Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
File: dd037aef-fb5d-4fe4-8126-0957b823de58.roa (raw, json)
Hash identifier: OXrOnk/YeS7pBuVBXMoPGcw6DhP64YIXFL/htzO4RWA=
Subject key identifier: 89:5F:73:0B:18:59:35:49:F4:78:4D:3A:5C:7B:24:4D:01:4C:5D:37
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7851F064A11BFF9D5CF3C93F42253F21570A331A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:51:f0:64:a1:1b:ff:9d:5c:f3:c9:3f:42:25:3f:21:57:0a:33:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=5f80788e11e81181e58f0480b6232fdc213de41eb8f55a85c0888b5ed5d9dc04, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:94:53:44:49:4e:35:9f:f9:30:ab:f6:9b:dc:
3a:ef:bd:fe:a9:04:e0:83:4c:72:a2:bd:d0:db:3e:
54:f0:84:51:0a:e5:af:8d:1b:4e:77:4f:84:cd:9d:
3f:a3:cc:8b:86:fe:24:cf:54:6c:3a:30:85:4e:bd:
c2:a0:64:4e:94:8d:27:4a:ac:3e:fd:c0:8d:ce:01:
ba:b3:5a:73:ed:fb:19:14:c1:14:75:ef:9f:ab:97:
7d:1e:7d:81:db:32:62:35:c9:cc:4a:0f:60:d9:33:
1c:00:6c:32:d1:8e:d4:8d:6f:0a:49:29:9d:c7:88:
dc:1d:cc:1f:ae:14:f3:3a:df:39:dc:65:fc:f0:0b:
aa:0f:64:71:82:c8:e9:b4:8f:6e:7a:f3:3a:20:7a:
fe:1b:98:16:6c:5a:5c:68:fa:64:08:c1:c3:39:36:
5d:f4:80:f0:36:63:81:82:0c:07:d8:b8:ae:88:43:
00:ee:40:b7:17:fa:01:4b:ba:d5:00:89:2a:c9:57:
3f:b6:bd:27:64:8e:ba:6a:d8:37:7c:f3:97:41:6e:
80:5c:73:74:d4:22:51:b8:73:7f:a6:cc:7f:cc:aa:
1d:b3:25:58:56:53:b7:09:bc:de:31:f1:67:45:fa:
58:0e:fb:41:ee:b5:8a:91:c1:a9:4a:84:e3:11:d3:
fa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5F:73:0B:18:59:35:49:F4:78:4D:3A:5C:7B:24:4D:01:4C:5D:37
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1100::/40
Signature Algorithm: sha256WithRSAEncryption
ac:09:79:3b:6b:56:46:8e:b6:f6:8c:ce:21:d7:1c:c3:53:66:
d3:e5:05:b6:e5:65:e2:88:59:e2:0f:9f:c8:41:a1:26:96:ea:
fa:65:e9:ae:b9:20:57:ff:35:9a:fb:de:6b:61:7b:87:45:db:
aa:b5:6b:ba:11:d4:90:ed:2e:98:df:66:d9:8a:5c:e0:cd:41:
05:7b:e2:ab:83:e9:8c:fd:33:c0:aa:e1:83:3a:60:13:e9:f0:
6a:42:4d:c8:3b:f3:9c:22:04:91:ec:91:1e:c4:11:78:ff:c0:
76:30:04:5a:29:a5:8b:bb:f5:14:b2:ff:a6:bc:90:ec:d9:f3:
73:f3:45:e3:db:6a:80:bf:d4:a1:90:95:25:a1:1b:b8:3e:e3:
21:a9:fc:29:8d:67:5e:50:20:9e:63:e8:da:f2:c6:17:05:fc:
42:ab:ce:b5:54:12:da:4c:c8:e7:c7:4f:63:97:62:8d:b3:1a:
46:f7:5d:85:c9:19:fb:d9:b2:1f:5c:14:b8:11:b9:47:9f:74:
f9:e7:2b:0e:b6:be:d6:84:05:38:77:a4:2b:84:ff:65:c0:c2:
39:58:19:7a:d3:bb:0c:03:20:2b:34:14:15:60:6d:37:be:9a:
07:b3:51:ad:6b:cd:96:78:fd:df:6a:5d:d9:89:e4:2e:c5:e8:
dd:19:bb:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeFHwZKEb/51c88k/QiU/IVcKMxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmODA3ODhlMTFlODExODFlNThmMDQ4MGI2MjMyZmRjMjEzZGU0MWViOGY1
NWE4NWMwODg4YjVlZDVkOWRjMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWUU0RJTjWf+TCr9pvcOu+9/qkE4INMcqK90Ns+VPCEUQrlr40bTndPhM2d
P6PMi4b+JM9UbDowhU69wqBkTpSNJ0qsPv3Ajc4BurNac+37GRTBFHXvn6uXfR59
gdsyYjXJzEoPYNkzHABsMtGO1I1vCkkpnceI3B3MH64U8zrfOdxl/PALqg9kcYLI
6bSPbnrzOiB6/huYFmxaXGj6ZAjBwzk2XfSA8DZjgYIMB9i4rohDAO5Atxf6AUu6
1QCJKslXP7a9J2SOumrYN3zzl0FugFxzdNQiUbhzf6bMf8yqHbMlWFZTtwm83jHx
Z0X6WA77Qe61ipHBqUqE4xHT+jsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJX3ML
GFk1SfR4TTpceyRNAUxdNzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGQwMzdhZWYtZmI1ZC00ZmU0LTgxMjYtMDk1N2I4MjNkZTU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoBBXgR
MA0GCSqGSIb3DQEBCwUAA4IBAQCsCXk7a1ZGjrb2jM4h1xzDU2bT5QW25WXiiFni
D5/IQaEmlur6ZemuuSBX/zWa+95rYXuHRduqtWu6EdSQ7S6Y32bZilzgzUEFe+Kr
g+mM/TPAquGDOmAT6fBqQk3IO/OcIgSR7JEexBF4/8B2MARaKaWLu/UUsv+mvJDs
2fNz80Xj22qAv9ShkJUloRu4PuMhqfwpjWdeUCCeY+ja8sYXBfxCq861VBLaTMjn
x09jl2KNsxpG912FyRn72bIfXBS4EblHn3T55ysOtr7WhAU4d6QrhP9lwMI5WBl6
07sMAyArNBQVYG03vpoHs1Gta82WeP3fal3ZieQuxejdGbv/
-----END CERTIFICATE-----
Generated at Fri May 9 07:43:33 2025 by rpki-client