Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
File: 20422b97-bbd3-43a5-bd9e-56380296a638.roa (raw, json)
Hash identifier: UWzJ8+KfGwCrTF91Stb2NshR3RAZie1/mXPIhxJkZC0=
Subject key identifier: 40:F2:E4:F2:8A:14:15:A9:7C:3A:B6:11:13:35:18:4D:1E:99:3C:9F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3675FD90309B3DB1B7A6555D96A8D57D3E8B737D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:75:fd:90:30:9b:3d:b1:b7:a6:55:5d:96:a8:d5:7d:3e:8b:73:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2f:4a:2c:77:cb:68:d6:b4:d6:65:68:92:f7:
34:81:aa:97:e6:16:5d:71:d1:d8:71:4c:54:9d:fa:
02:69:08:93:4e:c0:66:00:83:a7:24:ea:49:bf:23:
6d:4e:75:f6:19:3a:11:3a:26:54:88:ee:66:e2:d3:
5c:47:6c:e5:5e:ff:bb:f7:99:ec:56:6a:47:8b:1b:
ae:eb:47:ab:2f:fd:ef:a1:29:84:6c:ac:79:64:04:
4b:c7:bd:5c:33:24:08:d5:a8:e4:9f:af:f7:82:c5:
fd:31:35:11:d4:a4:1f:63:8f:32:ef:cb:a4:34:14:
4a:1e:16:20:ef:92:a9:6e:6b:da:6f:fa:a4:f7:f9:
dd:e1:ac:19:14:3a:be:cd:23:77:9b:04:77:e7:61:
58:b8:59:13:38:e1:ab:c7:60:9c:ff:c6:23:df:07:
c8:95:54:ea:79:21:4c:36:75:03:49:77:f5:b0:e6:
fb:78:a3:b5:61:20:13:6d:be:fc:38:07:8f:43:59:
43:20:85:b2:14:e0:fe:58:00:8b:3b:df:91:4e:88:
02:46:28:09:cd:6e:25:e2:c5:96:02:43:38:21:7b:
51:c6:61:0a:56:e5:47:5b:f3:b2:4a:36:3d:0e:fd:
8a:85:d7:88:df:8c:f3:d2:c0:45:63:46:3b:b6:e1:
3e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F2:E4:F2:8A:14:15:A9:7C:3A:B6:11:13:35:18:4D:1E:99:3C:9F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
85:18:ef:07:e0:be:fc:78:c9:cb:ae:2f:4a:35:c6:0f:05:d3:
5a:2f:c1:78:29:a0:52:0f:02:62:fc:89:1a:8a:38:b2:5e:b7:
d9:32:d0:6e:a1:eb:41:2e:43:57:ce:9d:85:32:16:8e:78:b5:
59:86:0b:48:3d:7b:18:fb:7a:a0:95:b3:09:6c:c3:8a:84:82:
d1:31:11:50:4a:1a:05:8a:aa:97:b1:dc:ee:fd:14:77:f8:87:
d6:f5:76:3b:69:e8:d5:e7:54:c4:85:72:95:36:4f:d1:f5:c8:
51:f2:58:2a:9e:71:04:a2:dd:85:76:d0:d4:eb:16:5a:6a:77:
38:34:d8:de:b8:db:78:6d:48:e0:c6:fd:27:6f:e6:1d:ec:c1:
4e:fd:db:a3:d5:e2:3d:a5:3d:29:5f:52:c5:19:b0:10:5b:55:
f8:b1:24:15:c5:09:ae:a7:87:5c:90:ff:ee:72:a8:6f:34:d6:
bf:bd:16:ef:92:be:b6:bf:3b:c5:17:ac:2a:15:69:32:15:c9:
8d:3c:91:f0:b7:19:75:44:5a:96:4b:71:2b:1d:53:22:f8:62:
61:db:56:12:54:c5:19:3b:74:e2:c4:b1:17:2c:c5:0b:b0:4f:
b1:0f:f6:63:fd:08:29:d5:f7:62:71:39:2e:00:21:e0:ad:44:
16:cd:88:a1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNnX9kDCbPbG3plVdlqjVfT6Lc30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzYjMxOGIwNTZkNTViMmEyN2ExMjMyNmRkZWI3NDg4YTU3YjA0YjFiNTQ4
OTdmNWIxYWI2OTczNjM1NmJlNjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIvSix3y2jWtNZlaJL3NIGql+YWXXHR2HFMVJ36AmkIk07AZgCDpyTqSb8j
bU519hk6ETomVIjuZuLTXEds5V7/u/eZ7FZqR4sbrutHqy/976EphGyseWQES8e9
XDMkCNWo5J+v94LF/TE1EdSkH2OPMu/LpDQUSh4WIO+SqW5r2m/6pPf53eGsGRQ6
vs0jd5sEd+dhWLhZEzjhq8dgnP/GI98HyJVU6nkhTDZ1A0l39bDm+3ijtWEgE22+
/DgHj0NZQyCFshTg/lgAizvfkU6IAkYoCc1uJeLFlgJDOCF7UcZhClblR1vzsko2
PQ79ioXXiN+M89LARWNGO7bhPjMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRA8uTy
ihQVqXw6thETNRhNHpk8nzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA0MjJiOTctYmJkMy00M2E1LWJkOWUtNTYzODAyOTZhNjM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQCFGO8H4L78eMnLri9KNcYPBdNaL8F4KaBSDwJi/Ika
ijiyXrfZMtBuoetBLkNXzp2FMhaOeLVZhgtIPXsY+3qglbMJbMOKhILRMRFQShoF
iqqXsdzu/RR3+IfW9XY7aejV51TEhXKVNk/R9chR8lgqnnEEot2FdtDU6xZaanc4
NNjeuNt4bUjgxv0nb+Yd7MFO/duj1eI9pT0pX1LFGbAQW1X4sSQVxQmup4dckP/u
cqhvNNa/vRbvkr62vzvFF6wqFWkyFcmNPJHwtxl1RFqWS3ErHVMi+GJh21YSVMUZ
O3TixLEXLMULsE+xD/Zj/Qgp1fdicTkuACHgrUQWzYih
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:01:11 2025 by rpki-client