Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
File: 62b77dbe-d122-43ba-a2b6-ab9120df0176.roa (raw, json)
Hash identifier: jkgIb9dXtiJpr6ZDjGJjdex+DYc90XmcrRA+Cycbjr0=
Subject key identifier: D2:05:75:41:C6:68:46:AB:E4:53:F7:C6:22:80:DA:28:38:B7:1B:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D1FBAF75D4C4E783F696340139AA0A581CB3CC6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:1f:ba:f7:5d:4c:4e:78:3f:69:63:40:13:9a:a0:a5:81:cb:3c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:10:59:84:e2:e4:21:c5:8d:87:4f:8a:ad:ce:
12:cd:7a:13:2d:36:59:5e:f5:e7:e7:25:de:fd:21:
93:71:2c:3e:3f:69:fd:99:b3:87:3d:dc:c7:43:d8:
e6:f5:a8:eb:d4:83:a7:57:40:7e:56:5a:ff:78:67:
a9:1c:3b:b4:ba:c6:bb:76:e9:9d:a6:3c:b8:01:ef:
f6:14:03:5d:4c:ee:74:08:0a:7b:06:ef:87:a3:88:
b1:fd:c2:14:97:5a:da:47:4e:f3:dc:f6:5a:d0:fc:
94:93:c9:df:1f:1f:91:3d:ce:fc:4c:ee:09:2d:d4:
ec:a1:4f:58:8e:de:4c:2f:64:d1:e2:0c:6b:4f:2a:
e1:73:1d:83:4a:88:b9:28:42:26:58:a9:de:42:44:
53:ed:92:3f:b2:13:39:b0:9d:8c:7a:c6:a5:cf:ea:
43:72:c4:c6:b2:56:34:ce:e3:cd:ed:08:92:92:da:
a2:6c:89:66:5f:d6:eb:f1:48:6f:03:d3:c8:95:ec:
1a:44:a9:27:02:6f:92:f8:4a:74:0e:1d:2e:90:d0:
3c:2d:ac:16:b4:e7:ac:f1:10:8a:f8:22:cd:49:ce:
99:32:90:15:ef:1f:c0:ba:15:aa:eb:25:dc:1d:9c:
8b:1f:d9:21:bd:cd:b8:46:c4:d3:64:c6:87:40:cb:
92:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:05:75:41:C6:68:46:AB:E4:53:F7:C6:22:80:DA:28:38:B7:1B:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
61:98:c2:d7:30:e9:13:0e:c4:90:f5:e1:c9:5f:19:a8:c6:95:
45:26:cb:29:b5:84:28:68:47:b9:ba:fe:f3:33:76:ee:4a:b5:
1d:0f:ef:3c:43:86:cb:77:fb:bb:a0:e2:e2:74:22:a9:32:74:
96:cd:20:ea:0a:f8:c7:4c:ed:5e:fb:fd:12:a5:32:5b:9d:78:
a0:19:7f:ab:4b:2e:d8:e2:4a:c8:6b:06:07:49:81:ef:16:27:
99:5f:af:49:b3:c1:57:de:40:d8:48:0e:fe:ff:d5:08:2e:07:
06:8d:38:d9:af:93:c3:64:10:f8:cb:9c:c5:19:17:20:ff:09:
08:25:65:2d:b7:27:0f:e0:ff:53:b2:ff:74:11:9a:51:d8:05:
1f:4e:da:5b:73:9f:25:80:99:0b:eb:35:ba:9a:42:d5:dc:4e:
7d:6e:2f:d8:a8:1c:e3:51:b7:50:0d:58:14:35:ea:c1:bd:aa:
e9:68:e8:b5:70:b5:73:53:48:aa:ac:a1:7c:d9:53:15:ad:ca:
c5:96:08:d9:e3:db:bd:6c:23:db:a6:65:b2:5d:af:ae:b7:88:
c8:34:0f:88:ae:48:03:60:b0:a7:4b:4f:a8:a1:53:a3:fd:6b:
75:b0:8b:5a:36:71:3c:82:a6:9a:90:70:f3:27:29:a4:b8:5c:
cb:fd:68:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULR+6911MTng/aWNAE5qgpYHLPMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YWFmNmE0NzNhYTJmZDFmMzIzYzBmN2E4NDQ5MWEyY2E4ODBkMjlhZTJm
YmVmOGY3NTRkYzU5OTU4Mzk2MWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0QWYTi5CHFjYdPiq3OEs16Ey02WV715+cl3v0hk3EsPj9p/Zmzhz3cx0PY
5vWo69SDp1dAflZa/3hnqRw7tLrGu3bpnaY8uAHv9hQDXUzudAgKewbvh6OIsf3C
FJda2kdO89z2WtD8lJPJ3x8fkT3O/EzuCS3U7KFPWI7eTC9k0eIMa08q4XMdg0qI
uShCJlip3kJEU+2SP7ITObCdjHrGpc/qQ3LExrJWNM7jze0IkpLaomyJZl/W6/FI
bwPTyJXsGkSpJwJvkvhKdA4dLpDQPC2sFrTnrPEQivgizUnOmTKQFe8fwLoVqusl
3B2cix/ZIb3NuEbE02TGh0DLkv8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTSBXVB
xmhGq+RT98YigNooOLcb5DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjJiNzdkYmUtZDEyMi00M2JhLWEyYjYtYWI5MTIwZGYwMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBhmMLXMOkTDsSQ9eHJXxmoxpVFJssptYQoaEe5uv7z
M3buSrUdD+88Q4bLd/u7oOLidCKpMnSWzSDqCvjHTO1e+/0SpTJbnXigGX+rSy7Y
4krIawYHSYHvFieZX69Js8FX3kDYSA7+/9UILgcGjTjZr5PDZBD4y5zFGRcg/wkI
JWUttycP4P9Tsv90EZpR2AUfTtpbc58lgJkL6zW6mkLV3E59bi/YqBzjUbdQDVgU
NerBvarpaOi1cLVzU0iqrKF82VMVrcrFlgjZ49u9bCPbpmWyXa+ut4jINA+IrkgD
YLCnS0+ooVOj/Wt1sItaNnE8gqaakHDzJymkuFzL/Wgj
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:37:17 2025 by rpki-client