Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
File: 4305fc8e-966f-4fac-88dd-b53410014e6b.roa (raw, json)
Hash identifier: K0j4n2JMRlEkZ3Ci1khC0Dxn1Vl4vZ5fWbb3JOuW77M=
Subject key identifier: 64:CA:F4:DE:81:1A:EA:5D:7C:56:4B:A2:AD:E5:67:8E:F6:15:BF:65
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E786E1B4B55D6668A567586D4EA25D28B2EFE85
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:78:6e:1b:4b:55:d6:66:8a:56:75:86:d4:ea:25:d2:8b:2e:fe:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0f:ce:bd:47:57:c5:2f:53:79:de:be:93:c9:
b7:29:fc:3b:97:66:ba:a7:be:9c:e7:71:3d:da:9d:
2c:94:6e:a6:1d:f2:48:e8:fa:b5:7c:5a:6f:aa:5e:
75:60:b2:76:32:5f:3a:88:53:dd:3f:58:cc:3d:e4:
2c:c2:bf:f9:3e:f0:90:b5:a6:20:ac:c1:18:2a:00:
7e:51:d1:7a:b5:3c:f0:3a:37:35:39:89:80:a8:ad:
0e:ec:80:27:e9:3b:f4:67:59:0e:97:16:e8:ec:21:
ea:61:f7:c4:ce:be:ca:c0:35:4e:30:04:c9:56:f0:
84:2f:d7:f8:7a:63:d2:0c:f3:12:b5:20:2f:ba:f5:
73:57:27:4b:b0:78:84:49:42:78:df:ba:2b:d2:3b:
f6:ac:f1:27:12:29:fc:88:ce:23:25:6b:6b:17:8b:
90:56:04:8b:d7:ba:77:c7:77:4f:63:f4:ae:2c:97:
2c:a5:e1:cc:03:3e:9e:c3:83:bc:6f:34:b2:82:b4:
c8:99:79:a9:1c:43:af:d8:a5:05:7c:66:98:95:96:
61:9d:d3:1d:e7:f7:9c:6b:4b:a7:6c:0c:00:a2:5b:
c3:98:0d:44:91:52:55:31:9d:89:0b:87:c8:5a:03:
e7:5e:db:03:f5:dd:2f:97:29:91:fa:1e:d5:a8:b1:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CA:F4:DE:81:1A:EA:5D:7C:56:4B:A2:AD:E5:67:8E:F6:15:BF:65
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
21:77:30:38:6c:50:ed:bf:92:d5:aa:cd:00:e5:ea:c5:49:56:
46:85:02:a6:08:da:de:fb:6b:0a:a5:0d:b3:62:c9:b3:a9:73:
5b:86:1c:81:f5:3e:c1:ca:31:b9:fe:1f:2a:bd:7a:93:2c:4c:
34:2b:c7:78:54:fc:a6:ad:ce:ce:db:a0:39:dc:f6:6f:54:38:
07:38:79:f3:4e:39:2c:ef:cc:6a:0c:3d:f3:07:3d:72:6c:e0:
c7:c1:45:03:64:72:f1:83:51:22:53:9d:df:0f:82:cb:b9:d1:
51:f2:03:a9:a7:df:74:50:43:3b:2b:6a:e0:f6:38:e5:62:10:
79:24:51:35:0c:9e:d2:a6:b4:0d:44:eb:b8:fa:8f:0c:5c:52:
f3:24:31:57:6f:b1:31:d3:b8:52:39:99:82:d9:0f:4b:07:30:
23:d1:94:63:32:6b:ef:58:f6:a9:36:40:1b:33:d8:d8:cb:f6:
29:13:43:e0:b6:af:90:ab:db:b4:28:52:72:ed:52:9c:02:d9:
a7:8b:11:f7:fa:75:00:44:bb:f8:94:fa:23:7a:9a:d0:24:19:
1d:66:71:61:e6:98:a3:ef:19:51:6b:e5:3e:c6:62:a1:fa:b1:
57:4e:0c:95:89:e2:b4:82:d0:26:0a:62:46:d9:90:27:67:f2:
43:f6:0c:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHnhuG0tV1maKVnWG1Ool0osu/oUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkMjFmODA4Y2Y1ZDgwZWE3Mzc2NWUzZjNlMDU4YTllODVkMTI3OWIwMDRm
NmFkN2YxY2NmYzQwMThkYzMwZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIPzr1HV8UvU3nevpPJtyn8O5dmuqe+nOdxPdqdLJRuph3ySOj6tXxab6pe
dWCydjJfOohT3T9YzD3kLMK/+T7wkLWmIKzBGCoAflHRerU88Do3NTmJgKitDuyA
J+k79GdZDpcW6Owh6mH3xM6+ysA1TjAEyVbwhC/X+Hpj0gzzErUgL7r1c1cnS7B4
hElCeN+6K9I79qzxJxIp/IjOIyVraxeLkFYEi9e6d8d3T2P0riyXLKXhzAM+nsOD
vG80soK0yJl5qRxDr9ilBXxmmJWWYZ3THef3nGtLp2wMAKJbw5gNRJFSVTGdiQuH
yFoD517bA/XdL5cpkfoe1aiximsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRkyvTe
gRrqXXxWS6Kt5WeO9hW/ZTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDMwNWZjOGUtOTY2Zi00ZmFjLTg4ZGQtYjUzNDEwMDE0ZTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQAhdzA4bFDtv5LVqs0A5erFSVZGhQKmCNre+2sKpQ2z
YsmzqXNbhhyB9T7ByjG5/h8qvXqTLEw0K8d4VPymrc7O26A53PZvVDgHOHnzTjks
78xqDD3zBz1ybODHwUUDZHLxg1EiU53fD4LLudFR8gOpp990UEM7K2rg9jjlYhB5
JFE1DJ7SprQNROu4+o8MXFLzJDFXb7Ex07hSOZmC2Q9LBzAj0ZRjMmvvWPapNkAb
M9jYy/YpE0Pgtq+Qq9u0KFJy7VKcAtmnixH3+nUARLv4lPojeprQJBkdZnFh5pij
7xlRa+U+xmKh+rFXTgyVieK0gtAmCmJG2ZAnZ/JD9gz/
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:13 2025 by rpki-client