Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bdc7597-5430-429b-990a-e3659e2e6227.roa
File: 0bdc7597-5430-429b-990a-e3659e2e6227.roa (raw, json)
Hash identifier: vD9kZbjysluGmuXUltJ5bCim2WxjybHfm6lBv6lOVs4=
Subject key identifier: AA:22:90:DF:EB:05:B1:AA:94:4E:DD:AB:25:82:19:75:BA:BF:A4:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5CAB47F2F45D6A66626688F77FE1F41A4858E039
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bdc7597-5430-429b-990a-e3659e2e6227.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:ab:47:f2:f4:5d:6a:66:62:66:88:f7:7f:e1:f4:1a:48:58:e0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5c:2e:a2:23:ed:d2:42:f1:41:27:31:78:87:
47:41:fd:83:36:9e:ed:98:54:8b:f2:92:92:cd:a7:
18:d8:70:0b:d5:b0:0e:39:f4:7f:ad:01:94:ba:53:
34:9c:7b:9c:23:0a:67:3b:c4:c7:1b:08:f9:af:3e:
f5:92:58:58:f2:51:8b:ef:27:68:b5:3f:98:12:22:
29:4b:3c:aa:40:12:41:a5:20:49:ea:c2:7f:21:8a:
5c:d2:48:f0:09:6c:ba:3f:bc:16:81:8c:b1:6e:34:
79:bd:b3:38:89:88:21:e0:77:ac:fa:ef:93:14:53:
dc:d8:7c:a5:96:18:cb:fa:bb:27:72:1a:9c:d3:7f:
4b:50:4e:23:25:6d:9b:5c:ef:1c:81:92:ab:86:6c:
86:b5:99:be:41:35:cc:75:49:a1:c7:e5:39:fc:56:
c9:02:bb:3a:36:c9:d6:29:76:de:ef:16:da:a5:c8:
9b:7b:fa:3f:e0:56:4b:01:04:56:ba:a3:90:0f:9a:
bb:1e:b6:7f:35:17:3f:ee:71:b9:89:70:8c:e1:0f:
9b:95:01:e0:9c:91:be:ff:e3:8c:db:2d:eb:5b:c8:
1b:02:9c:79:3f:8b:ba:f2:fc:ce:3f:7a:c8:98:a3:
e1:02:3f:4a:9f:73:fc:e1:43:11:04:3a:fa:24:5c:
12:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:22:90:DF:EB:05:B1:AA:94:4E:DD:AB:25:82:19:75:BA:BF:A4:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bdc7597-5430-429b-990a-e3659e2e6227.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
90:2b:14:f9:82:ee:f5:fd:bc:59:21:9b:67:17:7e:2a:57:e5:
0f:2f:eb:41:36:ef:ef:1a:af:78:31:b2:fc:9c:31:90:0e:76:
98:0a:ce:ca:50:f8:51:c9:12:c3:3d:a6:d5:01:4e:fd:00:58:
74:98:e7:07:e8:67:a9:56:f5:48:1d:e8:28:58:3a:bb:10:d0:
97:9f:08:b5:f4:f3:74:92:77:33:79:d2:d6:7f:38:9c:d4:25:
c7:67:07:56:ba:56:9f:04:88:43:26:a3:2c:fa:56:34:bb:ba:
85:a3:25:10:0b:d9:ce:47:cf:f3:da:07:36:0f:ae:d8:37:36:
5b:cd:6b:1e:80:61:27:3b:9b:40:06:f1:93:16:23:9c:f8:41:
4a:f8:ab:c5:88:b6:8e:3e:59:ec:4a:32:70:a4:d8:be:88:c8:
a1:61:ca:f8:f9:f5:80:d4:e0:5a:5c:70:bf:bd:e4:b7:b6:9e:
48:53:5c:19:8a:a9:96:9f:63:53:6f:ed:7d:a0:7b:e2:81:76:
7b:db:18:3d:7c:46:e1:4e:51:df:3a:2b:4c:39:13:2f:c1:d1:
06:0d:09:aa:d0:28:d1:39:e8:c5:73:1e:35:97:e6:03:80:68:
b7:8c:10:6c:e6:2e:84:10:87:97:b1:51:61:2c:c1:de:b7:0c:
49:c6:77:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXKtH8vRdamZiZoj3f+H0GkhY4DkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMTlkZjQ4ZWFkMTA1MmIyZTdjZmU0MGI4MjYwMzM4M2M1MWU4ZjlkNzY0
ODI1NTNhYWQ1NGZhNzY0YjRlZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpcLqIj7dJC8UEnMXiHR0H9gzae7ZhUi/KSks2nGNhwC9WwDjn0f60BlLpT
NJx7nCMKZzvExxsI+a8+9ZJYWPJRi+8naLU/mBIiKUs8qkASQaUgSerCfyGKXNJI
8Alsuj+8FoGMsW40eb2zOImIIeB3rPrvkxRT3Nh8pZYYy/q7J3IanNN/S1BOIyVt
m1zvHIGSq4ZshrWZvkE1zHVJocflOfxWyQK7OjbJ1il23u8W2qXIm3v6P+BWSwEE
VrqjkA+aux62fzUXP+5xuYlwjOEPm5UB4JyRvv/jjNst61vIGwKceT+LuvL8zj96
yJij4QI/Sp9z/OFDEQQ6+iRcEtkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSqIpDf
6wWxqpRO3aslghl1ur+kTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJkYzc1OTctNTQzMC00MjliLTk5MGEtZTM2NTllMmU2MjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQCQKxT5gu71/bxZIZtnF34qV+UPL+tBNu/vGq94MbL8
nDGQDnaYCs7KUPhRyRLDPabVAU79AFh0mOcH6GepVvVIHegoWDq7ENCXnwi19PN0
knczedLWfzic1CXHZwdWulafBIhDJqMs+lY0u7qFoyUQC9nOR8/z2gc2D67YNzZb
zWsegGEnO5tABvGTFiOc+EFK+KvFiLaOPlnsSjJwpNi+iMihYcr4+fWA1OBaXHC/
veS3tp5IU1wZiqmWn2NTb+19oHvigXZ72xg9fEbhTlHfOitMORMvwdEGDQmq0CjR
OejFcx41l+YDgGi3jBBs5i6EEIeXsVFhLMHetwxJxndK
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:47:18 2025 by rpki-client