Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
File: 356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa (raw, json)
Hash identifier: gDpg5oMp1Wcn4mt+JWbVYgpd+Y84eG/0Eu8edCrDwTQ=
Subject key identifier: 9F:22:17:99:44:30:22:FA:A5:21:A1:FF:E1:D4:6E:EF:F1:2D:C7:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E55F844EE4185F0EC2F88120948050E3494EAD5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:55:f8:44:ee:41:85:f0:ec:2f:88:12:09:48:05:0e:34:94:ea:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:2e:b7:e2:04:f5:a8:d7:d7:d1:40:e7:ec:
24:64:c3:c3:30:8f:82:b5:a0:cb:39:e9:46:ed:04:
b6:fa:50:2f:dc:cf:3a:d2:9b:33:f6:18:a2:4b:e7:
9e:6d:f0:5e:a3:57:a3:47:55:5b:72:45:18:59:09:
ef:4f:1c:1d:b6:f5:e7:67:15:28:c0:fa:63:bd:de:
e9:95:47:ef:2b:80:30:00:f0:96:10:de:19:d7:09:
f2:35:35:7d:94:a1:1e:4e:fc:11:53:15:b6:a4:76:
89:e1:88:ed:0f:8d:dd:90:f2:49:37:aa:63:27:e6:
6a:78:2b:4e:bd:61:44:8c:1a:2c:86:5b:06:dc:44:
9e:d1:a9:57:5c:92:59:c8:12:b0:9e:eb:d2:75:73:
22:b6:1b:45:7e:07:70:ab:49:db:d9:8b:96:b6:c1:
06:21:c9:80:9f:82:96:7c:18:8a:3c:46:36:20:19:
88:88:aa:7c:5f:a4:9d:40:7f:d5:d9:90:8c:04:ef:
51:0a:0c:aa:ac:a9:5b:e7:62:42:e5:0f:d9:b0:9e:
cb:95:89:92:50:a4:27:dd:26:70:85:d6:b0:5a:84:
3e:63:0b:80:e6:65:d0:31:2a:84:5f:76:0e:ee:30:
f5:fd:a1:f0:29:7c:a9:82:4d:69:fd:ab:31:bf:39:
88:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:22:17:99:44:30:22:FA:A5:21:A1:FF:E1:D4:6E:EF:F1:2D:C7:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
07:32:69:21:ad:06:a8:a6:4a:4e:e0:e8:a5:66:6d:6d:f7:06:
fe:c0:47:4d:fc:ea:15:d0:e0:01:fa:dc:17:cc:b8:1a:b8:2a:
e6:83:5b:58:01:5f:9b:dd:2a:c0:2c:c9:7f:74:52:5b:f9:af:
da:c1:87:f1:62:01:12:6b:0f:41:1a:d8:96:73:67:e5:13:31:
7a:3c:e0:6e:c0:42:3a:a3:ae:d1:8c:26:30:4d:3d:12:18:9e:
2c:5d:5c:d3:89:9f:e4:db:db:e5:02:35:7a:cd:75:99:5e:e3:
a7:12:c4:ac:8d:a8:f1:d9:13:dc:ff:0d:3a:59:5c:84:ea:5e:
19:69:c5:fa:4d:65:80:c0:a4:25:38:6c:c0:4b:4e:01:ec:6e:
d1:31:ed:f5:17:5c:09:26:f8:e2:42:eb:28:e9:95:d2:93:a4:
29:96:b7:90:fe:f1:d9:2f:4d:6c:88:f5:9d:0f:a7:24:02:cf:
5d:7e:68:95:20:b3:d6:cb:68:ce:d3:61:2b:d2:74:2c:6c:42:
39:26:b6:81:75:43:bc:22:33:c9:ec:46:1e:54:af:db:e4:4b:
6f:aa:4e:33:56:41:01:5d:3d:84:55:27:6a:97:81:9c:74:0d:
84:df:08:ef:26:9b:9a:4f:ef:07:d3:38:1b:da:54:2e:72:11:
d5:9e:8b:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXlX4RO5BhfDsL4gSCUgFDjSU6tUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YzU3ZGViY2E5OWZlMGFlODUxNTQzYjkwMWE0Y2NmMTBhZWU0YTdiNzM4
MDA5Njg2MTNhODJjMWNkZjUyN2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVeLrfiBPWo19fRQOfsJGTDwzCPgrWgyznpRu0EtvpQL9zPOtKbM/YYokvn
nm3wXqNXo0dVW3JFGFkJ708cHbb152cVKMD6Y73e6ZVH7yuAMADwlhDeGdcJ8jU1
fZShHk78EVMVtqR2ieGI7Q+N3ZDySTeqYyfmangrTr1hRIwaLIZbBtxEntGpV1yS
WcgSsJ7r0nVzIrYbRX4HcKtJ29mLlrbBBiHJgJ+ClnwYijxGNiAZiIiqfF+knUB/
1dmQjATvUQoMqqypW+diQuUP2bCey5WJklCkJ90mcIXWsFqEPmMLgOZl0DEqhF92
Du4w9f2h8Cl8qYJNaf2rMb85iOMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSfIheZ
RDAi+qUhof/h1G7v8S3HiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzU2ZGQ1ZWMtNzU1OS00NWU4LTgxZDAtOWU0NTU5MGI1YWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAHMmkhrQaopkpO4OilZm1t9wb+wEdN/OoV0OAB+twX
zLgauCrmg1tYAV+b3SrALMl/dFJb+a/awYfxYgESaw9BGtiWc2flEzF6POBuwEI6
o67RjCYwTT0SGJ4sXVzTiZ/k29vlAjV6zXWZXuOnEsSsjajx2RPc/w06WVyE6l4Z
acX6TWWAwKQlOGzAS04B7G7RMe31F1wJJvjiQuso6ZXSk6QplreQ/vHZL01siPWd
D6ckAs9dfmiVILPWy2jO02Er0nQsbEI5JraBdUO8IjPJ7EYeVK/b5Etvqk4zVkEB
XT2EVSdql4GcdA2E3wjvJpuaT+8H0zgb2lQuchHVnovx
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:45:12 2025 by rpki-client