Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa
File: 220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa (raw, json)
Hash identifier: vfQAytGkClAHFdW9T3CIYQHuhjc1+td/oQiQGpVUDuA=
Subject key identifier: 79:65:2C:8A:A4:41:6E:EE:E3:D5:F3:5F:C0:0A:E3:B2:02:10:5D:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E50CECFCD07819E6ED2BBF428DFB73459142DD6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:50:ce:cf:cd:07:81:9e:6e:d2:bb:f4:28:df:b7:34:59:14:2d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:18:ef:8a:5b:b9:5b:de:c2:41:05:7a:00:aa:
f0:eb:99:c8:aa:1e:5e:0b:11:03:dd:5c:5a:0f:af:
8c:33:35:e3:73:31:ec:a2:98:88:1c:5f:75:1f:18:
95:63:b2:b5:e0:dc:b1:8e:74:05:d1:19:63:13:cc:
fd:65:87:ca:d9:c8:af:40:6a:95:8f:b8:18:3e:ae:
12:2a:6b:ae:04:8a:4d:80:51:6b:c6:c2:50:f3:d1:
f9:fe:b9:a1:9f:ec:c7:91:12:4c:85:72:06:66:22:
15:76:74:67:69:cb:ea:1e:34:af:b9:c2:b5:19:20:
59:2b:86:eb:15:26:36:2b:f2:05:da:9d:37:61:e9:
e6:6c:06:62:db:08:b1:63:e0:32:b1:1e:41:af:08:
84:76:e5:b4:b8:a7:57:c6:35:0c:64:93:6a:96:34:
02:ba:c7:57:62:7f:e6:b2:28:13:78:7f:c1:a1:d1:
d8:16:a6:7a:d5:59:b9:0f:98:2e:1f:52:63:4d:8d:
38:37:bf:94:96:28:53:87:4c:f9:26:c5:0e:81:20:
51:21:a0:22:ff:50:2b:b8:cb:91:7b:42:d3:0e:df:
17:90:8f:c8:a7:08:77:a9:99:ee:36:6e:0a:87:a5:
ba:29:3a:bc:0c:a6:b9:d7:98:79:7b:9e:fc:de:a8:
2c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:65:2C:8A:A4:41:6E:EE:E3:D5:F3:5F:C0:0A:E3:B2:02:10:5D:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/220d79dd-8cc8-453b-9e32-2d76d0de3fef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:b5:53:04:7a:3e:90:75:f8:61:17:93:1c:6f:29:68:80:77:
c9:90:80:a3:46:ef:f7:8f:90:4c:cd:f4:42:07:5a:b7:70:09:
02:aa:c9:54:0c:ec:7e:53:a9:67:4f:74:b9:31:87:ee:34:22:
4f:86:d7:06:f4:06:25:48:14:78:1b:54:5b:a7:f5:1f:ae:2e:
ea:be:7d:7a:b0:62:01:4d:0a:9f:cd:e0:06:7c:d9:15:25:33:
38:ec:45:57:fd:23:2e:46:0c:49:41:ac:2f:00:42:0f:15:41:
ff:8d:e5:57:2f:9d:af:0b:ca:c7:26:b0:0e:76:d4:e7:3b:c4:
6b:ea:6f:20:5c:40:c7:46:c1:c3:b4:e5:3e:32:4b:9b:9e:de:
5c:c2:1b:82:c0:de:c5:3b:21:42:cb:18:2c:88:94:cc:21:b1:
34:c8:fc:d9:8d:af:0c:33:61:2c:18:4f:c9:67:90:c6:c1:71:
09:1d:b0:3e:d6:ad:09:42:d0:bc:cf:cd:6c:8f:41:57:e2:49:
37:55:b9:9d:4d:1f:10:17:d4:8f:71:fa:d6:0a:74:78:7a:eb:
a8:c1:ac:2d:92:d2:1f:7f:c4:13:41:ee:f2:17:90:8a:2d:cf:
dd:24:41:78:f3:d3:4d:0d:01:07:be:95:05:29:f9:e5:76:7a:
56:60:2d:87
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPlDOz80HgZ5u0rv0KN+3NFkULdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjZWNhYzkxZTBjY2UzZThlNzY3ZGM4NmE2NzAwZWRmNjZkYzNjNmUyNDEz
MjE5NTEyNjI4ZGY1YmQ3OGUwNDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIkY74pbuVvewkEFegCq8OuZyKoeXgsRA91cWg+vjDM143Mx7KKYiBxfdR8Y
lWOyteDcsY50BdEZYxPM/WWHytnIr0BqlY+4GD6uEiprrgSKTYBRa8bCUPPR+f65
oZ/sx5ESTIVyBmYiFXZ0Z2nL6h40r7nCtRkgWSuG6xUmNivyBdqdN2Hp5mwGYtsI
sWPgMrEeQa8IhHbltLinV8Y1DGSTapY0ArrHV2J/5rIoE3h/waHR2BametVZuQ+Y
Lh9SY02NODe/lJYoU4dM+SbFDoEgUSGgIv9QK7jLkXtC0w7fF5CPyKcId6mZ7jZu
Coeluik6vAymudeYeXue/N6oLNECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5ZSyK
pEFu7uPV81/ACuOyAhBdQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjIwZDc5ZGQtOGNjOC00NTNiLTllMzItMmQ3NmQwZGUzZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBAtVMEej6QdfhhF5McbylogHfJkICjRu/3j5BMzfRC
B1q3cAkCqslUDOx+U6lnT3S5MYfuNCJPhtcG9AYlSBR4G1Rbp/Ufri7qvn16sGIB
TQqfzeAGfNkVJTM47EVX/SMuRgxJQawvAEIPFUH/jeVXL52vC8rHJrAOdtTnO8Rr
6m8gXEDHRsHDtOU+Mkubnt5cwhuCwN7FOyFCyxgsiJTMIbE0yPzZja8MM2EsGE/J
Z5DGwXEJHbA+1q0JQtC8z81sj0FX4kk3VbmdTR8QF9SPcfrWCnR4euuowawtktIf
f8QTQe7yF5CKLc/dJEF489NNDQEHvpUFKfnldnpWYC2H
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:37 2025 by rpki-client