Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
File: 7121a047-d001-4dca-a807-79f5c57d8a70.roa (raw, json)
Hash identifier: 9cv8t0qJnaoMcmByjqOpftgYqhDXFspjDFgmR2D4aKw=
Subject key identifier: F3:3A:8E:96:46:7B:75:60:2A:19:A0:16:74:D7:5B:EE:E8:E9:C4:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1007A8057EB932F18473B3308AE99A44CF2C243B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:07:a8:05:7e:b9:32:f1:84:73:b3:30:8a:e9:9a:44:cf:2c:24:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:88:bd:4f:28:cd:48:1b:73:21:d2:b0:9a:
55:b9:43:14:f3:e2:d2:f0:f6:01:c0:4f:88:ec:d0:
d3:16:83:d8:c1:b3:20:6b:bc:cb:13:a1:3b:2f:64:
62:3f:f1:83:60:c7:5d:84:f9:2b:ac:a2:c4:84:a2:
d8:6a:3f:8e:9c:f8:e3:0d:e3:f7:9c:7b:4b:81:8e:
73:ab:1f:ad:23:04:7f:f4:f0:98:8a:6a:30:39:6b:
22:f9:b1:5f:b8:f5:18:b4:c4:d9:0b:17:f2:83:66:
4f:bf:12:f6:4d:5e:2f:4f:7b:fa:fd:fc:9d:7b:f2:
65:e6:7e:27:d8:91:af:8f:49:1c:22:ed:8e:36:f1:
7c:1f:1b:18:97:3a:3f:54:8a:c2:7c:ac:85:40:49:
96:e3:24:e4:a0:c0:62:8f:03:9f:69:50:a5:69:0b:
6b:69:5e:06:35:7c:cd:f1:e1:22:63:36:5c:0d:59:
26:9d:25:53:b3:6c:df:c3:4c:48:30:5c:d7:bf:ac:
e0:93:b9:b8:09:a0:49:e2:67:63:1e:46:78:f1:74:
71:30:b4:c7:c1:59:b8:84:46:09:c1:af:e3:c0:b3:
ce:ad:d6:4f:c7:9e:0f:cb:eb:33:86:ba:7e:7c:bb:
00:33:d3:0a:da:85:5a:dc:49:ed:b3:e5:70:39:66:
9b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3A:8E:96:46:7B:75:60:2A:19:A0:16:74:D7:5B:EE:E8:E9:C4:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:a1:40:37:9e:a1:99:a6:9f:ef:a5:6b:12:1a:ad:5f:81:55:
81:f2:2d:d7:ea:dc:aa:9e:5c:9c:49:55:70:b5:06:4b:99:d0:
5f:65:85:68:40:05:c1:aa:8d:01:76:34:26:61:18:7c:d6:f7:
4b:3a:8e:c8:0e:c6:e0:8b:68:00:f9:ec:d9:87:87:d4:e6:8b:
33:ec:bb:fd:5f:2b:03:74:46:a2:75:08:0b:1a:54:ba:0a:44:
a2:05:f5:c5:1b:77:84:81:ff:2b:4d:9d:94:58:c3:6a:24:b4:
59:8b:26:65:11:c5:81:da:84:ae:db:42:29:6b:b7:aa:0d:b1:
0d:93:c1:43:d2:fb:f3:e2:44:d3:82:ad:48:64:79:ab:55:a0:
95:b3:2a:3c:b4:2b:8c:fa:47:43:69:55:9f:ab:4b:d1:f2:d5:
09:44:99:8a:ff:05:c2:db:2b:c7:59:d1:d4:7a:37:91:fb:da:
92:80:a9:d3:eb:35:df:c4:71:11:b4:7b:a3:a8:1f:ef:f8:ca:
02:ea:9d:bf:0c:f7:1d:e3:11:3c:38:f0:83:ed:68:b0:00:ed:
30:11:c0:f9:cf:92:f6:1e:15:f9:27:b7:57:5d:b1:bd:7f:bc:
bc:e4:c7:cc:85:4e:a6:32:52:5c:20:e6:cb:1e:72:f2:86:4b:
2c:f2:ca:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEAeoBX65MvGEc7MwiumaRM8sJDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NTNhNWY4OTU4ZWFiYmRkYjY3ZTE3Yzk2YjZhMjUyZTYxM2IzY2NjNDUx
N2VjZjdmZTY1OTY4NjU2M2ZiYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwdiL1PKM1IG3Mh0rCaVblDFPPi0vD2AcBPiOzQ0xaD2MGzIGu8yxOhOy9k
Yj/xg2DHXYT5K6yixISi2Go/jpz44w3j95x7S4GOc6sfrSMEf/TwmIpqMDlrIvmx
X7j1GLTE2QsX8oNmT78S9k1eL097+v38nXvyZeZ+J9iRr49JHCLtjjbxfB8bGJc6
P1SKwnyshUBJluMk5KDAYo8Dn2lQpWkLa2leBjV8zfHhImM2XA1ZJp0lU7Ns38NM
SDBc17+s4JO5uAmgSeJnYx5GePF0cTC0x8FZuIRGCcGv48Czzq3WT8eeD8vrM4a6
fny7ADPTCtqFWtxJ7bPlcDlmmyUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTzOo6W
Rnt1YCoZoBZ011vu6OnEiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzEyMWEwNDctZDAwMS00ZGNhLWE4MDctNzlmNWM1N2Q4YTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQCWoUA3nqGZpp/vpWsSGq1fgVWB8i3X6tyqnlycSVVw
tQZLmdBfZYVoQAXBqo0BdjQmYRh81vdLOo7IDsbgi2gA+ezZh4fU5osz7Lv9XysD
dEaidQgLGlS6CkSiBfXFG3eEgf8rTZ2UWMNqJLRZiyZlEcWB2oSu20Ipa7eqDbEN
k8FD0vvz4kTTgq1IZHmrVaCVsyo8tCuM+kdDaVWfq0vR8tUJRJmK/wXC2yvHWdHU
ejeR+9qSgKnT6zXfxHERtHujqB/v+MoC6p2/DPcd4xE8OPCD7WiwAO0wEcD5z5L2
HhX5J7dXXbG9f7y85MfMhU6mMlJcIObLHnLyhkss8soG
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:19:36 2025 by rpki-client