Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
File: 1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa (raw, json)
Hash identifier: 6MXpX7INFwq2wroN3qLzWJIHNDxjsqnBdxMh7/xyB4I=
Subject key identifier: 35:CA:03:99:BA:37:5B:50:3C:DD:2C:E8:30:9A:C9:CE:9B:15:1D:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C80DF20DB1F840C1F52F218A9E90FA3E2AE4566
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:80:df:20:db:1f:84:0c:1f:52:f2:18:a9:e9:0f:a3:e2:ae:45:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2e:84:74:b6:8a:d3:07:f1:da:2c:ea:81:c3:
bc:99:b6:45:20:fd:7b:28:52:68:f8:e0:5b:7e:2c:
50:66:cc:d9:be:a7:72:38:45:d4:b7:d8:7a:80:6d:
2f:44:55:06:92:31:e6:1c:91:55:48:53:ce:2b:a1:
cf:5f:8f:bc:8f:6e:be:96:9c:3b:78:6b:9d:fd:f5:
1f:6d:77:10:cc:97:b7:fd:66:49:36:ef:a3:1c:02:
2d:e6:c9:b8:61:7c:a5:8c:71:c5:85:4c:85:20:e2:
64:db:7c:9f:bf:c2:6b:11:b2:33:87:15:51:75:fd:
e9:a9:43:ba:14:49:19:88:29:65:e6:b3:bc:d8:64:
60:29:15:c3:b9:a8:cd:5a:9f:be:69:5f:b9:2a:87:
f8:48:7b:8b:91:22:40:b7:52:89:27:4d:e1:65:30:
d5:82:52:6e:c6:7e:2a:47:dd:d3:5e:ad:39:40:ab:
53:04:fc:ac:b3:37:ff:48:b5:2e:a1:6e:4f:87:de:
9b:ee:59:fe:0b:70:e1:69:a3:0e:ee:b8:19:b1:15:
92:7a:7b:db:e0:8d:64:0e:1b:98:e3:e4:da:db:73:
d3:62:1a:ea:c6:03:7c:4b:cf:1e:5c:d5:b2:0a:ad:
96:98:53:6a:11:8f:40:ed:13:af:88:73:e8:ce:7a:
1b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CA:03:99:BA:37:5B:50:3C:DD:2C:E8:30:9A:C9:CE:9B:15:1D:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:13:6d:5b:8b:da:c9:a0:5e:24:29:ef:a9:da:60:06:c7:34:
f4:4f:cb:fe:07:dc:7e:5d:ba:51:cf:48:8d:80:b6:62:c8:0a:
41:ed:28:04:b0:80:60:7b:d5:03:06:5a:79:b9:29:96:84:b6:
08:15:43:59:29:c8:62:75:72:13:f8:2e:79:f6:94:76:eb:a3:
a5:49:eb:17:f3:0e:0b:fa:0f:86:93:99:f5:4c:b8:8a:2b:27:
70:c8:48:e3:b2:de:75:f1:44:05:c5:ec:8f:91:75:7e:5f:8e:
97:d0:1c:1c:3f:09:00:0f:27:dc:2d:7e:4c:74:51:d8:75:07:
04:db:5a:d6:28:a4:79:6f:57:f1:e4:2a:69:63:1b:c0:24:d9:
ee:03:c3:c1:11:4e:da:ba:b2:da:f2:cd:b9:1f:72:e7:81:c7:
8b:97:a5:c0:93:da:b5:59:89:1d:3b:f3:9a:80:e7:df:cc:2b:
bb:aa:de:f1:79:fd:91:0d:ac:d7:f8:cd:06:41:61:2b:f8:91:
f6:58:a3:c1:73:e5:3b:4b:20:9f:4e:bf:42:23:d1:36:67:fd:
3e:c3:3e:9d:bb:1a:91:8c:50:c6:60:fd:ff:ca:fc:b1:2a:b3:
73:ab:43:cb:d0:69:b8:b2:c6:ee:10:c8:fc:d3:b9:b8:01:af:
ee:f4:21:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTIDfINsfhAwfUvIYqekPo+KuRWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0OGQ1MmNlOGNlZDkwOTM4NjYxOGQ4YWViMjgyMGE4YzBiMDkzNmY3MTdh
NDI3ZTM3ZTBjM2U3OGIzNjdjZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4uhHS2itMH8dos6oHDvJm2RSD9eyhSaPjgW34sUGbM2b6ncjhF1LfYeoBt
L0RVBpIx5hyRVUhTziuhz1+PvI9uvpacO3hrnf31H213EMyXt/1mSTbvoxwCLebJ
uGF8pYxxxYVMhSDiZNt8n7/CaxGyM4cVUXX96alDuhRJGYgpZeazvNhkYCkVw7mo
zVqfvmlfuSqH+Eh7i5EiQLdSiSdN4WUw1YJSbsZ+Kkfd016tOUCrUwT8rLM3/0i1
LqFuT4fem+5Z/gtw4WmjDu64GbEVknp72+CNZA4bmOPk2ttz02Ia6sYDfEvPHlzV
sgqtlphTahGPQO0Tr4hz6M56GwcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ1ygOZ
ujdbUDzdLOgwmsnOmxUd4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWY2OTViODgtMzBlOS00OWYyLTllMDAtNGYzZmEzZDM1NGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQCzE21bi9rJoF4kKe+p2mAGxzT0T8v+B9x+XbpRz0iN
gLZiyApB7SgEsIBge9UDBlp5uSmWhLYIFUNZKchidXIT+C559pR266OlSesX8w4L
+g+Gk5n1TLiKKydwyEjjst518UQFxeyPkXV+X46X0BwcPwkADyfcLX5MdFHYdQcE
21rWKKR5b1fx5CppYxvAJNnuA8PBEU7aurLa8s25H3LngceLl6XAk9q1WYkdO/Oa
gOffzCu7qt7xef2RDazX+M0GQWEr+JH2WKPBc+U7SyCfTr9CI9E2Z/0+wz6duxqR
jFDGYP3/yvyxKrNzq0PL0Gm4ssbuEMj807m4Aa/u9CG6
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:14:44 2025 by rpki-client