Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
File: 2d0b0f83-8102-46aa-aad9-aae539204639.roa (raw, json)
Hash identifier: Q21qN3OZ9f6tWdnO/u+Vrl3iCL9dGxt9XUP8WSNx+IA=
Subject key identifier: 3C:23:12:D5:31:08:EE:7E:C4:5D:E6:96:F5:EA:AB:20:B0:22:02:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33A7E2FA1D5E52B0AF9D82CBAE90C5A3E5FCF11C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:a7:e2:fa:1d:5e:52:b0:af:9d:82:cb:ae:90:c5:a3:e5:fc:f1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:50:fc:83:01:58:c3:c6:69:71:3a:5a:2c:
fb:b3:7a:60:0e:bf:b2:ed:1a:e7:a3:86:67:e0:5d:
9b:a7:e1:a1:3b:65:28:2e:e7:92:35:0b:4e:f8:33:
4a:3f:f0:ff:62:d0:5c:6a:ff:f2:52:25:be:8e:8c:
75:8f:8f:5c:be:36:4b:6c:7e:b0:50:e7:49:bd:9d:
f8:12:1a:10:ed:d6:ed:29:d9:3c:e7:6e:cc:c0:ef:
30:c1:e7:31:58:f1:81:e2:97:bb:ca:30:8a:53:a9:
0c:2f:34:fb:a7:aa:15:b1:72:9c:2b:3d:69:76:d1:
be:d9:08:d2:d6:9f:47:df:34:4d:a3:44:9b:30:4e:
3f:82:72:3f:a4:4f:f2:5b:ab:6f:b2:92:67:21:5c:
89:cb:b3:dc:c3:7e:c9:3c:b8:6a:37:a0:00:9c:92:
75:e5:98:d2:35:28:63:2a:37:7b:dc:22:a2:96:a4:
64:d4:85:4c:97:0f:16:c8:1e:dc:d0:bb:5a:d8:01:
05:bf:4d:81:57:f2:02:16:5c:43:21:9c:37:9f:a8:
9d:78:e9:dd:ce:c0:cc:6b:10:96:fe:04:22:a3:7a:
25:b3:72:23:af:e3:bb:db:2b:29:2f:b0:23:8e:41:
c0:42:e4:2e:fb:13:2f:48:86:66:19:11:bd:76:db:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:23:12:D5:31:08:EE:7E:C4:5D:E6:96:F5:EA:AB:20:B0:22:02:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
c4:15:31:d9:2c:e3:8b:e2:c8:00:b7:89:01:a9:a6:14:b6:74:
da:27:6c:b2:45:48:d6:59:52:26:04:12:a6:58:1b:f8:6b:c1:
83:da:e0:65:00:9f:b8:2c:5b:64:7e:d7:ed:60:25:15:98:b5:
ca:b1:d6:e5:12:95:bb:d9:ca:25:c9:8b:c1:80:31:f1:81:ba:
fc:18:1d:46:70:c6:1b:72:7e:82:c8:05:8b:a8:ae:a3:d3:fe:
bf:f9:f7:2c:3b:e1:68:43:4f:68:89:67:65:4a:99:3c:ae:60:
d1:2d:63:47:f7:61:9d:07:c0:1f:08:24:f3:7a:b8:ee:ff:52:
74:f3:62:de:b3:a8:aa:00:0f:5b:32:a2:e9:b4:7d:64:d0:5c:
dc:a5:2a:1e:c5:03:52:cf:24:06:cc:b1:66:9b:9f:f3:bd:e7:
14:8a:b4:3a:37:e5:18:71:5d:b9:98:9a:7a:42:71:8c:3a:82:
03:3b:24:88:83:c8:49:70:a6:71:5c:e2:1a:5e:83:53:62:59:
4d:c1:cf:2a:7a:53:e1:27:d6:06:e5:27:e5:68:1b:4c:90:3e:
6c:50:2b:2e:10:6f:55:1a:b0:13:f8:28:84:ca:a2:40:34:bb:
32:4a:0e:09:71:84:4d:d4:bb:99:51:19:a9:25:7d:b8:5f:76:
3a:b9:6d:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM6fi+h1eUrCvnYLLrpDFo+X88RwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MjQ1ZmViZmEzOTE4ZTI0OTcyZjhlYjUyMTc0MDdmMDFjMjJmNmY2MTdi
N2U5NzM4ZjQyMGY3OGJiMzNmNTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKUUPyDAVjDxmlxOlos+7N6YA6/su0a56OGZ+Bdm6fhoTtlKC7nkjULTvgz
Sj/w/2LQXGr/8lIlvo6MdY+PXL42S2x+sFDnSb2d+BIaEO3W7SnZPOduzMDvMMHn
MVjxgeKXu8owilOpDC80+6eqFbFynCs9aXbRvtkI0tafR980TaNEmzBOP4JyP6RP
8lurb7KSZyFcicuz3MN+yTy4ajegAJySdeWY0jUoYyo3e9wiopakZNSFTJcPFsge
3NC7WtgBBb9NgVfyAhZcQyGcN5+onXjp3c7AzGsQlv4EIqN6JbNyI6/ju9srKS+w
I45BwELkLvsTL0iGZhkRvXbbr+8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ8IxLV
MQjufsRd5pb16qsgsCICTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQwYjBmODMtODEwMi00NmFhLWFhZDktYWFlNTM5MjA0NjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQDEFTHZLOOL4sgAt4kBqaYUtnTaJ2yyRUjWWVImBBKm
WBv4a8GD2uBlAJ+4LFtkftftYCUVmLXKsdblEpW72colyYvBgDHxgbr8GB1GcMYb
cn6CyAWLqK6j0/6/+fcsO+FoQ09oiWdlSpk8rmDRLWNH92GdB8AfCCTzerju/1J0
82Les6iqAA9bMqLptH1k0FzcpSoexQNSzyQGzLFmm5/zvecUirQ6N+UYcV25mJp6
QnGMOoIDOySIg8hJcKZxXOIaXoNTYllNwc8qelPhJ9YG5SflaBtMkD5sUCsuEG9V
GrAT+CiEyqJANLsySg4JcYRN1LuZURmpJX24X3Y6uW38
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:49 2025 by rpki-client