Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa
File: 440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa (raw, json)
Hash identifier: iNbUcUhERRjyjGsAR7EJCfZPN9gGYCXSvt0sV4vhYdk=
Subject key identifier: 44:3D:62:8C:B6:1D:5F:33:84:FF:0F:B0:54:AD:40:FD:07:27:2D:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 473D50892993C6833CB8710FD1A5A2AAF756F9F2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.48.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:3d:50:89:29:93:c6:83:3c:b8:71:0f:d1:a5:a2:aa:f7:56:f9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:02:dd:cf:3b:6b:64:fb:e9:f4:c3:ea:e8:ec:
ae:bf:47:d3:2d:e1:05:76:20:2f:b4:ef:d1:c5:38:
3d:cb:98:74:df:41:8a:4e:3f:aa:2d:78:cd:7f:90:
76:02:34:b4:7b:5d:73:f9:78:15:04:38:b3:f8:c3:
0d:4c:7a:11:d0:eb:d7:26:09:4c:fa:41:b9:97:55:
dc:69:d9:1c:a9:a3:a7:f4:6c:a4:bb:ab:bd:e9:33:
58:91:77:df:0d:a7:85:70:9d:1a:df:0c:00:aa:46:
fe:d8:99:86:cb:ee:79:a6:dc:08:40:67:de:96:20:
20:a3:c6:13:48:57:6b:84:4f:e5:db:13:6f:93:47:
40:f0:1b:ed:4a:e6:9a:b6:ab:37:dd:3b:1c:96:e8:
25:5f:5c:f6:8d:cd:eb:2f:fe:56:a7:1c:fd:c5:a2:
9c:dd:28:44:58:d7:87:29:80:a5:4c:c1:75:39:ba:
ce:e3:6b:86:d1:3f:df:c6:35:19:24:42:52:e0:ca:
aa:1c:5b:47:cd:c0:84:52:81:d4:e9:85:99:5f:7f:
ea:44:42:1f:53:af:73:e7:d3:b5:3e:f1:31:10:95:
ad:1c:3c:20:d9:7e:e9:e8:c6:16:d5:d6:d9:cf:dc:
ae:7e:d9:09:f8:84:68:4f:ca:b9:1c:1d:9c:14:2d:
21:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:3D:62:8C:B6:1D:5F:33:84:FF:0F:B0:54:AD:40:FD:07:27:2D:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b1:2e:c6:13:b9:dc:8c:8a:d9:57:9a:9a:8f:f5:5e:18:f8:eb:
8f:db:98:0d:78:37:e5:04:85:1f:2d:5e:b4:d0:4e:25:e7:70:
2b:9b:b7:77:06:88:7c:e7:4b:e8:bd:e3:96:f4:e8:1e:c7:64:
5e:03:2c:c7:69:ee:6b:96:11:a1:f5:27:76:0d:0a:ce:22:80:
00:aa:df:92:43:75:0f:d7:9a:05:f0:e4:6a:3e:6c:62:7e:f1:
97:71:62:21:a3:af:ec:0e:2a:d6:61:d9:fd:07:ee:6d:90:3a:
e9:9f:c7:bc:82:88:48:02:27:63:12:08:47:fd:93:f0:57:c1:
f4:36:d9:84:4a:db:e2:b0:92:05:bb:52:73:60:e4:53:0b:db:
c2:17:cd:9b:70:e3:e2:4b:15:00:dc:ce:06:29:1f:01:0b:47:
77:f1:d5:d8:a6:26:c6:28:c5:08:62:b7:c3:49:1c:6c:0a:f4:
68:32:1a:39:d3:be:44:a3:f8:82:90:cf:13:4c:9b:67:a2:d0:
65:65:58:04:34:ba:a6:b0:0c:b5:f1:e8:6e:a6:ab:00:ab:b5:
27:b6:a8:64:35:6d:5c:fe:e8:34:ba:31:81:51:07:d9:2f:d2:
ae:53:84:83:0d:4f:65:c4:20:49:83:7f:85:3f:cc:22:36:29:
a8:44:91:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURz1QiSmTxoM8uHEP0aWiqvdW+fIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyYmM3ZDk4ZDJkNzVkZTE5OTFiZmE0ZDljZWZlZmFmYzljY2M4Nzc5Yzhh
OGZkZDhkM2MzN2UzZjdmZDk2NjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEC3c87a2T76fTD6ujsrr9H0y3hBXYgL7Tv0cU4PcuYdN9Bik4/qi14zX+Q
dgI0tHtdc/l4FQQ4s/jDDUx6EdDr1yYJTPpBuZdV3GnZHKmjp/RspLurvekzWJF3
3w2nhXCdGt8MAKpG/tiZhsvueabcCEBn3pYgIKPGE0hXa4RP5dsTb5NHQPAb7Urm
mrarN907HJboJV9c9o3N6y/+Vqcc/cWinN0oRFjXhymApUzBdTm6zuNrhtE/38Y1
GSRCUuDKqhxbR83AhFKB1OmFmV9/6kRCH1Ovc+fTtT7xMRCVrRw8INl+6ejGFtXW
2c/crn7ZCfiEaE/KuRwdnBQtIb0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBREPWKM
th1fM4T/D7BUrUD9ByctbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQwYzAwZmMtZjBmOS00M2ZkLWJkMDktMWYxZDkxNmY1NGZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQCxLsYTudyMitlXmpqP9V4Y+OuP25gNeDflBIUfLV60
0E4l53Arm7d3Boh850voveOW9Ogex2ReAyzHae5rlhGh9Sd2DQrOIoAAqt+SQ3UP
15oF8ORqPmxifvGXcWIho6/sDirWYdn9B+5tkDrpn8e8gohIAidjEghH/ZPwV8H0
NtmEStvisJIFu1JzYORTC9vCF82bcOPiSxUA3M4GKR8BC0d38dXYpibGKMUIYrfD
SRxsCvRoMho5075Eo/iCkM8TTJtnotBlZVgENLqmsAy18ehupqsAq7UntqhkNW1c
/ug0ujGBUQfZL9KuU4SDDU9lxCBJg3+FP8wiNimoRJGC
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:38 2025 by rpki-client