Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
File: 0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa (raw, json)
Hash identifier: j1Ii4mc5WDN/KYuyfGnnCmnFV4yBwJ5W3EMuCCgzXcI=
Subject key identifier: 5F:81:FA:F9:8C:93:12:5D:2F:E4:45:28:36:23:C6:93:08:4B:78:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EE43A4F2135D271F3D536D5D635925CDEFA9FCB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
Signing time: Wed 05 Feb 2025 00:00:00 +0000
ROA not before: Wed 05 Feb 2025 00:00:00 +0000
ROA not after: Wed 12 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:e4:3a:4f:21:35:d2:71:f3:d5:36:d5:d6:35:92:5c:de:fa:9f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 5 00:00:00 2025 GMT
Not After : Mar 12 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a4:66:85:5a:ab:aa:05:04:ca:ab:3b:e0:14:
13:3d:9a:04:e8:19:23:e4:c5:d3:5b:39:42:4d:b2:
5d:bc:43:d4:24:3f:f3:73:fb:89:d8:7a:51:92:b5:
5d:bf:3d:5e:8b:01:84:ef:55:3a:95:e7:f7:75:a5:
9a:ec:ad:4d:56:5e:1e:45:1e:3e:73:34:63:0d:ad:
9b:2b:f6:7f:2e:b8:ea:ae:a7:90:79:06:09:68:54:
a7:bc:5a:57:14:12:9a:82:e4:4b:75:16:0f:0e:d0:
ce:07:44:37:e6:d1:bb:ea:0b:83:9f:c2:00:95:9f:
e2:42:b7:93:bb:99:13:af:39:2e:b0:62:1c:f7:92:
ee:03:d0:33:14:ad:70:d9:5b:a5:00:23:c6:f7:3b:
cc:8d:50:e1:78:45:e7:89:8d:4d:98:d9:3b:c9:05:
5c:2f:ff:68:8b:0b:2f:15:1b:3a:d1:77:dc:6a:f0:
ce:28:ac:b3:10:04:65:f6:10:3f:bc:8c:fe:1e:5e:
82:bb:b5:a8:0b:73:0c:4e:bc:96:8d:fd:e9:3a:6b:
57:e9:8a:ee:8c:4a:c8:ac:ab:6d:71:ed:26:1e:97:
18:d8:84:2a:2d:a9:e9:89:6d:f0:ac:87:da:48:e8:
65:65:ec:6d:3b:94:64:b4:62:bf:f3:82:fb:95:82:
bd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:81:FA:F9:8C:93:12:5D:2F:E4:45:28:36:23:C6:93:08:4B:78:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
27:64:34:3f:bc:1d:52:bd:7c:b3:3f:21:fd:ec:e6:15:92:53:
ed:37:93:c0:91:ac:42:87:4e:65:3c:2f:2b:83:a5:b1:56:c8:
50:9b:be:0c:f7:d5:59:d7:67:4f:3c:20:6a:9a:2d:4c:fb:3a:
4c:05:00:85:dd:b7:7d:d8:13:13:ea:07:e1:18:43:fe:af:7c:
70:53:e2:0a:b8:d1:39:91:79:e0:ba:1d:f4:d5:ef:6d:c3:c8:
2d:f2:13:2c:31:e1:e4:f3:e1:ac:7e:8a:55:dc:23:f9:ba:b9:
ae:17:4b:56:4a:df:7c:ed:8a:a6:31:cb:ff:77:e6:67:45:8c:
61:f4:ac:2d:17:b9:e9:13:0a:eb:f8:78:0f:18:89:a5:04:87:
03:2d:bd:78:bf:84:75:af:16:9e:69:aa:66:db:81:72:a3:ae:
c0:1f:e2:f8:be:e7:21:93:7b:14:01:b5:7c:46:23:f8:93:c7:
73:20:26:2b:e9:9f:20:35:98:14:b4:c1:3e:2e:34:3e:26:06:
f7:2c:1f:b1:90:98:3a:c7:5e:28:da:d6:67:4c:37:37:21:42:
f7:82:9a:84:e1:1d:0e:ac:56:a0:c5:6a:09:b3:c9:9b:56:42:
a8:30:c7:96:f4:2b:5b:4a:7e:0a:4d:d3:6a:b4:62:7f:8d:e6:
bf:d5:d9:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTuQ6TyE10nHz1TbV1jWSXN76n8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAyMDUwMDAwMDBaFw0yNTAzMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3MmVlOTc3YTUwNzU5NmU2NTFmMDQzMzdjNTE0MjRkNzZlNTE1YzA3NzQy
OThjNjdmNWU3MmFhZDlkMmM0MDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+kZoVaq6oFBMqrO+AUEz2aBOgZI+TF01s5Qk2yXbxD1CQ/83P7idh6UZK1
Xb89XosBhO9VOpXn93WlmuytTVZeHkUePnM0Yw2tmyv2fy646q6nkHkGCWhUp7xa
VxQSmoLkS3UWDw7QzgdEN+bRu+oLg5/CAJWf4kK3k7uZE685LrBiHPeS7gPQMxSt
cNlbpQAjxvc7zI1Q4XhF54mNTZjZO8kFXC//aIsLLxUbOtF33GrwziissxAEZfYQ
P7yM/h5egru1qAtzDE68lo396TprV+mK7oxKyKyrbXHtJh6XGNiEKi2p6Ylt8KyH
2kjoZWXsbTuUZLRiv/OC+5WCvRcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRfgfr5
jJMSXS/kRSg2I8aTCEt4ejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGE1OGNlZjctNWZhNS00NTZkLTljZDctZDk2YmUxZjJmYWFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQAnZDQ/vB1SvXyzPyH97OYVklPtN5PAkaxCh05lPC8r
g6WxVshQm74M99VZ12dPPCBqmi1M+zpMBQCF3bd92BMT6gfhGEP+r3xwU+IKuNE5
kXnguh301e9tw8gt8hMsMeHk8+GsfopV3CP5urmuF0tWSt987YqmMcv/d+ZnRYxh
9KwtF7npEwrr+HgPGImlBIcDLb14v4R1rxaeaapm24Fyo67AH+L4vuchk3sUAbV8
RiP4k8dzICYr6Z8gNZgUtME+LjQ+Jgb3LB+xkJg6x14o2tZnTDc3IUL3gpqE4R0O
rFagxWoJs8mbVkKoMMeW9CtbSn4KTdNqtGJ/jea/1dl2
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:42 2025 by rpki-client