Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3f8b75d5-ee83-4794-8d04-a4e42412f346.roa
File: 3f8b75d5-ee83-4794-8d04-a4e42412f346.roa (raw, json)
Hash identifier: Gyo5knJS2T/O6w8Vo1kir79wflVgDyemfagq/dsn4xM=
Subject key identifier: 81:76:B9:F6:33:46:08:06:C1:B7:3D:6C:16:86:25:B6:D7:EE:0A:ED
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C04ECCD86E246AB83F0545C9C3451C66B20EB36
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3f8b75d5-ee83-4794-8d04-a4e42412f346.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.48.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:04:ec:cd:86:e2:46:ab:83:f0:54:5c:9c:34:51:c6:6b:20:eb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7d:f2:04:48:65:9a:42:45:fd:35:fe:7f:60:
86:6c:aa:5f:14:64:ce:75:ee:e5:f9:34:9c:9e:72:
b8:c8:09:99:bd:23:7e:72:dd:2e:1e:9d:47:38:49:
bb:0b:69:45:6b:9f:73:34:f2:72:86:18:61:1a:88:
f3:42:b5:6f:b1:7d:72:a5:ad:0f:32:3d:ec:bc:af:
75:c1:db:85:d9:be:8b:77:77:eb:27:1b:12:bc:3d:
3b:28:d2:1e:91:03:46:7e:3c:cb:ac:90:50:ef:6f:
8d:94:40:83:53:a1:a1:48:2b:99:40:97:84:13:4a:
3d:a0:73:2a:09:20:50:69:c4:3f:11:7d:e5:f3:b5:
17:13:04:93:0e:4c:5c:96:96:db:b5:ba:bf:8c:d6:
5c:ac:c5:74:d6:10:4b:4e:b6:0a:44:59:79:72:ca:
c9:bd:77:5a:0a:37:18:ce:b6:22:f9:83:8c:3b:19:
23:5f:2d:eb:ef:b6:be:8f:f9:a0:f2:14:af:8b:2b:
a1:54:b8:6d:1e:8c:28:0a:25:2c:c5:25:af:fa:95:
36:3f:1a:70:28:80:03:e1:5c:87:d3:40:8a:16:73:
13:6e:f4:13:25:14:db:bb:70:89:50:74:45:cb:1c:
da:0e:3b:fd:40:be:ef:93:79:f2:8f:7f:c8:36:49:
93:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:76:B9:F6:33:46:08:06:C1:B7:3D:6C:16:86:25:B6:D7:EE:0A:ED
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3f8b75d5-ee83-4794-8d04-a4e42412f346.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
18:63:e4:46:bd:34:c8:3d:90:fc:5d:e3:30:28:fe:93:f3:cd:
18:9d:20:f2:4d:4e:e7:7a:53:1d:3f:fa:54:ff:0d:ee:55:79:
a0:28:79:4b:7b:5b:cb:f3:76:b7:c5:c6:24:1b:e8:bf:9d:ad:
4e:f8:c8:79:cb:12:01:5f:ea:e7:fb:6b:13:c6:7d:f1:8c:d1:
07:d3:ca:ae:55:43:6a:06:83:f5:46:e9:84:44:da:bf:c2:1b:
1e:10:1d:12:39:69:18:ac:4f:7e:87:b1:35:d0:f6:98:f4:ed:
99:8e:5d:9c:bd:0b:22:59:54:86:5b:5a:95:0b:60:93:0b:87:
72:35:52:74:34:d9:e6:da:36:85:69:0a:f9:1a:1f:b0:53:15:
6f:e4:8b:ad:c8:5e:ea:c7:a6:60:03:6e:61:6f:78:21:8c:f8:
d5:47:ac:f5:4d:3f:d7:db:a8:f0:21:e5:ee:b0:c3:a6:ee:fe:
fc:68:ea:72:8b:6a:5c:a8:02:2f:59:97:db:0a:43:fc:8f:af:
c9:a5:ba:32:f3:c9:fb:93:57:e6:03:df:c8:88:5b:4d:34:6a:
c4:3d:19:56:21:39:a3:e9:40:a7:8f:cd:5e:da:94:7e:85:df:
7e:94:b2:a5:31:01:8e:5c:2e:7e:35:bd:86:fd:4e:5c:1a:fc:
b7:d8:19:53
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHATszYbiRquD8FRcnDRRxmsg6zYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZDliOTFhMjg1MzQ3NmVjZGRiYTc3YmMxNzhhYzZmY2UzMTc5YWQ4ZGIy
ZGRkODgwMjFlOTZiYzBiODgyNDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJp98gRIZZpCRf01/n9ghmyqXxRkznXu5fk0nJ5yuMgJmb0jfnLdLh6dRzhJ
uwtpRWufczTycoYYYRqI80K1b7F9cqWtDzI97LyvdcHbhdm+i3d36ycbErw9OyjS
HpEDRn48y6yQUO9vjZRAg1OhoUgrmUCXhBNKPaBzKgkgUGnEPxF95fO1FxMEkw5M
XJaW27W6v4zWXKzFdNYQS062CkRZeXLKyb13Wgo3GM62IvmDjDsZI18t6++2vo/5
oPIUr4sroVS4bR6MKAolLMUlr/qVNj8acCiAA+Fch9NAihZzE270EyUU27twiVB0
Rcsc2g47/UC+75N58o9/yDZJk+8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSBdrn2
M0YIBsG3PWwWhiW21+4K7TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2Y4Yjc1ZDUtZWU4My00Nzk0LThkMDQtYTRlNDI0MTJmMzQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQAYY+RGvTTIPZD8XeMwKP6T880YnSDyTU7nelMdP/pU
/w3uVXmgKHlLe1vL83a3xcYkG+i/na1O+Mh5yxIBX+rn+2sTxn3xjNEH08quVUNq
BoP1RumERNq/whseEB0SOWkYrE9+h7E10PaY9O2Zjl2cvQsiWVSGW1qVC2CTC4dy
NVJ0NNnm2jaFaQr5Gh+wUxVv5IutyF7qx6ZgA25hb3ghjPjVR6z1TT/X26jwIeXu
sMOm7v78aOpyi2pcqAIvWZfbCkP8j6/Jpboy88n7k1fmA9/IiFtNNGrEPRlWITmj
6UCnj81e2pR+hd9+lLKlMQGOXC5+Nb2G/U5cGvy32BlT
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:57 2025 by rpki-client