Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
File: 4c110694-386d-49d5-9883-bd1723f43820.roa (raw, json)
Hash identifier: O/3IJyGCwRdBdx22fteQlkcWyiVCbsyj1EOhXR9UI5w=
Subject key identifier: 96:94:82:9D:B6:E7:DE:A3:8B:14:1B:01:C8:91:7D:7C:E6:46:5E:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F8AD607C9217C0C72BC024ED1C69A64F99FE36E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:8a:d6:07:c9:21:7c:0c:72:bc:02:4e:d1:c6:9a:64:f9:9f:e3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:ba:60:05:68:fa:0e:99:1b:2b:e5:96:ae:
63:cc:73:3e:46:a1:56:1b:05:72:d8:ca:c7:ea:b3:
bc:a9:e3:c9:3a:e1:28:f2:5b:ac:f1:fb:a4:c1:a0:
09:d6:12:3e:81:23:4d:a1:47:7e:78:db:45:28:45:
a0:e8:37:2b:f0:44:af:22:fa:07:07:a1:9d:60:61:
e9:96:6c:7d:e5:35:82:4f:3c:b7:60:06:95:93:da:
0b:e5:e1:42:65:fc:55:77:c3:97:96:f4:07:a8:a6:
55:5a:53:50:4a:81:d3:7f:6e:00:41:1f:55:35:1f:
50:37:d1:41:26:f2:88:6c:f0:33:ef:cf:16:2b:34:
15:f7:8f:37:65:34:b2:1b:68:21:ef:33:e1:04:2b:
64:56:ac:e0:bb:55:3a:c1:3d:fd:24:a4:6e:4e:16:
f0:53:5d:07:2f:b3:92:3b:e1:39:85:f8:67:02:b0:
0a:38:42:3f:5f:e0:d9:38:9f:1d:1e:64:22:32:d9:
ef:6a:91:5c:7c:86:be:00:7d:f7:13:83:ed:23:7c:
7a:71:27:8b:fd:84:ae:3a:16:33:31:4d:b4:0f:e4:
78:ac:3f:84:f8:6d:db:41:e4:0a:15:e9:50:9e:16:
52:01:f0:12:26:2b:b3:6e:f5:64:ec:f2:48:95:60:
b7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:94:82:9D:B6:E7:DE:A3:8B:14:1B:01:C8:91:7D:7C:E6:46:5E:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c8:81:cf:5a:48:4c:58:32:6b:f0:a1:9a:34:4b:ee:df:34:e0:
9f:aa:f3:30:af:4c:9a:77:37:96:56:ca:05:20:71:21:d4:38:
ba:e9:01:09:b1:43:93:83:66:02:52:ac:17:7e:04:e0:88:c6:
68:9f:e1:ab:74:96:6a:32:46:78:a9:e3:2c:3f:81:98:6c:10:
d2:09:2e:27:39:b7:cb:96:ce:84:6d:f9:f6:b4:34:39:ab:93:
c8:59:cb:17:a0:05:91:8a:37:fd:59:b2:78:19:3a:6d:26:78:
b0:12:55:b6:ce:6a:65:f8:cb:a6:4c:08:91:78:33:d1:8f:0a:
46:72:6f:b0:f2:3f:b4:a7:5f:c9:ea:96:31:d5:a8:44:d9:d1:
03:3f:81:8e:28:88:5b:6d:13:9c:c9:57:e7:36:24:47:dd:2a:
8e:fe:45:a5:c3:fc:47:37:8a:cf:5c:50:d8:bf:e5:41:f9:ed:
8e:7f:55:53:a8:a2:77:81:cc:51:fa:79:1f:01:82:e9:6b:c0:
25:b9:a5:f5:40:c0:17:1e:94:d2:89:6c:8b:37:5b:0c:e6:0a:
05:e1:58:55:3a:2c:79:8e:91:f2:a4:16:cb:d1:2e:57:1d:51:
28:6f:44:85:c3:8d:86:d6:08:81:00:e5:f6:6c:c5:34:d8:d9:
bb:44:b7:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX4rWB8khfAxyvAJO0caaZPmf424wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjODRmYWYyNTUzY2U3MjIzNDI1NTY2ODlhODE0Y2I5ODhlNGZjMDQ5ZDdm
NDUxZDE5ZmExOWFjYjBkNTFkZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0wumAFaPoOmRsr5ZauY8xzPkahVhsFctjKx+qzvKnjyTrhKPJbrPH7pMGg
CdYSPoEjTaFHfnjbRShFoOg3K/BEryL6BwehnWBh6ZZsfeU1gk88t2AGlZPaC+Xh
QmX8VXfDl5b0B6imVVpTUEqB039uAEEfVTUfUDfRQSbyiGzwM+/PFis0FfePN2U0
shtoIe8z4QQrZFas4LtVOsE9/SSkbk4W8FNdBy+zkjvhOYX4ZwKwCjhCP1/g2Tif
HR5kIjLZ72qRXHyGvgB99xOD7SN8enEni/2ErjoWMzFNtA/keKw/hPht20HkChXp
UJ4WUgHwEiYrs271ZOzySJVgt3UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSWlIKd
tufeo4sUGwHIkX185kZefzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGMxMTA2OTQtMzg2ZC00OWQ1LTk4ODMtYmQxNzIzZjQzODIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQDIgc9aSExYMmvwoZo0S+7fNOCfqvMwr0yadzeWVsoF
IHEh1Di66QEJsUOTg2YCUqwXfgTgiMZon+GrdJZqMkZ4qeMsP4GYbBDSCS4nObfL
ls6Ebfn2tDQ5q5PIWcsXoAWRijf9WbJ4GTptJniwElW2zmpl+MumTAiReDPRjwpG
cm+w8j+0p1/J6pYx1ahE2dEDP4GOKIhbbROcyVfnNiRH3SqO/kWlw/xHN4rPXFDY
v+VB+e2Of1VTqKJ3gcxR+nkfAYLpa8AluaX1QMAXHpTSiWyLN1sM5goF4VhVOix5
jpHypBbL0S5XHVEob0SFw42G1giBAOX2bMU02Nm7RLe7
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:14 2025 by rpki-client