Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
File: 65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa (raw, json)
Hash identifier: f+djNyngM6YHmqDlygIJg33qzCOZE1mjEcpLzGG6Wks=
Subject key identifier: B8:A4:84:A6:3C:63:05:BF:9E:21:8F:20:52:06:3B:56:DE:0B:D2:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 208E8B7797A1116C610474B9508264FC7D768042
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:8e:8b:77:97:a1:11:6c:61:04:74:b9:50:82:64:fc:7d:76:80:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3b:61:b8:83:df:5a:bd:8f:c6:7e:77:60:88:
55:c6:a7:51:96:f7:03:d5:cf:f7:7b:1b:62:73:a0:
63:10:b7:c6:67:e9:12:77:3b:1c:d7:8e:ff:02:8d:
b3:a6:b4:20:94:7f:4e:cf:1d:9c:e6:ee:8e:62:9e:
34:d5:f2:91:68:6b:c8:99:7f:dc:37:0f:e2:1e:ad:
5b:6f:a4:ef:4e:81:17:dd:9e:3b:de:2f:62:54:50:
49:73:4a:bf:13:63:1b:97:1b:cf:d4:f1:70:a4:d2:
cf:67:2f:d4:5e:3d:5c:92:8e:0f:eb:e0:1a:d5:10:
dc:76:e7:78:86:3d:f9:71:ea:f7:c1:be:68:06:1a:
29:d5:47:c8:96:cb:24:54:18:63:c8:5b:aa:4d:c4:
19:dd:89:7d:4a:36:dc:70:6b:f6:4f:ca:df:ca:9f:
af:27:98:5b:64:73:1a:df:53:5c:8b:d0:ae:b6:3e:
5a:8e:50:d0:fc:4d:28:bf:5c:50:af:3a:64:89:ae:
30:d1:25:2b:b7:cb:88:a0:8d:16:0f:ac:a1:ed:f9:
d4:1b:25:52:3a:30:a8:29:a6:86:da:49:4d:5e:35:
8c:5e:65:0c:ff:46:53:f9:36:87:98:50:81:ac:70:
1d:fb:d4:80:2e:a7:5a:0b:e2:dd:ad:ce:b5:bf:d6:
7e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A4:84:A6:3C:63:05:BF:9E:21:8F:20:52:06:3B:56:DE:0B:D2:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
c0:0f:d0:a2:4c:b8:8c:46:22:12:7f:d8:62:be:dd:f5:df:95:
8d:cd:61:3e:96:e1:5d:88:29:3a:6d:82:c4:0a:1d:b7:71:d2:
d2:e6:b2:31:43:6c:77:c3:61:b5:9f:48:bc:0e:11:35:b8:9e:
b8:c8:0f:c6:a8:35:cb:84:01:3d:db:bc:b7:51:50:59:8d:91:
2a:92:96:89:35:a9:62:11:ac:b8:0b:e4:3c:d0:d8:0e:00:2e:
81:6b:b9:b4:42:1f:63:ec:57:c2:16:d8:ce:2d:b7:1c:ca:30:
73:88:89:69:13:41:cd:c1:7f:fa:e9:9c:17:76:6a:99:e2:d8:
d4:44:59:b6:05:e9:4b:91:2c:02:f8:9e:5a:9b:c4:00:e9:75:
cc:08:11:0a:31:65:8d:0b:bb:c9:90:b9:cf:e1:d7:88:8d:6a:
ee:a1:ca:99:6f:68:f4:6b:4b:95:be:3a:84:c6:e5:6c:29:79:
92:ae:7d:1e:c1:35:40:6d:bc:25:79:a3:1a:ac:01:57:68:01:
b7:f6:ab:7d:52:b1:40:5f:d7:5f:4e:d3:0b:c0:7d:1f:ab:54:
bd:2c:a3:75:16:0d:f9:73:d3:0e:d5:7a:be:fe:64:49:94:ee:
a3:85:8f:8b:13:94:d4:94:85:ff:89:2b:f1:58:7a:3d:ae:90:
75:3e:97:a5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUII6Ld5ehEWxhBHS5UIJk/H12gEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4YzE0ZWM0MWIxODE0MDAwMmNlMjI2ZWUyM2ZiOWRhOGEwMThmNDg1OGJk
ZWNmY2RlYmRlM2VjZjE4YTQzZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKI7YbiD31q9j8Z+d2CIVcanUZb3A9XP93sbYnOgYxC3xmfpEnc7HNeO/wKN
s6a0IJR/Ts8dnObujmKeNNXykWhryJl/3DcP4h6tW2+k706BF92eO94vYlRQSXNK
vxNjG5cbz9TxcKTSz2cv1F49XJKOD+vgGtUQ3HbneIY9+XHq98G+aAYaKdVHyJbL
JFQYY8hbqk3EGd2JfUo23HBr9k/K38qfryeYW2RzGt9TXIvQrrY+Wo5Q0PxNKL9c
UK86ZImuMNElK7fLiKCNFg+soe351BslUjowqCmmhtpJTV41jF5lDP9GU/k2h5hQ
gaxwHfvUgC6nWgvi3a3Otb/Wfp8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS4pISm
PGMFv54hjyBSBjtW3gvSczAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjUwMDZhODAtNDYxZC00ZmExLTllZTctMGM2ZWE1ZmJiNzdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEAwA/Qoky4jEYiEn/YYr7d9d+Vjc1hPpbhXYgpOm2C
xAodt3HS0uayMUNsd8NhtZ9IvA4RNbieuMgPxqg1y4QBPdu8t1FQWY2RKpKWiTWp
YhGsuAvkPNDYDgAugWu5tEIfY+xXwhbYzi23HMowc4iJaRNBzcF/+umcF3ZqmeLY
1ERZtgXpS5EsAvieWpvEAOl1zAgRCjFljQu7yZC5z+HXiI1q7qHKmW9o9GtLlb46
hMblbCl5kq59HsE1QG28JXmjGqwBV2gBt/arfVKxQF/XX07TC8B9H6tUvSyjdRYN
+XPTDtV6vv5kSZTuo4WPixOU1JSF/4kr8Vh6Pa6QdT6XpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:42 2025 by rpki-client