZLe8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSy7/rO
pZIlkZvkXGQZFqjcRMlMFDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDlmNTZiOTItNzEzNS00YzY4LTk0MWQtM2Q2M2FhOTFlZTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQCEX3Gu9ja4FEZtmBkHoLZhyiJ6bJliwEiJDoRpW37t
4i/TRkW7+P8fUgIGbEvVoUDl7CcvefHvRiRTqMEbNsDBWwsyWMwlJ8Pow1YmfN82
+oHomoHIJxLMCVfY6zp9PTzG3oDr59XU4dF73emZm/CsxZtIsZj4LFxmR58BgBgO
mNzQbU6O7/N2znwFIDrJ7ZBOPCqqPU7jTa+rfC9znjdHKsFhmezC2TmLtx7xdS5X
NC0BVPbrvPQAA+rbTKvIHRbliOLJDhArj8O+XYeJlIpGTbqtQ7zee6VUpP/rzBjy
Vzixd9qMKXMCNn2AQxoQKKJrh+BmmrjmET/gLHwNiUhH
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:52:56 2025 by rpki-client