Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
File: 24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa (raw, json)
Hash identifier: rUMdZKfmm80pEgbqvmYoHN/H6qY/d26nvyZzCtH+nCA=
Subject key identifier: 66:AD:B6:4C:DE:31:EE:B5:6E:7F:8E:CC:3A:87:85:54:D0:18:91:AC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54CFCFDDBB99A86C9F57E9A5963F08F6F2A5813A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:cf:cf:dd:bb:99:a8:6c:9f:57:e9:a5:96:3f:08:f6:f2:a5:81:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4e:f4:83:e1:85:5a:26:21:3a:6d:dd:ca:44:
47:89:aa:ec:fa:6b:06:35:50:8d:77:8f:40:fa:bc:
8a:f3:84:45:96:e8:0c:e3:f7:d2:e3:60:0e:d1:22:
21:43:09:fc:3d:64:51:0a:6d:86:a8:bc:f9:fc:57:
26:80:96:65:cb:4a:0b:e7:47:bc:02:4d:2f:b0:1f:
f4:ec:72:0c:5e:eb:47:dd:ec:e6:95:ac:49:a6:0d:
5d:90:d6:65:b5:81:af:ca:03:1f:9a:85:75:db:ae:
37:04:ee:2b:2f:4b:1f:ca:33:c2:fd:6f:73:8b:fa:
20:d1:a1:8b:57:ee:40:95:7c:1f:ee:c3:14:de:1e:
c4:af:a8:fe:be:0c:e5:11:d4:ed:46:f3:ae:3e:86:
8b:00:06:86:b8:ed:28:e9:5b:66:de:13:59:3f:73:
dd:74:27:67:d5:6b:b9:42:62:e3:ba:9f:e8:ac:38:
da:0b:1d:09:08:00:28:cc:05:10:31:b6:17:d1:ac:
c8:b9:4f:c7:fe:0a:7d:41:1e:ce:bc:48:c4:83:9f:
d7:b7:1e:01:5f:e3:22:e5:ff:1a:5c:06:a6:db:ce:
16:52:a9:d5:06:7d:03:40:f3:82:ba:9c:6a:87:f3:
90:f2:d3:51:39:05:a1:53:7f:20:43:49:e4:e1:3e:
11:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AD:B6:4C:DE:31:EE:B5:6E:7F:8E:CC:3A:87:85:54:D0:18:91:AC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
7d:2a:60:88:90:46:77:fe:4a:2d:9e:01:40:ad:7b:67:30:d5:
51:f2:29:bc:2d:13:cb:82:8d:08:f6:ef:29:fb:ff:34:19:65:
2f:c0:10:81:bb:14:30:09:b1:7f:78:2f:37:b9:d5:0a:13:23:
d5:d6:ad:ab:5b:3e:60:d3:96:35:92:e1:ff:98:01:ad:50:67:
29:5c:77:96:0a:36:a4:bd:dd:00:39:7b:6a:8b:ec:d4:ec:eb:
ed:4e:65:0f:f3:4a:5d:92:9f:20:a0:c7:63:2a:9c:ce:df:d0:
59:34:30:49:b1:c0:e7:3d:15:ef:97:e8:b9:d3:c7:b3:5c:fc:
59:25:09:83:62:eb:6b:72:1f:90:c0:28:aa:7d:3e:ee:be:d3:
f4:5d:32:6a:ad:5f:3c:1c:ec:d6:a7:ff:41:c9:d1:6b:a1:c5:
e5:51:3b:94:57:06:d3:bb:4b:3c:6a:96:b5:d3:f6:0e:65:0d:
5f:ae:19:3f:6d:36:4c:b7:bb:6c:5b:b9:0b:0d:7b:98:19:16:
b7:28:20:14:9b:a6:02:82:fb:ef:13:1b:72:76:65:10:63:b1:
d2:17:d9:fd:8d:4e:4f:b0:95:62:e5:e0:7e:3a:3f:4b:79:40:
77:65:c1:f8:69:51:77:bb:7e:90:7b:74:06:03:f5:7a:7f:2f:
90:d5:59:74
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVM/P3buZqGyfV+mllj8I9vKlgTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1ZDQ0MDRjZTRiYTRiMTliYmEyNjhlZDJhODYwNTdhOTViYTljMDY3MWM1
ZGNhNThkYTliOTdhZTJiYjA1ODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9O9IPhhVomITpt3cpER4mq7PprBjVQjXePQPq8ivOERZboDOP30uNgDtEi
IUMJ/D1kUQpthqi8+fxXJoCWZctKC+dHvAJNL7Af9OxyDF7rR93s5pWsSaYNXZDW
ZbWBr8oDH5qFdduuNwTuKy9LH8ozwv1vc4v6INGhi1fuQJV8H+7DFN4exK+o/r4M
5RHU7Ubzrj6GiwAGhrjtKOlbZt4TWT9z3XQnZ9VruUJi47qf6Kw42gsdCQgAKMwF
EDG2F9GsyLlPx/4KfUEezrxIxIOf17ceAV/jIuX/GlwGptvOFlKp1QZ9A0Dzgrqc
aofzkPLTUTkFoVN/IENJ5OE+EacCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmrbZM
3jHutW5/jsw6h4VU0BiRrDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjRjNjNiOTctNWI1ZS00NDlkLWI4NmItN2U5ZTUzYjE4MmJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQB9KmCIkEZ3/kotngFArXtnMNVR8im8LRPLgo0I9u8p
+/80GWUvwBCBuxQwCbF/eC83udUKEyPV1q2rWz5g05Y1kuH/mAGtUGcpXHeWCjak
vd0AOXtqi+zU7OvtTmUP80pdkp8goMdjKpzO39BZNDBJscDnPRXvl+i508ezXPxZ
JQmDYutrch+QwCiqfT7uvtP0XTJqrV88HOzWp/9BydFrocXlUTuUVwbTu0s8apa1
0/YOZQ1frhk/bTZMt7tsW7kLDXuYGRa3KCAUm6YCgvvvExtydmUQY7HSF9n9jU5P
sJVi5eB+Oj9LeUB3ZcH4aVF3u36Qe3QGA/V6fy+Q1Vl0
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:13 2025 by rpki-client