Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
File: 06aca655-45be-4c1b-a8aa-1f048326385e.roa (raw, json)
Hash identifier: DDG4UgxHZoxX6GOiaA/88ZILvXqt7k4+9vnpgrViO5M=
Subject key identifier: E7:76:FF:13:CE:00:82:2C:0A:94:C7:74:11:09:C1:8E:E5:B7:BB:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71302DB54A602F2272D34321860E057C1FE6D3F3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:30:2d:b5:4a:60:2f:22:72:d3:43:21:86:0e:05:7c:1f:e6:d3:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:91:e7:a0:49:7a:5d:d1:c3:73:4b:4f:5a:37:
3c:ce:42:3b:e9:2a:e3:14:87:7c:89:bf:d3:6e:14:
1b:ad:3e:27:67:56:c1:74:c4:23:39:31:10:04:1c:
e9:21:b1:88:61:54:ec:a3:57:32:93:ad:ae:76:0d:
14:a7:26:9e:e7:63:92:f2:61:ad:1c:cb:39:81:e1:
70:65:ab:df:5f:be:58:1c:76:af:ab:88:54:48:5d:
08:6d:bf:47:fc:a6:9c:46:7e:78:9a:b6:28:da:06:
4c:f2:4e:bc:8e:95:a5:87:78:2f:3a:61:72:ab:0c:
72:7e:d9:d8:a3:e6:70:45:7b:5d:eb:61:02:30:d3:
0e:be:df:16:62:d4:46:bf:07:e6:0e:e5:38:2f:8e:
3c:3c:14:5c:bf:72:83:48:ee:49:31:c2:73:29:45:
cd:48:d9:89:10:a7:37:48:6a:d4:04:49:28:fb:d3:
30:64:55:79:50:da:2d:25:bd:3e:10:69:47:fe:b0:
02:46:07:f6:1d:b4:4f:6f:56:a3:a9:54:62:4c:9c:
81:3a:df:83:85:ab:fc:bc:14:cf:68:f1:0b:98:e0:
7b:58:42:f7:a0:8b:f6:e7:72:ae:86:27:2e:c3:85:
de:13:49:2c:d7:07:14:da:68:0e:51:a6:6e:8b:d4:
bc:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:76:FF:13:CE:00:82:2C:0A:94:C7:74:11:09:C1:8E:E5:B7:BB:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
55:9e:53:84:ba:b3:ad:e5:62:63:20:3e:cf:f1:2b:5f:b4:d6:
f3:44:74:5d:28:ef:c2:01:95:18:99:39:09:67:34:3a:ff:53:
b3:c3:42:40:bb:70:a1:19:d6:4c:db:71:cc:cf:a8:8b:76:28:
e7:1f:5f:ea:c0:0f:54:e1:7a:ac:d2:12:83:7c:26:b7:07:28:
5e:1a:bb:fc:ae:35:35:c8:da:6d:e1:b5:48:4b:25:4e:8d:0a:
95:e2:47:d2:2f:7a:bc:4b:21:ab:39:8a:42:35:51:8f:5a:77:
87:9e:61:5f:2c:05:5f:ab:64:1b:f8:7a:87:fd:91:d9:9b:0b:
83:1c:79:ce:94:a7:53:54:da:fe:b6:1d:ad:11:99:5a:2e:11:
5a:6b:65:4d:01:73:e1:4a:43:94:20:15:82:58:17:6c:b2:65:
58:06:36:ef:4d:c2:02:16:07:99:da:4b:85:a8:92:6d:78:e1:
5d:ac:2c:2e:26:2b:7e:37:41:b9:21:f1:8b:2c:a4:62:9e:92:
90:20:d7:29:10:b0:87:c3:27:0a:d2:5f:b9:2a:ca:c3:d1:03:
10:00:ec:bb:3c:35:b4:ff:a3:07:15:62:e9:58:97:83:df:8c:
df:e8:8e:6d:86:11:61:26:b3:ed:3b:e4:10:66:90:20:91:34:
f6:c8:c4:2e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcTAttUpgLyJy00Mhhg4FfB/m0/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNTYzODFkODZiMDQ1MGI0MzFkNWVjNDExY2UwZWI3Mzc0N2Y3ZThhMTI1
MDNjZmI2YzE2NWJlYzRhNDcxMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqR56BJel3Rw3NLT1o3PM5CO+kq4xSHfIm/024UG60+J2dWwXTEIzkxEAQc
6SGxiGFU7KNXMpOtrnYNFKcmnudjkvJhrRzLOYHhcGWr31++WBx2r6uIVEhdCG2/
R/ymnEZ+eJq2KNoGTPJOvI6VpYd4LzphcqsMcn7Z2KPmcEV7XethAjDTDr7fFmLU
Rr8H5g7lOC+OPDwUXL9yg0juSTHCcylFzUjZiRCnN0hq1ARJKPvTMGRVeVDaLSW9
PhBpR/6wAkYH9h20T29Wo6lUYkycgTrfg4Wr/LwUz2jxC5jge1hC96CL9udyroYn
LsOF3hNJLNcHFNpoDlGmbovUvDUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTndv8T
zgCCLAqUx3QRCcGO5be70jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZhY2E2NTUtNDViZS00YzFiLWE4YWEtMWYwNDgzMjYzODVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQBVnlOEurOt5WJjID7P8StftNbzRHRdKO/CAZUYmTkJ
ZzQ6/1Ozw0JAu3ChGdZM23HMz6iLdijnH1/qwA9U4Xqs0hKDfCa3ByheGrv8rjU1
yNpt4bVISyVOjQqV4kfSL3q8SyGrOYpCNVGPWneHnmFfLAVfq2Qb+HqH/ZHZmwuD
HHnOlKdTVNr+th2tEZlaLhFaa2VNAXPhSkOUIBWCWBdssmVYBjbvTcICFgeZ2kuF
qJJteOFdrCwuJit+N0G5IfGLLKRinpKQINcpELCHwycK0l+5KsrD0QMQAOy7PDW0
/6MHFWLpWJeD34zf6I5thhFhJrPtO+QQZpAgkTT2yMQu
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:31:48 2025 by rpki-client