Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
File: 49e55691-07d2-4a06-87d9-31acb51cef86.roa (raw, json)
Hash identifier: gyeBji8e7XtyaF+1N8HVYwklutlG43JbOsbGXxerZOo=
Subject key identifier: DA:D1:46:C8:1B:48:32:1E:FD:05:F2:A7:40:F6:20:CD:00:CA:83:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A4AE4E481C90168312A2FD7C05806BB0416A9E0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:4a:e4:e4:81:c9:01:68:31:2a:2f:d7:c0:58:06:bb:04:16:a9:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e0:17:80:63:c9:4c:2a:9c:d9:c3:eb:2f:55:
1f:6a:61:96:ae:03:6a:70:10:19:ee:d8:34:ad:53:
17:0d:7a:40:88:8f:0f:fd:0b:54:33:52:50:1e:48:
f6:9c:37:22:f9:d2:25:03:b1:ee:cc:9d:86:c3:bb:
bf:6e:2f:b3:f3:fd:25:14:a8:df:24:80:a7:a5:29:
46:0d:6e:ca:cd:14:92:cc:0f:40:0f:05:47:00:24:
df:5c:83:48:95:42:c0:f9:fc:4a:3a:5c:41:ab:74:
13:76:91:58:aa:da:cf:a5:06:da:1a:c7:51:8a:96:
4a:6b:86:8f:cd:b1:68:67:a2:5b:f1:36:fb:01:0d:
39:15:18:1d:29:2c:da:da:7e:70:61:43:6e:68:bc:
5c:2a:f5:79:b3:2d:95:42:b2:84:f5:84:65:5f:83:
a7:76:2c:50:31:e4:65:6c:61:0d:11:b0:bf:85:17:
3d:8f:f8:15:a1:a9:2c:51:75:ec:7a:24:91:f7:cc:
33:de:23:58:b4:92:eb:af:8f:7c:48:11:f6:e9:ee:
7d:44:c1:cf:04:af:ce:23:6f:b2:e3:9d:1a:98:16:
79:03:b1:39:b2:e1:40:63:14:eb:28:c8:79:d8:56:
d6:83:16:78:6b:a9:f0:30:43:b3:27:ab:74:e8:bc:
a3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D1:46:C8:1B:48:32:1E:FD:05:F2:A7:40:F6:20:CD:00:CA:83:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
62:48:81:8b:0e:c4:f3:91:39:83:c4:a8:3f:ab:96:ed:6e:92:
60:68:94:9a:ca:16:97:cc:5a:5e:05:5b:11:01:70:64:0a:e0:
44:80:d8:31:6e:25:d1:92:f3:fe:98:77:4c:1d:0c:f8:02:96:
b7:f3:f9:84:8a:3a:df:b5:79:ba:5b:16:04:c9:b5:d3:74:83:
c6:05:d5:ee:82:fb:08:1c:66:53:e4:39:86:24:33:cd:10:95:
f0:9b:e3:7c:be:44:34:8e:00:0e:a8:3a:30:d1:7b:7d:57:d7:
91:54:ec:a4:03:5e:d7:c2:0f:d9:26:f7:7d:5a:38:8c:b4:ea:
c3:b1:77:98:10:46:45:df:5c:c5:6a:43:17:c0:26:81:c7:43:
4d:d7:49:10:4e:8b:f2:7b:07:aa:17:5e:04:02:a3:64:b0:83:
5d:bd:61:dd:e3:3d:12:e8:f5:78:63:e9:85:1c:4a:fd:f2:cd:
5a:29:7d:24:c0:09:87:c4:41:18:5e:e8:0c:0c:cc:03:80:30:
84:39:df:2a:9a:67:9d:19:ba:df:74:2c:1e:86:63:d2:10:80:
c1:68:2c:18:28:36:39:95:c5:8c:1b:f8:4e:cc:c5:83:04:b9:
44:f0:8b:ed:18:b1:c9:09:49:ed:f9:cd:a2:ae:64:fc:b9:41:
ce:db:7b:16
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGkrk5IHJAWgxKi/XwFgGuwQWqeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNjZhMmFiYjE0ZWE5NDAzMzE3MTU3MTFlMjQ0ZDdhMzEzNjFlMjM4ZTJl
MjE4NmUyMTAwZDI5OWYzMTU0YzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDgF4BjyUwqnNnD6y9VH2phlq4DanAQGe7YNK1TFw16QIiPD/0LVDNSUB5I
9pw3IvnSJQOx7sydhsO7v24vs/P9JRSo3ySAp6UpRg1uys0UkswPQA8FRwAk31yD
SJVCwPn8SjpcQat0E3aRWKraz6UG2hrHUYqWSmuGj82xaGeiW/E2+wENORUYHSks
2tp+cGFDbmi8XCr1ebMtlUKyhPWEZV+Dp3YsUDHkZWxhDRGwv4UXPY/4FaGpLFF1
7HokkffMM94jWLSS66+PfEgR9unufUTBzwSvziNvsuOdGpgWeQOxObLhQGMU6yjI
edhW1oMWeGup8DBDsyerdOi8o/sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTa0UbI
G0gyHv0F8qdA9iDNAMqDBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDllNTU2OTEtMDdkMi00YTA2LTg3ZDktMzFhY2I1MWNlZjg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQBiSIGLDsTzkTmDxKg/q5btbpJgaJSayhaXzFpeBVsR
AXBkCuBEgNgxbiXRkvP+mHdMHQz4Apa38/mEijrftXm6WxYEybXTdIPGBdXugvsI
HGZT5DmGJDPNEJXwm+N8vkQ0jgAOqDow0Xt9V9eRVOykA17Xwg/ZJvd9WjiMtOrD
sXeYEEZF31zFakMXwCaBx0NN10kQTovyeweqF14EAqNksINdvWHd4z0S6PV4Y+mF
HEr98s1aKX0kwAmHxEEYXugMDMwDgDCEOd8qmmedGbrfdCwehmPSEIDBaCwYKDY5
lcWMG/hOzMWDBLlE8IvtGLHJCUnt+c2irmT8uUHO23sW
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:43 2025 by rpki-client