Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
File: 3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa (raw, json)
Hash identifier: QfC9WiVyda8MkC6nZs9pIdYiGYcwfntCsYOx+BxnXQU=
Subject key identifier: DF:F2:27:A9:59:35:2D:4E:5F:8F:A7:65:9D:F4:E0:CC:FB:3E:7D:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A6138608C620B200CD1C5304E82A09A7B095B69
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:61:38:60:8c:62:0b:20:0c:d1:c5:30:4e:82:a0:9a:7b:09:5b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:c1:c8:63:1e:83:04:2a:67:59:3c:26:fc:
bb:0f:0b:f4:fe:31:37:cb:b9:be:9c:76:5c:b9:5f:
90:ef:90:be:c0:29:e8:99:d5:d2:48:95:57:f9:9a:
33:12:2a:c0:5c:14:6e:4b:65:b4:4e:b2:9c:d0:12:
cf:3a:e9:8a:b1:5c:5f:0f:d3:5d:23:6c:d0:b7:44:
9a:1d:b3:a2:64:ef:41:98:0b:ac:03:65:f1:2b:3e:
47:88:ab:68:13:66:c0:fa:13:67:f5:82:ce:f8:59:
dd:43:92:34:e7:3e:1a:c1:85:49:8e:21:74:4e:93:
9c:4a:0a:02:34:a2:2b:82:0d:44:6a:a0:b9:50:f9:
77:15:8d:4b:15:1a:e4:aa:b2:9a:2f:79:46:0a:05:
54:02:c2:b8:33:37:3a:3f:27:57:71:84:e7:5f:06:
70:25:ca:ce:a9:b7:a0:b5:9b:0f:e9:4c:3f:57:82:
1e:a9:2c:e3:0a:c8:9e:4b:21:ac:b0:18:cc:ee:3f:
95:e6:4c:2a:d3:54:67:b3:b1:91:08:66:36:e6:42:
03:71:29:5a:a3:ce:50:9b:cc:47:eb:b2:98:8a:2e:
4b:4b:d9:be:e8:56:7d:da:de:05:b6:45:6d:9d:36:
23:15:81:23:d4:89:91:f3:6a:39:91:2d:c8:d0:ec:
d0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F2:27:A9:59:35:2D:4E:5F:8F:A7:65:9D:F4:E0:CC:FB:3E:7D:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:b5:da:5c:e3:28:58:71:32:de:3e:12:d8:c7:17:e9:92:7c:
c7:fd:7d:71:31:e0:78:94:5a:a1:84:7b:9c:36:00:e0:1c:2f:
a0:bb:02:66:00:46:12:26:d3:4b:ed:1a:2e:8c:cf:c2:ae:d1:
8a:5e:c2:da:6f:9e:90:b5:50:a7:95:36:b9:f7:41:cd:3a:bb:
23:e6:2a:e1:9e:0d:fd:da:3d:1b:93:dc:9e:79:fe:d0:27:47:
57:86:81:05:7b:df:0e:dd:db:7a:ed:b8:79:9d:da:c8:70:68:
c5:50:47:1d:3c:96:97:1e:c7:0e:66:14:ce:81:0e:96:bb:2d:
83:18:a1:b8:f2:5e:f2:cf:23:1c:16:4c:92:e0:fb:22:37:fb:
f2:d3:f1:58:e8:ff:4a:94:61:33:63:d7:07:06:e5:7c:fe:aa:
07:ae:5f:98:68:88:30:46:54:7f:54:f8:9a:91:79:c2:e6:a8:
5d:ec:2f:2b:81:fd:7a:dd:36:7b:d0:08:08:56:a0:8a:8e:5a:
03:cd:db:6c:3e:c4:54:84:30:d2:a3:d4:68:69:39:02:39:dc:
14:ad:ff:45:45:62:5d:e3:48:53:60:73:e0:dd:d1:e9:e8:49:
3b:d5:9e:15:c8:51:11:0e:05:0d:62:d4:39:69:07:00:2b:9e:
f6:65:30:42
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKmE4YIxiCyAM0cUwToKgmnsJW2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NWM0MDZlZmM1MzJlMjRhNzcyNjljZWQzZTU5ZDEzODk2MjMzMjljMjc4
ZmE3NDI4YTYzMTJiM2IwNjE4NWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbZwchjHoMEKmdZPCb8uw8L9P4xN8u5vpx2XLlfkO+QvsAp6JnV0kiVV/ma
MxIqwFwUbktltE6ynNASzzrpirFcXw/TXSNs0LdEmh2zomTvQZgLrANl8Ss+R4ir
aBNmwPoTZ/WCzvhZ3UOSNOc+GsGFSY4hdE6TnEoKAjSiK4INRGqguVD5dxWNSxUa
5Kqymi95RgoFVALCuDM3Oj8nV3GE518GcCXKzqm3oLWbD+lMP1eCHqks4wrInksh
rLAYzO4/leZMKtNUZ7OxkQhmNuZCA3EpWqPOUJvMR+uymIouS0vZvuhWfdreBbZF
bZ02IxWBI9SJkfNqOZEtyNDs0K0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTf8iep
WTUtTl+Pp2Wd9ODM+z59ljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I3ZDJkYzktYThhMy00Zjc5LWI5ZmQtMWFhY2Y0ZjQzNzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQATtdpc4yhYcTLePhLYxxfpknzH/X1xMeB4lFqhhHuc
NgDgHC+guwJmAEYSJtNL7RoujM/CrtGKXsLab56QtVCnlTa590HNOrsj5irhng39
2j0bk9yeef7QJ0dXhoEFe98O3dt67bh5ndrIcGjFUEcdPJaXHscOZhTOgQ6Wuy2D
GKG48l7yzyMcFkyS4PsiN/vy0/FY6P9KlGEzY9cHBuV8/qoHrl+YaIgwRlR/VPia
kXnC5qhd7C8rgf163TZ70AgIVqCKjloDzdtsPsRUhDDSo9RoaTkCOdwUrf9FRWJd
40hTYHPg3dHp6Ek71Z4VyFERDgUNYtQ5aQcAK572ZTBC
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:37 2025 by rpki-client