Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
File: 30196813-1f5f-45cc-801b-df800afa3d6d.roa (raw, json)
Hash identifier: S7uHDcSrGO2L2//524RrqfKZqeZukRLP72hOzt05364=
Subject key identifier: F4:40:F2:99:B4:7F:E0:03:64:E9:E6:42:7A:E2:F7:1D:AD:22:59:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A42285D8C8C1B647557D0C8713160AAF3224EB3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:42:28:5d:8c:8c:1b:64:75:57:d0:c8:71:31:60:aa:f3:22:4e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e9:b5:21:7a:82:47:a8:d0:0f:0d:ff:d2:ca:
dd:20:5c:02:99:60:a7:9e:0f:19:aa:c1:3d:1a:7b:
df:c0:f7:a8:7a:45:50:c7:a8:35:db:2f:21:58:49:
e8:4c:f1:48:e7:6c:cb:09:8e:4d:10:f2:23:30:ed:
f3:0a:be:1d:03:40:82:0f:7c:09:ac:4d:16:45:28:
8a:e7:ab:5e:a4:47:0b:df:e9:9a:5b:62:48:3e:c6:
5a:9f:dc:b2:89:4b:f3:26:5a:39:2d:af:e8:ee:2c:
8d:8d:7f:dc:90:3f:99:bd:c5:51:c7:b3:d7:49:54:
74:5d:e0:ee:8c:b9:23:cc:17:36:f8:34:23:04:04:
2a:59:f4:d4:7b:9d:46:bf:e5:b2:42:a1:7e:99:59:
42:81:40:43:6f:a3:67:b7:1e:ba:1a:8b:dc:f9:66:
95:87:72:e5:a1:90:42:f9:f9:45:90:a2:01:b8:81:
4b:08:05:2e:1e:25:8f:f5:04:f4:44:d6:ae:ba:b0:
64:ce:ba:47:2e:07:96:52:ce:c3:52:14:b1:bb:54:
cc:5f:cb:24:e5:a5:55:16:16:e3:31:ed:52:b8:5d:
75:f7:0e:79:d3:6a:4f:51:e4:9b:32:f7:a7:29:8e:
35:74:f0:2f:4c:00:a6:56:d5:34:6f:fd:d6:f1:a7:
c5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:40:F2:99:B4:7F:E0:03:64:E9:E6:42:7A:E2:F7:1D:AD:22:59:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:6d:ec:18:43:e4:ca:3d:d7:d7:0e:bc:80:b5:31:2f:13:01:
82:e0:76:dd:bf:1f:ef:c2:86:38:a8:5c:ff:b9:0f:fd:fc:0c:
b3:76:54:71:96:ed:50:6b:03:07:36:b2:11:68:a8:35:23:62:
a1:66:f5:8c:a8:d3:02:d2:8b:4e:94:79:33:a0:e2:15:20:0b:
fa:3d:8e:17:85:ce:4f:1c:48:cb:ad:34:46:ac:cb:17:c4:66:
2e:29:8c:83:29:28:8e:01:32:ce:06:34:62:09:d8:28:11:52:
1d:44:a6:40:29:96:ae:d0:38:16:54:3d:2f:33:fc:e5:5d:89:
92:e4:2f:00:cc:f8:54:04:06:8f:fb:90:8d:46:8b:2e:23:69:
3c:c6:36:18:ed:4d:fa:97:75:36:40:22:e2:60:b8:0d:66:72:
5d:fb:02:a6:54:17:6e:3d:33:07:89:2b:0c:c6:c4:1e:26:03:
87:31:bf:d9:b4:4f:be:1f:cb:7a:46:08:4b:f6:f4:a7:31:9a:
9e:ae:7e:b6:0e:a7:a1:cf:82:99:51:a5:42:c9:4c:7c:d6:14:
7f:d0:96:f9:14:aa:9c:98:dd:52:29:1d:dc:ae:7a:f3:f6:bd:
15:96:e8:59:31:27:e4:46:1c:e0:03:f2:e5:76:2d:60:d7:28:
d6:71:ea:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOkIoXYyMG2R1V9DIcTFgqvMiTrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmZTVmYThkMjgxY2NiNDA5NzBkZmRmY2MyMjMxMGYxN2M5NGY2Y2UyZDI0
ZmQyZmJmMTI2YzI0M2U5OTkyNzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrptSF6gkeo0A8N/9LK3SBcAplgp54PGarBPRp738D3qHpFUMeoNdsvIVhJ
6EzxSOdsywmOTRDyIzDt8wq+HQNAgg98CaxNFkUoiuerXqRHC9/pmltiSD7GWp/c
solL8yZaOS2v6O4sjY1/3JA/mb3FUcez10lUdF3g7oy5I8wXNvg0IwQEKln01Hud
Rr/lskKhfplZQoFAQ2+jZ7ceuhqL3PlmlYdy5aGQQvn5RZCiAbiBSwgFLh4lj/UE
9ETWrrqwZM66Ry4HllLOw1IUsbtUzF/LJOWlVRYW4zHtUrhddfcOedNqT1HkmzL3
pymONXTwL0wAplbVNG/91vGnxZcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT0QPKZ
tH/gA2Tp5kJ64vcdrSJZYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzAxOTY4MTMtMWY1Zi00NWNjLTgwMWItZGY4MDBhZmEzZDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQA9bewYQ+TKPdfXDryAtTEvEwGC4Hbdvx/vwoY4qFz/
uQ/9/AyzdlRxlu1QawMHNrIRaKg1I2KhZvWMqNMC0otOlHkzoOIVIAv6PY4Xhc5P
HEjLrTRGrMsXxGYuKYyDKSiOATLOBjRiCdgoEVIdRKZAKZau0DgWVD0vM/zlXYmS
5C8AzPhUBAaP+5CNRosuI2k8xjYY7U36l3U2QCLiYLgNZnJd+wKmVBduPTMHiSsM
xsQeJgOHMb/ZtE++H8t6RghL9vSnMZqern62Dqehz4KZUaVCyUx81hR/0Jb5FKqc
mN1SKR3crnrz9r0VluhZMSfkRhzgA/Lldi1g1yjWcepd
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:58 2025 by rpki-client