Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
File: 4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa (raw, json)
Hash identifier: XG6+WVp0zl6v7JLvDynhFm92T6G+45ia/dXTgGPXzFE=
Subject key identifier: 05:96:9E:05:19:36:C9:72:2A:CF:01:FA:EA:B1:87:C7:84:17:E2:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 179B8DD4DE508F5B78A35791F998535AB0FD5497
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
Signing time: Mon 25 Nov 2024 00:00:00 +0000
ROA not before: Mon 25 Nov 2024 00:00:00 +0000
ROA not after: Mon 30 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:9b:8d:d4:de:50:8f:5b:78:a3:57:91:f9:98:53:5a:b0:fd:54:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 25 00:00:00 2024 GMT
Not After : Dec 30 23:59:59 2024 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:aa:b3:f1:34:23:69:ad:cf:5c:d0:02:ef:ea:
8c:c9:0c:27:ef:53:2c:97:81:55:c8:77:7c:4f:17:
ee:bb:00:17:6d:1d:f5:d6:42:38:0e:1b:f4:8c:cf:
9b:3d:90:08:4b:8d:b3:34:a5:16:d1:b7:f8:4a:0e:
eb:46:58:86:47:99:9a:52:3f:30:0c:7c:90:bb:ac:
d2:41:11:ec:ae:26:56:92:d5:51:48:82:b9:84:9d:
ec:db:4d:25:b9:e4:26:dd:a9:04:e5:b3:58:68:dc:
3a:ed:59:ed:ba:2e:d9:8e:78:0e:18:29:b3:9a:5e:
55:e5:a8:03:29:e3:1f:bf:92:a6:b7:c6:e1:57:a1:
c4:25:d5:3a:96:ae:7b:bf:4e:aa:00:54:d0:af:37:
f0:0e:0a:cd:a3:f9:fb:9f:05:9f:15:17:ee:6a:cb:
db:42:b8:00:0a:8e:e7:d7:98:e8:8e:3e:d6:d3:86:
73:34:96:39:9f:8f:36:50:08:74:31:f7:ce:6c:6b:
bf:a3:92:5f:9e:69:ff:fc:78:cb:5f:37:76:5e:51:
d5:f9:3b:13:29:8d:b2:52:c6:17:06:2c:f1:75:d4:
52:cd:c1:6e:30:12:95:b6:de:b5:da:62:1a:82:8b:
3d:55:b3:4b:22:84:4d:b6:8e:02:2f:2b:a8:ba:4e:
03:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:96:9E:05:19:36:C9:72:2A:CF:01:FA:EA:B1:87:C7:84:17:E2:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:6f:ec:72:fd:fa:8c:45:f6:e0:9a:01:f1:29:8c:b6:c6:59:
ca:d1:d2:ab:0e:27:84:02:d6:a4:2f:95:22:a3:11:cc:26:fb:
f0:08:96:cd:8d:94:db:55:97:b6:b8:5e:bc:9f:c3:c0:c2:e6:
65:8b:89:74:ea:63:ab:0b:e5:5b:d1:41:fc:62:cb:c9:18:5e:
f7:32:20:a0:27:a3:e5:ee:74:e2:29:a7:99:30:ac:e8:92:7d:
d1:9f:1e:d8:9a:a3:54:71:26:68:d8:2c:26:b0:81:ed:4a:e7:
84:87:61:ee:59:b1:74:c1:2f:66:9b:3a:0a:d6:8c:40:af:a4:
72:a1:0e:0d:be:4c:1f:6f:df:14:64:62:4f:11:ed:5b:6e:fd:
f9:9f:07:ce:eb:e3:04:21:22:72:79:21:34:33:a5:68:ac:54:
15:cf:69:9a:f3:a4:ac:44:a9:52:63:90:c7:b4:f2:d3:47:e2:
a6:57:e3:87:49:65:53:98:13:e3:da:29:dc:26:61:ed:08:5b:
30:f8:9e:89:67:e8:7f:2e:a2:1d:a6:8c:9c:19:14:ea:63:2a:
8c:94:3b:9f:c1:42:90:a5:91:74:10:9d:a3:84:23:c5:ac:ff:
45:c8:2f:0f:2c:3c:75:56:1a:40:29:61:dd:f9:29:17:d2:30:
9c:44:af:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF5uN1N5Qj1t4o1eR+ZhTWrD9VJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjUwMDAwMDBaFw0yNDEyMzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZGE0ODRiYTY2NGJiNDhjOGEyYWJjMTc3Nzc0NTA3ODQ5OWIzMmFhNzYx
N2VkYTllYzZiY2Y3YzBiMmI0MjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOmqs/E0I2mtz1zQAu/qjMkMJ+9TLJeBVch3fE8X7rsAF20d9dZCOA4b9IzP
mz2QCEuNszSlFtG3+EoO60ZYhkeZmlI/MAx8kLus0kER7K4mVpLVUUiCuYSd7NtN
JbnkJt2pBOWzWGjcOu1Z7bou2Y54Dhgps5peVeWoAynjH7+SprfG4VehxCXVOpau
e79OqgBU0K838A4KzaP5+58FnxUX7mrL20K4AAqO59eY6I4+1tOGczSWOZ+PNlAI
dDH3zmxrv6OSX55p//x4y183dl5R1fk7EymNslLGFwYs8XXUUs3BbjASlbbetdpi
GoKLPVWzSyKETbaOAi8rqLpOA5MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFlp4F
GTbJcirPAfrqsYfHhBfiijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGIyYjkwZGItYjFjZS00YmE5LWE4YmItMTc0OTIzZjU1NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBYb+xy/fqMRfbgmgHxKYy2xlnK0dKrDieEAtakL5Ui
oxHMJvvwCJbNjZTbVZe2uF68n8PAwuZli4l06mOrC+Vb0UH8YsvJGF73MiCgJ6Pl
7nTiKaeZMKzokn3Rnx7YmqNUcSZo2CwmsIHtSueEh2HuWbF0wS9mmzoK1oxAr6Ry
oQ4Nvkwfb98UZGJPEe1bbv35nwfO6+MEISJyeSE0M6VorFQVz2ma86SsRKlSY5DH
tPLTR+KmV+OHSWVTmBPj2incJmHtCFsw+J6JZ+h/LqIdpoycGRTqYyqMlDufwUKQ
pZF0EJ2jhCPFrP9FyC8PLDx1VhpAKWHd+SkX0jCcRK+A
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:41 2025 by rpki-client