Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
File: 5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa (raw, json)
Hash identifier: 3ghMLgg2h+QX0uU4J7MIJyouWM5StIZi20ckbAcrYHk=
Subject key identifier: FD:AD:0C:E1:0A:71:41:2A:BD:47:08:EA:DD:B3:70:00:B2:96:F5:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66F6794076E7FAD2D36F210CBB70296020F4F6A2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f6:79:40:76:e7:fa:d2:d3:6f:21:0c:bb:70:29:60:20:f4:f6:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7a:43:ed:fd:c7:89:df:a5:3b:9c:a2:8f:cc:
03:2d:60:67:24:9f:21:23:64:76:26:3b:b6:0c:f9:
f6:b4:12:c7:21:f5:71:8b:6f:97:ef:7b:21:fd:cd:
ee:a7:25:8d:da:07:4a:9c:d6:38:ed:66:fa:5f:76:
60:bb:bd:af:16:65:9a:40:37:a3:36:16:05:39:73:
28:cc:2d:0d:2b:94:90:df:3d:d4:25:e1:61:c9:6a:
5a:ee:b8:a2:a6:4b:f2:04:fe:a0:ca:77:5e:5c:ad:
9f:e9:d8:18:f8:06:9e:aa:e2:8b:d4:be:57:cf:51:
17:a8:c4:c8:28:93:50:41:b1:8a:10:22:bb:e8:a5:
97:96:1b:ea:4f:92:bf:7e:3d:ab:01:f6:ad:3a:4f:
37:a3:f9:2c:0a:b0:dc:e2:c6:9f:85:38:3b:8b:eb:
9c:8c:1c:14:63:ec:e1:c1:41:e6:79:f2:dd:ca:f6:
10:62:94:3a:ab:40:14:dc:6b:5e:c7:a9:df:3e:3e:
b0:02:97:77:5e:36:9c:dc:ba:ad:67:47:06:6f:9f:
15:b7:7b:14:ba:c4:f2:ea:32:78:97:54:88:86:c6:
05:b8:e8:23:41:31:97:4f:b4:f3:bf:48:dc:70:d5:
84:49:a8:58:f3:c4:99:08:8d:cc:14:bd:26:d5:a3:
65:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AD:0C:E1:0A:71:41:2A:BD:47:08:EA:DD:B3:70:00:B2:96:F5:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:fc:13:f8:3a:d6:aa:a6:e0:8d:6c:b5:f4:ea:6a:60:8c:f4:
02:09:91:e7:b0:bc:d6:20:fa:87:8f:b5:98:94:a7:97:e2:bf:
73:e5:f1:d3:68:80:bb:7a:e2:18:4d:3f:40:b7:34:ac:dd:dd:
bc:cb:2a:98:37:60:6a:90:84:16:2a:e2:e2:b3:58:95:7b:d9:
86:d0:50:ca:c2:76:f8:35:cf:9b:fa:2a:61:7d:54:09:46:d9:
88:32:ca:d3:23:12:34:5c:85:43:c3:0c:54:55:2c:4e:9b:0f:
9c:3d:03:68:26:1f:e4:86:6f:13:01:a7:14:5b:d5:7a:18:35:
0d:4d:dd:24:6d:77:95:a3:d0:d5:5b:2a:62:63:ac:d1:9a:42:
58:52:fd:cc:69:e0:a7:58:f2:c6:61:bb:61:a8:c1:ea:ab:c9:
ea:5e:15:76:1d:4a:7d:91:b0:a5:d3:e1:77:65:2c:03:c3:58:
30:41:10:0f:52:1c:0e:2d:5e:02:1e:4c:41:22:cf:39:1e:b3:
01:b7:62:6f:2a:0d:a7:99:7f:00:44:6c:59:f9:1d:e0:cf:e1:
10:b7:99:8e:8d:9d:be:7c:60:4b:99:16:48:6d:30:20:c5:8a:
44:77:be:e0:43:71:8b:dc:c2:16:8a:02:c2:fc:25:bf:b5:0f:
a8:77:99:04
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZvZ5QHbn+tLTbyEMu3ApYCD09qIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDIwMDAwMDBaFw0yNTAxMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMDNlZjFlNTkwYmU1M2NiOTY2MzAxMWUzYWIxNjk2ODg2ZDY5NzIwNDU1
YTJlZTBlOGJjZWI5ZDk0ZTRhMDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALB6Q+39x4nfpTucoo/MAy1gZySfISNkdiY7tgz59rQSxyH1cYtvl+97If3N
7qcljdoHSpzWOO1m+l92YLu9rxZlmkA3ozYWBTlzKMwtDSuUkN891CXhYclqWu64
oqZL8gT+oMp3Xlytn+nYGPgGnqrii9S+V89RF6jEyCiTUEGxihAiu+ill5Yb6k+S
v349qwH2rTpPN6P5LAqw3OLGn4U4O4vrnIwcFGPs4cFB5nny3cr2EGKUOqtAFNxr
Xsep3z4+sAKXd142nNy6rWdHBm+fFbd7FLrE8uoyeJdUiIbGBbjoI0Exl0+0879I
3HDVhEmoWPPEmQiNzBS9JtWjZYkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT9rQzh
CnFBKr1HCOrds3AAspb1+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWE3YWY4Y2ItNWNmYS00OTE0LTk2NWUtNWU2YTRiOGMxNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQAB/BP4OtaqpuCNbLX06mpgjPQCCZHnsLzWIPqHj7WY
lKeX4r9z5fHTaIC7euIYTT9AtzSs3d28yyqYN2BqkIQWKuLis1iVe9mG0FDKwnb4
Nc+b+iphfVQJRtmIMsrTIxI0XIVDwwxUVSxOmw+cPQNoJh/khm8TAacUW9V6GDUN
Td0kbXeVo9DVWypiY6zRmkJYUv3MaeCnWPLGYbthqMHqq8nqXhV2HUp9kbCl0+F3
ZSwDw1gwQRAPUhwOLV4CHkxBIs85HrMBt2JvKg2nmX8ARGxZ+R3gz+EQt5mOjZ2+
fGBLmRZIbTAgxYpEd77gQ3GL3MIWigLC/CW/tQ+od5kE
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:14 2025 by rpki-client