Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
File: 0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa (raw, json)
Hash identifier: mBsmxF9r4SF/pJVMztUTjNnTJuqMFdDFO57nL7r4HWQ=
Subject key identifier: 63:E5:B2:2B:C5:65:21:4D:1D:DE:B6:8D:F2:59:85:54:4B:AE:C2:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07200C8460A9A3CAD02A6221517750BE0D2D8638
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:20:0c:84:60:a9:a3:ca:d0:2a:62:21:51:77:50:be:0d:2d:86:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c6:17:01:2f:29:b3:44:5a:11:ca:ac:e6:9d:
8a:9e:6d:cb:ef:7e:40:5a:14:ad:9d:04:da:ff:17:
18:23:2d:d8:08:b4:86:66:88:cb:9c:4e:e3:6a:3b:
78:51:45:88:ca:f4:48:bd:fa:c1:d8:dc:72:20:a9:
2a:60:12:fa:c2:95:18:c3:ce:64:75:06:88:92:e4:
41:1f:9a:5d:a4:56:22:16:7b:b5:ed:03:55:a6:ff:
ed:89:d0:43:f5:e6:10:bd:9e:94:fe:4c:4d:10:a0:
c9:89:2f:fc:57:2f:e4:01:00:91:c6:2e:e5:97:2d:
2b:d7:77:a2:10:29:db:95:37:12:43:c3:59:9f:ab:
cd:c5:d0:05:78:23:c2:d1:13:91:4b:42:58:2c:2d:
14:0c:35:4e:5d:d3:6b:33:53:4f:0a:07:17:04:6a:
8a:cc:dc:46:d4:30:5e:d6:b1:97:a4:dc:64:15:4e:
dd:e4:2d:24:83:22:04:18:22:15:22:47:23:0d:36:
36:6f:7a:be:a1:8a:bd:17:2e:a4:43:9a:b2:6f:7b:
8c:06:45:c1:9f:d4:90:56:d0:54:43:8d:54:e5:e7:
7e:af:c4:b6:e2:98:39:8c:81:f0:fb:48:5f:84:f1:
dd:cb:8c:46:9d:0b:9e:ea:95:be:d1:b6:e2:05:3f:
ac:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E5:B2:2B:C5:65:21:4D:1D:DE:B6:8D:F2:59:85:54:4B:AE:C2:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:89:95:aa:be:0e:77:ab:0d:5a:c8:01:56:b9:ba:f9:e8:ed:
32:a8:53:fd:9f:df:f6:37:47:c9:e0:ed:67:74:46:75:4d:a6:
58:67:2f:a4:8f:fe:34:26:54:16:01:fa:69:0a:71:15:24:d1:
70:47:9b:78:93:f6:7b:f0:99:ad:77:dd:ca:41:7f:a2:fd:10:
c6:91:d3:a6:7c:0a:73:33:7f:91:94:f7:fd:fb:10:de:b6:f2:
c3:62:43:d0:36:f0:6e:99:91:f8:c5:eb:87:7c:3e:d5:aa:bf:
d2:94:6e:1f:0a:c8:14:51:c7:fd:e5:98:2e:dd:43:12:a9:79:
17:e8:16:a3:08:d0:6c:0d:95:d8:73:f9:85:43:0e:4f:d8:a4:
54:a0:e3:35:13:8b:5e:66:86:ee:0a:06:52:8e:26:c3:08:55:
a3:f1:b5:08:4c:3c:57:67:bf:20:14:e9:0b:87:d6:79:ee:d4:
3e:94:01:f6:8d:1b:41:fc:33:b7:10:d5:bc:ac:5b:60:1d:4a:
aa:ae:1a:64:c1:43:fc:7e:96:24:f8:fe:c8:e2:db:15:e7:e9:
d1:6a:77:ce:9a:e7:da:8d:bd:f0:f0:d2:de:5b:56:35:56:1a:
f6:a5:91:9a:94:4a:25:ea:90:fc:b7:88:05:eb:8e:85:ce:76:
c9:fe:5f:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUByAMhGCpo8rQKmIhUXdQvg0thjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyYzU2NTQ0YWY0NDFlNmE5Y2YxYTM0ZjQzMGQ4ZjJkZjE1OWRlYzY2MDc5
YzM5YjdhM2MyOTIzZjNhZjhiMWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLGFwEvKbNEWhHKrOadip5ty+9+QFoUrZ0E2v8XGCMt2Ai0hmaIy5xO42o7
eFFFiMr0SL36wdjcciCpKmAS+sKVGMPOZHUGiJLkQR+aXaRWIhZ7te0DVab/7YnQ
Q/XmEL2elP5MTRCgyYkv/Fcv5AEAkcYu5ZctK9d3ohAp25U3EkPDWZ+rzcXQBXgj
wtETkUtCWCwtFAw1Tl3TazNTTwoHFwRqiszcRtQwXtaxl6TcZBVO3eQtJIMiBBgi
FSJHIw02Nm96vqGKvRcupEOasm97jAZFwZ/UkFbQVEONVOXnfq/EtuKYOYyB8PtI
X4Tx3cuMRp0LnuqVvtG24gU/rPMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRj5bIr
xWUhTR3eto3yWYVUS67CpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGU2Y2Y4Y2ItMDI5Yi00MWI4LWFhMDUtNzMxMGY3ZjE0MWQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/iZWqvg53qw1ayAFWubr56O0yqFP9n9/2N0fJ4O1n
dEZ1TaZYZy+kj/40JlQWAfppCnEVJNFwR5t4k/Z78Jmtd93KQX+i/RDGkdOmfApz
M3+RlPf9+xDetvLDYkPQNvBumZH4xeuHfD7Vqr/SlG4fCsgUUcf95Zgu3UMSqXkX
6BajCNBsDZXYc/mFQw5P2KRUoOM1E4teZobuCgZSjibDCFWj8bUITDxXZ78gFOkL
h9Z57tQ+lAH2jRtB/DO3ENW8rFtgHUqqrhpkwUP8fpYk+P7I4tsV5+nRanfOmufa
jb3w8NLeW1Y1Vhr2pZGalEol6pD8t4gF646FznbJ/l/3
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:03:03 2025 by rpki-client